Notes from UMA legal subgroup telecon 2015-11-06
Fri Nov 6 8-9am PT Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540# Screen sharing: http://join.me/findthomas http://join.me/findthomas - NOTE: IGNORE the join.me http://join.me/ dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar http://kantarainitiative.org/confluence/display/uma/Calendar Goal: start building a general "legal stack" for UMA-specific elements Learn more of Andrew H’s use case details Examine the sociotechnical norms for potentially useful concepts AOB Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail. What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents? He’s trying to capture “reliance” relationships, and obligations/commitments. Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common. The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time. Once you have the abstract model, then you can identify your specific “users” and “operators”. So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply. Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play. Next steps: Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack". Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com
Regarding a term for Community of interest, how about "stakeholders"?
---------------------------------
Jeff Stollman
stollman.j@gmail.com
1 202.683.8699
Truth never triumphs — its opponents just die out.
Science advances one funeral at a time.
Max Planck
On Fri, Nov 6, 2015 at 12:09 PM, Eve Maler
- *Fri Nov 6* 8-9am PT - Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540# - Screen sharing: http://join.me/findthomas - *NOTE:* *IGNORE* the join.me dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) - UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar
- Goal: start building a general "legal stack" for UMA-specific elements - Learn more of Andrew H’s use case details - Examine the sociotechnical norms for potentially useful concepts - AOB
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal
Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.
What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?
He’s trying to capture “reliance” relationships, and obligations/commitments.
Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.
The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.
Once you have the abstract model, then you can identify your specific “users” and “operators”.
So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.
Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.
Next steps:
- Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. - After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".
Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
Aiighhh!!!!! Not Stakeholders!!!!
;-)
I know that they should have a stake in the situation, but it's such an
abused term...
Constituents, Group, MicroSociety, Participants, ...
*Andrew Hughes *CISM CISSP
Independent Consultant
*In Turn Information Management Consulting*
o +1 650.209.7542
m +1 250.888.9474
1249 Palmer Road,
Victoria, BC V8P 2H8
AndrewHughes3000@gmail.com
ca.linkedin.com/pub/andrew-hughes/a/58/682/
*Identity Management | IT Governance | Information Security *
On Fri, Nov 6, 2015 at 10:02 AM, j stollman
Regarding a term for Community of interest, how about "stakeholders"?
--------------------------------- Jeff Stollman stollman.j@gmail.com 1 202.683.8699
Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck
On Fri, Nov 6, 2015 at 12:09 PM, Eve Maler
wrote: - *Fri Nov 6* 8-9am PT - Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540# - Screen sharing: http://join.me/findthomas - *NOTE:* *IGNORE* the join.me dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) - UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar
- Goal: start building a general "legal stack" for UMA-specific elements - Learn more of Andrew H’s use case details - Examine the sociotechnical norms for potentially useful concepts - AOB
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal
Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.
What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?
He’s trying to capture “reliance” relationships, and obligations/commitments.
Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.
The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.
Once you have the abstract model, then you can identify your specific “users” and “operators”.
So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.
Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.
Next steps:
- Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. - After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".
Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
+1 Andrew; I use stakeholders in a very particular sense when I do business process improvement work, and I suspect others will have particular uses for the contexts from whence they came. Hence I agree that stakeholder should be off the table. We need something that is, to some extent, a self descriptive term for transient and/or permanent groups of entities that are created by their relationships to one another or through the relationships that they have with each other - if I understand what you were describing. I’m reminded more of a flock than a community, since the group can change and move based on the rules by which the particular flock was consituted. Simple flocking rules generate complex coordinated flocking behaviour - which is what I sense you’re trying to get at. One is tempted to refer to a murmuration https://youtu.be/DmO4Ellgmd0, but that might be too cute. Sincerely, John Wunderlich (@PrivacyCDN) http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Nov 6, 2015, at 1:14 PM, Andrew Hughes
wrote: Aiighhh!!!!! Not Stakeholders!!!!
;-)
I know that they should have a stake in the situation, but it's such an abused term... Constituents, Group, MicroSociety, Participants, ...
Andrew Hughes CISM CISSP Independent Consultant In Turn Information Management Consulting
o +1 650.209.7542 m +1 250.888.9474 1249 Palmer Road, Victoria, BC V8P 2H8 AndrewHughes3000@gmail.com mailto:AndrewHughes3000@gmail.com ca.linkedin.com/pub/andrew-hughes/a/58/682/ http://ca.linkedin.com/pub/andrew-hughes/a/58/682/ Identity Management | IT Governance | Information Security
On Fri, Nov 6, 2015 at 10:02 AM, j stollman
mailto:stollman.j@gmail.com> wrote: Regarding a term for Community of interest, how about "stakeholders"? --------------------------------- Jeff Stollman stollman.j@gmail.com mailto:stollman.j@gmail.com 1 202.683.8699 tel:1%20202.683.8699
Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck
On Fri, Nov 6, 2015 at 12:09 PM, Eve Maler
mailto:eve@xmlgrrl.com> wrote: Fri Nov 6 8-9am PT Voice: Skype: +99051000000481 or US +1-805-309-2350 tel:%2B1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540# Screen sharing: http://join.me/findthomas http://join.me/findthomas - NOTE: IGNORE the join.me http://join.me/ dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar http://kantarainitiative.org/confluence/display/uma/Calendar Goal: start building a general "legal stack" for UMA-specific elements Learn more of Andrew H’s use case details Examine the sociotechnical norms for potentially useful concepts AOB Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.
What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?
He’s trying to capture “reliance” relationships, and obligations/commitments.
Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.
The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.
Once you have the abstract model, then you can identify your specific “users” and “operators”.
So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.
Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.
Next steps:
Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".
Eve Maler | cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com mailto:xmlgrrl@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Lol
cadre? Mob? Loose affiliation? Neighborhood? Co-dependent socio-economic
trading association using consensus rules and shared paradigms?
On Fri, Nov 6, 2015 at 12:39 PM John Wunderlich
+1 Andrew;
I use stakeholders in a very particular sense when I do business process improvement work, and I suspect others will have particular uses for the contexts from whence they came. Hence I agree that stakeholder should be off the table.
We need something that is, to some extent, a self descriptive term for transient and/or permanent groups of entities that are created by their relationships to one another or through the relationships that they have with each other - if I understand what you were describing. I’m reminded more of a flock than a community, since the group can change and move based on the rules by which the particular flock was consituted. Simple flocking rules generate complex coordinated flocking behaviour - which is what I sense you’re trying to get at.
One is tempted to refer to a murmuration https://youtu.be/DmO4Ellgmd0, but that might be too cute.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Nov 6, 2015, at 1:14 PM, Andrew Hughes
wrote: Aiighhh!!!!! Not Stakeholders!!!!
;-)
I know that they should have a stake in the situation, but it's such an abused term... Constituents, Group, MicroSociety, Participants, ...
*Andrew Hughes *CISM CISSP Independent Consultant *In Turn Information Management Consulting*
o +1 650.209.7542 m +1 250.888.9474 1249 Palmer Road, Victoria, BC V8P 2H8 AndrewHughes3000@gmail.com ca.linkedin.com/pub/andrew-hughes/a/58/682/ *Identity Management | IT Governance | Information Security *
On Fri, Nov 6, 2015 at 10:02 AM, j stollman
wrote: Regarding a term for Community of interest, how about "stakeholders"?
--------------------------------- Jeff Stollman stollman.j@gmail.com 1 202.683.8699
Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck
On Fri, Nov 6, 2015 at 12:09 PM, Eve Maler
wrote: - *Fri Nov 6* 8-9am PT - Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540# - Screen sharing: http://join.me/findthomas - *NOTE:* *IGNORE* the join.me dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) - UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar
- Goal: start building a general "legal stack" for UMA-specific elements - Learn more of Andrew H’s use case details - Examine the sociotechnical norms for potentially useful concepts - AOB
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal
Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.
What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?
He’s trying to capture “reliance” relationships, and obligations/commitments.
Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.
The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.
Once you have the abstract model, then you can identify your specific “users” and “operators”.
So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.
Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.
Next steps:
- Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. - After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".
Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
-- *Andrew Hughes *CISM CISSP Independent Consultant *In Turn Information Management Consulting* o +1 650.209.7542 m +1 250.888.9474 1249 Palmer Road, Victoria, BC V8P 2H8 AndrewHughes3000@gmail.com ca.linkedin.com/pub/andrew-hughes/a/58/682/ *Identity Management | IT Governance | Information Security *
Hi Folks - Some alternatives to murmuration (which is great, by the way). Deleuze called it "a body without organs," but that is too ghoulish. "Holon" is too space-aged. "Lagrangian entropic gradients" is too wacky.
I didn't realize that "stakeholders" was a term of art, and I have used that too freely in the past
I have returned to using "community of interest," but with the qualifier that it is also time bounded to accommodate the notion of change through time.
Kind regards,
Scott
________________________________
From: wg-uma-bounces@kantarainitiative.org
I think what may apply is "Swarm"
(https://en.wikipedia.org/wiki/Swarm_intelligence )
I apply this to the attributes of a "Connector" and a "BridgeID", but it
appears it may apply here as well.
FYI, Tim
From: wg-uma-bounces@kantarainitiative.org
[mailto:wg-uma-bounces@kantarainitiative.org] On Behalf Of sldavid
Sent: Friday, November 06, 2015 7:17 PM
To: John Wunderlich; Andrew Hughes
Cc: wg-uma@kantarainitiative.org WG
Subject: Re: [WG-UMA] Notes from UMA legal subgroup telecon 2015-11-06
Hi Folks - Some alternatives to murmuration (which is great, by the way).
Deleuze called it "a body without organs," but that is too ghoulish.
"Holon" is too space-aged. "Lagrangian entropic gradients" is too wacky.
I didn't realize that "stakeholders" was a term of art, and I have used that
too freely in the past
I have returned to using "community of interest," but with the qualifier
that it is also time bounded to accommodate the notion of change through
time.
Kind regards,
Scott
_____
From: wg-uma-bounces@kantarainitiative.org
Hi all,
Sorry to have missed the last minutes of the meeting.
I appreciated Andrew's diagram and the categories of A, B and C, with C
being most lawyerly. There are lots of ways to do that.
I nearly did a demo that was purely A, B, C, but instead did a super short
consent that inherits from another consent, and has a format of who, what,
when. It draws on some of Mark's consentreceipt.org.
A first example lists all the parties. The second example is base on the
first example and changes only the Resource Owner. The third example uses
a conventional document, an NDA, to provide a point-to-point contract
frame. Of course this can be done (ultimately better) as a BLT framework.
http://www.commonaccord.org/index.php?action=list&file=Wx/org/consentreceipt/api/Variations/Form/
On Sat, Nov 7, 2015 at 4:32 AM, BridgeIDentity
I think what may apply is “Swarm” ( https://en.wikipedia.org/wiki/Swarm_intelligence )
I apply this to the attributes of a “Connector” and a “BridgeID”, but it appears it may apply here as well.
FYI, Tim
*From:* wg-uma-bounces@kantarainitiative.org [mailto: wg-uma-bounces@kantarainitiative.org] *On Behalf Of *sldavid *Sent:* Friday, November 06, 2015 7:17 PM *To:* John Wunderlich; Andrew Hughes *Cc:* wg-uma@kantarainitiative.org WG *Subject:* Re: [WG-UMA] Notes from UMA legal subgroup telecon 2015-11-06
Hi Folks - Some alternatives to murmuration (which is great, by the way). Deleuze called it "a body without organs," but that is too ghoulish. "Holon" is too space-aged. "Lagrangian entropic gradients" is too wacky.
I didn't realize that "stakeholders" was a term of art, and I have used that too freely in the past
I have returned to using "community of interest," but with the qualifier that it is also time bounded to accommodate the notion of change through time.
Kind regards,
Scott ------------------------------
*From:* wg-uma-bounces@kantarainitiative.org < wg-uma-bounces@kantarainitiative.org> on behalf of John Wunderlich < john@wunderlich.ca> *Sent:* Friday, November 6, 2015 12:39 PM *To:* Andrew Hughes *Cc:* wg-uma@kantarainitiative.org WG *Subject:* Re: [WG-UMA] Notes from UMA legal subgroup telecon 2015-11-06
+1 Andrew;
I use stakeholders in a very particular sense when I do business process improvement work, and I suspect others will have particular uses for the contexts from whence they came. Hence I agree that stakeholder should be off the table.
We need something that is, to some extent, a self descriptive term for transient and/or permanent groups of entities that are created by their relationships to one another or through the relationships that they have with each other - if I understand what you were describing. I’m reminded more of a flock than a community, since the group can change and move based on the rules by which the particular flock was consituted. Simple flocking rules generate complex coordinated flocking behaviour - which is what I sense you’re trying to get at.
One is tempted to refer to a murmuration https://youtu.be/DmO4Ellgmd0, but that might be too cute.
Unbelievable Starlings
A super amazing flock of starlings swoops low over the streets.
Read more... https://youtu.be/DmO4Ellgmd0
Sincerely, *John Wunderlich*
*(@PrivacyCDN)*
*Privacist & PbD Ambassador* http://privacybydesign.ca
On Nov 6, 2015, at 1:14 PM, Andrew Hughes <*andrewhughes3000@gmail.com*> wrote: http://privacybydesign.ca
Aiighhh!!!!! Not Stakeholders!!!! http://privacybydesign.ca
I know that they should have a stake in the situation, but it's such an abused term... http://privacybydesign.ca
Constituents, Group, MicroSociety, Participants, ... http://privacybydesign.ca
*Andrew Hughes CISM CISSP Independent ConsultantIn Turn Information Management Consulting http://privacybydesign.ca*
o +1 650.209.7542 m +1 250.888.9474 1249 Palmer Road, Victoria, BC V8P 2H8 *AndrewHughes3000@gmail.com* *ca.linkedin.com/pub/andrew-hughes/a/58/682/* *Identity Management | IT Governance | Information Security * http://privacybydesign.ca
On Fri, Nov 6, 2015 at 10:02 AM, j stollman <*stollman.j@gmail.com*> wrote: http://privacybydesign.ca
Regarding a term for Community of interest, how about "stakeholders"? http://privacybydesign.ca
--------------------------------- http://privacybydesign.ca
Jeff Stollman *stollman.j@gmail.com* *1 202.683.8699* http://privacybydesign.ca
Truth never triumphs — its opponents just die out. http://privacybydesign.ca
Science advances one funeral at a time. http://privacybydesign.ca
Max Planck http://privacybydesign.ca
On Fri, Nov 6, 2015 at 12:09 PM, Eve Maler <*eve@xmlgrrl.com*> wrote: http://privacybydesign.ca
*· Fri Nov 6 8-9am PT http://privacybydesign.ca*
· Voice: Skype: +99051000000481 or US *+1-805-309-2350* (international dial-in lines), room code 178-2540# http://privacybydesign.ca
· Screen sharing: *http://join.me/findthomas* - *NOTE:* *IGNORE* the *join.me* dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) http://privacybydesign.ca
· UMA calendar: *http://kantarainitiative.org/confluence/display/uma/Calendar* http://privacybydesign.ca
- Goal: start building a general "legal stack" for UMA-specific elements http://privacybydesign.ca - Learn more of Andrew H’s use case details http://privacybydesign.ca - Examine the sociotechnical norms for potentially useful concepts http://privacybydesign.ca - AOB http://privacybydesign.ca
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal http://privacybydesign.ca
Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail. http://privacybydesign.ca
What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents? http://privacybydesign.ca
He’s trying to capture “reliance” relationships, and obligations/commitments. http://privacybydesign.ca
Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common. http://privacybydesign.ca
The “*Open Identity Trust Framework Model*” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time. http://privacybydesign.ca
Once you have the abstract model, then you can identify your specific “users” and “operators”. http://privacybydesign.ca
So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply. http://privacybydesign.ca
Can we use the *sociotechnical norms language*? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play. http://privacybydesign.ca
Next steps: http://privacybydesign.ca
- Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. http://privacybydesign.ca - After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack". http://privacybydesign.ca
Eve Maler | cell *+1 425.345.6756* | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: *xmlgrrl@gmail.com* http://privacybydesign.ca
_______________________________________________ WG-UMA mailing list *WG-UMA@kantarainitiative.org* *http://kantarainitiative.org/mailman/listinfo/wg-uma* http://privacybydesign.ca
_______________________________________________ WG-UMA mailing list *WG-UMA@kantarainitiative.org* *http://kantarainitiative.org/mailman/listinfo/wg-uma* http://privacybydesign.ca
_______________________________________________ WG-UMA mailing list *WG-UMA@kantarainitiative.org* *http://kantarainitiative.org/mailman/listinfo/wg-uma* http://privacybydesign.ca
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. http://privacybydesign.ca
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
All,
Thank you for allowing me to join and follow. I will mostly observe, but
just in case I do comment, I wanted to introduce myself.
Brief Introduction: PhD Nursing Informatics Student - University of MN -
focus consumer data sharing preferences and consumer mediated health data
exchange. I am also a nurse, policy expert in health data
interoperability, previous state government employee for ONC activities &
health policy and consultant for health reform activities associated with
data sharing in the state of Minnesota.
https://www.linkedin.com/pub/lisa-moon/47/b7/1a6
Thanks,
Lisa Moon
Principal Consultant
Advocate Consulting LLC
(c) 952-913-7263
lisa.moon@advocate-consulting.com
On Fri, Nov 6, 2015 at 11:09 AM, Eve Maler
- *Fri Nov 6* 8-9am PT - Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines https://www.turbobridge.com/join.html), room code 178-2540# - Screen sharing: http://join.me/findthomas - *NOTE:* *IGNORE* the join.me dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line) - UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar
- Goal: start building a general "legal stack" for UMA-specific elements - Learn more of Andrew H’s use case details - Examine the sociotechnical norms for potentially useful concepts - AOB
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal
Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.
What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?
He’s trying to capture “reliance” relationships, and obligations/commitments.
Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.
The “Open Identity Trust Framework Model http://openidentityexchange.org/wp-content/uploads/the-open-identity-trust-f...” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.
Once you have the abstract model, then you can identify your specific “users” and “operators”.
So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.
Can we use the sociotechnical norms language http://www.csc.ncsu.edu/faculty/mpsingh/papers/mas/IJCAI-15-TIST.pdf? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.
Next steps:
- Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements. - After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".
Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
participants (8)
-
Andrew Hughes
-
BridgeIDentity
-
Eve Maler
-
j stollman
-
James Hazard
-
John Wunderlich
-
Lisa Moon
-
sldavid