[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Copyrighting schemas, Hailstorm
- From: "Bullard, Claude L (Len)" <clbullar@ingr.com>
- To: Dimitris Dimitriadis <dimitris.dimitriadis@improve.se>
- Date: Fri, 01 Jun 2001 13:12:17 -0500
The difficulty is authentication and what one can reason
as to facts based on it. There is no such thing as
identity: there is only identification.
The central dilemma is identification. My identity is
NOT clbullar@ingr.com or cbullard@hiwaay.net. These are two
strings that enable a system to locate machines to which
I have access and put something in part of memory of those
machines. I cannot control completely:
o What is put in that part of that machine
o Where the strings are used
o Who uses them
o What assertions are made based on the location
of those strings or any context of use
So reasoning about the presence of that string in any location
or context is wide open to certain kinds of abuse and the more
we automate that reasoning, the easier it is to abuse if not
more likely.
For example, have you ever found yourself subscribed
to a maillist that you did not subscribe to? Let's be
specific. Yahoogroups.com operates discussion groups that
depend on signing up and getting a password and ID based on your
email string. One would think that should stop one from being
signed up to DonkeysLovePigs discussion groups. Does it? No.
You can find yourself signed up to groups you have absolutely
no interest in, and have to unsubscribe yourself. Ok, but what happens
if the fact that a machine has recorded the fact that at one
point in time you email string was in that database and the
fact returned in good trustworthy RDF is
Dimitris Dimitriadis was-Member-of DonkeysLovePigs
and you live in a country where donkeys aren't allowed that
particular affection?
The system is too easy to game and because of that, protection
of personal identity is paramount. One cannot enable the
machine to reason based on the string unless one is very
careful to limit the kinds of assertions that can be made
and the consequences of those assertions. Machines don't
bear false witness; people do. If it comes down to a jury,
or even a judge, you need protection.
Public safety databases (your 911 systems, police databases, etc)
are rigorously designed to stop that sort of thing. Why? Because
the enemy of your police is not your criminals. Criminals are product.
The enemy is lawyers. The jurisprudence system goes to some
pain to err on the side of the accused and if it can be shown
in any way that a database can possibly be tampered with (remember
OJ), the case usually goes to the defendant. Lawyers do some
pretty bizarre things to show "possible" and the only way the
prosecutors can get their jobs done is to go to bizarre
lengths to make their case "airtight". But every venue, judge and
jury doesn't work the same way or see this the same way. To
some, "quacks like a duck" is all they need to know. Now,
do a little global traveling in which in every venue you visit,
pig loving donkeys get treated differently, but access to the
fact that your email address was in the DonkeyLovesPigs data base
is a global fact.
So before we even get to who owns the software, we have to be very
scrupulous about what the information can be used for, and when
machine-reasoning has to be questioned as to interpretation. And
the problem here is: We Don't Control That. At that point,
disconnecting looks like the safest option. Kiss the NewNew
Economy goodbye.
So who does control that? Today, anybody. As soon as you
sent the first piece of email, or signed up for the first
subscription, you said goodbye to the ability to control the
use of that string if not the right.
So something like Hailstorm has to happen. So now you have
the next problem of administration. If a someone can sign
you up to DonkeysLovePigs, how can you be sure someone can't
get your Hailstorm information and sign you up to something
even more incriminating? And that's a simple case. Identity
theft is big business.
My intuition is that companies who make the software for authentication
can't own the services as well. Imprudent. Yet even then,
depending on how used, these services require oversight to protect the
public
from abuse. That is the way public safety systems work and
in that one, we are mainly protecting the accused....
... and everyone with a driver's license, a gun permit, a pawnshop
ticket and so on. That's why those systems aren't on the web.
Len
http://www.mp3.com/LenBullard
Ekam sat.h, Vipraah bahudhaa vadanti.
Daamyata. Datta. Dayadhvam.h
-----Original Message-----
From: Dimitris Dimitriadis [mailto:dimitris.dimitriadis@improve.se]
I don't know, I just get a bit worried by someone wanting to own the channel
through which people interact with others (here I do not mean the connection
to the internet) as well as their means of asserting that they are who they
claim.