Hello David.

On 13 June 2013 03:06, David Alexander <david@mydex.org> wrote:
Good points all but there is also the concepts of shared rights access and control in the same sense that we can co curate and subscribe to feeds from devices

Identity of a device for addressing subscribing is but one part the meta data about ownership of device is something that may change overtime and be shared e.g joint ownership of a device shared responsibility and accountability, federated or delegated functional responsibility for aspects of its capability think remote control think levels of access and admin

So, what you're saying here is that the type of things "out there" multiplies and differentiates exponentially over time. Indeed, I think everyone would agree with you; I certainly do.

However, have you considered how these things are used? Have you considered how the use of these things is regulated (currently in an unsystematic way) through the behaviour and preference of the individual; a preference that often depends upon considerations of individual characteristics and group membership which are unrelated to the function of a particular device?

My Clique Space concept takes care of both "device functionality" and "individual identity and group membership" characteristics through two discrete but interlocking mechanisms: Enabling Constraints and Limiting Constraints respectively. A Limiting Constraint is a value which is applied to an Enabling Constraint parameter which specifies some functional unit of a device.
 

These challenges apply to individuals things and personal data so lets try and cross fertilise

I'm not sure that Clique Space offers a direct solution to personal data rights issues; the theory of PKI (and the ethical and moral behaviour of individuals) seems to me to fill in many gaps which are unreachable to Clique Space in relation to data and IP.

At the very least, I believe that provided a device will cooperate with a Clique Space to which it is connected, Clique Space will reliably tell an individual when a device on which data is stored is being accessed. It will disclose the identity (Identity) of the individual who accessed this device, and you, as the possessor of the device, would indeed be able to control which individuals are able to access the data held within based on Limiting Constraint affinity.

Devices siphon state information to Clique Spaces to which they are connected. These Clique Spaces (I only think one Clique Space per device is attractive, but I'm only one individual) cross-reference the changes in activity of the storage device and the activity of some access device possessed by the individual desiring access. The access device might or might not be connected to a Clique Space.

If 1: the access device is also connected to a Clique Space, and 2: if the access device is possessed by some Identity other than the one to which the storage device is connected, and 3: the individual possessing the access device desires that an Identity be disclosed to the individual to which the storage device is associated, then Clique Space can compare characteristics in the given Identities of both individuals, correlating the intentions disclosed in the two Identities by comparing applicable Limiting Constraints. If sufficient Limiting Constraint affinity is found, a Clique (most probably in this case, a Clique comprising of the minimum two Participants) can form, and access to the data is permitted.

That's the very short description of how Clique Space would work in the scenario where one individual accesses a data storage device possessed by another. Although still largely untested, I believe all of the process I have just described can be modelled and mediated using the concept of Cliques, and by extension, the simple data model I have developed in my Clique Space concept.
 

Mydex has built an open platform for identity and personal data services QS and IoT are implicitly involved in our world. It features a RESTful api, identity services with multi protocol support we are ISO270001 certified company

We are a platform an OIX listed Trust Framework and one of the UK appointed identity providers

From this short description, I gather that there may be a fit between my Clique Space concept and your Mydex product. I realise that we may both have our own proprietary interests, so I'd welcome an off list conversation if you want to explore the possibility of exploring this fit further.


Our service is free to individuals open to any organisation or developer to connect so please feel free to experiment our sandbox is free to all

Keep it coming
David
CEO Co-founder and Mydex Platform Architect
Http://mydex.org

Sent from my mobile
Please forgive typos!
0771 747 3661

On 12 Jun 2013, at 16:17, j stollman <stollman.j@gmail.com> wrote:

All,

While I am not certain that I agree with Owen's particular spin, he does raise a good point that affects privacy -- a point that we failed to address in the FTC response:  ownership of and delegation of authority for the devices that comprise IoT.  

For example, if my electricity provide places a meter in my home, who owns it?  My assumption is that the provider owns the device and I must agree to its installation in my home as a condition of obtaining electricity.  But then, who is responsible for programming it to reduce my power when demand is high?  If it is the electricity distributor, what say do I have in this decision?  If it is me, how does the "owner" delegate authority to me to program my usage?  What if I want to provide my own meter (in the same way that I may provide my own router for my internet service or use one from my ISP), do I have that right?  After all, it is going in my home.  But the electricity distributor may be concerned that I will modify the reporting from the meter in order to mask my real use and pay a lower bill.

From a privacy perspective, I consider ownership and delegation of authority to be the two big issues of IoT -- quite separate form the security concerns about access control.

Thank you.

Jeff


On Wed, Jun 12, 2013 at 8:22 AM, Owen Thomas <owen.paul.thomas@gmail.com> wrote:
Hello Joni (and the Kantara commnity).

Ummm... I'm not from the US (I'm Australian), and my thoughts on "the internet of things" have thus far not curried much resonance with people in general. Also, my concepts have still to yield anything demonstrable. Hence, I'm reluctant to contribute directly to conferences and other requests for input. But I will write this message.

I'd like to perhaps suggest that the term "things" be replaced with "individuals". I believe an internet of individuals is the ultimate destination for the internet as it evolves to be a medium through which individual presence is not only projected, but is also manifest. In an internet of individuals, every component (every "thing" or "device") is used by, and indeed, is used to manifest individual presence. In this vision, every router, switch, node and any other well defined contraption of any type that can exchange state (a device) with any other device will be directed by and accountable to the intentions of individual wills that compose them.

This vision requires a system that projects individual presence in such devices. I believe that my Clique Space concept is such a system. As far as I am aware, Clique Space is the only concept that has any chance of turning this internet of things into its ultimate expression as an internet of individuals,

Development continues, and I hope one day soon(ish) to be able to demonstrate that the Clique Space basic infrastructure (Agent Devices which collaborate to exchange information about other devices operating through other media) works. I would love some help in getting my proof-of-concept done quicker, so I post this letter here as an attempt to garner interest.

I'd welcome anyone's comment.

  Owen.



On 12 June 2013 18:24, Joni Brennan <joni@ieee-isto.org> wrote:

Dear Kantara Community,

Recently Kantara Initiative Trustees, Members and Participants provided their international and industry expertise to develop a brief response to a call for input by the US Federal Trade Commission (FTC) [1] regarding privacy and security implications of the Internet of Things (IoT). 

Pervasive implementation the IoT, and access control of associated data, will have significant implications with regard to Identity Management use cases and beyond. Kantara Initiative intends to address these implications through its network of experts and programs. 

The full response can be read on our Kantara blog [2].  We thank our stakeholders for their excellent input and we're looking forward to a workshop focusing on IoT that is being planned by FTC for the fall 2013. 

Please feel free to share the response with interested parties. We are very interested to hear feedback that can be shared on this list or via our contact form [3]. 

Joni Brennan
Executive Director
Kantara Initiative
 
[2] http://kantarainitiative.org/privacy-and-security-iot/

_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community




--
Employment-from-home. Make mine part-time. Yes you can.
Software developers certainly can be salaried and superannuated part-time from home. Make it so for this one.
Clique Space(TM): A seat for the soul.
www.owenpaulthomas.blogspot.com

_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community




--
Jeff Stollman
stollman.j@gmail.com
1 202.683.8699

Truth never triumphs — its opponents just die out.
Science advances one funeral at a time.
                                    Max Planck
_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community



--
Employment-from-home. Make mine part-time. Yes you can.
Software developers certainly can be salaried and superannuated part-time from home. Make it so for this one.
Clique Space(TM): A seat for the soul.
www.owenpaulthomas.blogspot.com