[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Copyrighting schemas, Hailstorm

From: "Bullard, Claude L (Len)" <clbullar@ingr.com>
To: Dimitris Dimitriadis <dimitris.dimitriadis@improve.se>
Date: Fri, 01 Jun 2001 13:12:17 -0500

The difficulty is authentication and what one can reason 
as to facts based on it.   There is no such thing as 
identity:  there is only identification.

The central dilemma is identification.  My identity is 
NOT clbullar@ingr.com or cbullard@hiwaay.net.  These are two 
strings that enable a system to locate machines to which 
I have access and put something in part of memory of those 
machines.  I cannot control completely:

o  What is put in that part of that machine
o  Where the strings are used
o  Who uses them
o  What assertions are made based on the location 
   of those strings or any context of use

So reasoning about the presence of that string in any location 
or context is wide open to certain kinds of abuse and the more 
we automate that reasoning, the easier it is to abuse if not 
more likely.  

For example, have you ever found yourself subscribed 
to a maillist that you did not subscribe to?  Let's be 
specific.  Yahoogroups.com operates discussion groups that 
depend on signing up and getting a password and ID based on your 
email string.   One would think that should stop one from being 
signed up to DonkeysLovePigs discussion groups.  Does it?  No. 
You can find yourself signed up to groups you have absolutely 
no interest in, and have to unsubscribe yourself.  Ok, but what happens 
if the fact that a machine has recorded the fact that at one 
point in time you email string was in that database and the 
fact returned in good trustworthy RDF is

  Dimitris Dimitriadis was-Member-of DonkeysLovePigs

and you live in a country where donkeys aren't allowed that 
particular affection?

The system is too easy to game and because of that, protection 
of personal identity is paramount.  One cannot enable the 
machine to reason based on the string unless one is very 
careful to limit the kinds of assertions that can be made 
and the consequences of those assertions.  Machines don't 
bear false witness; people do.  If it comes down to a jury, 
or even a judge, you need protection.

Public safety databases (your 911 systems, police databases, etc) 
are rigorously designed to stop that sort of thing.  Why?  Because 
the enemy of your police is not your criminals.  Criminals are product. 
The enemy is lawyers.  The jurisprudence system goes to some 
pain to err on the side of the accused and if it can be shown 
in any way that a database can possibly be tampered with (remember 
OJ), the case usually goes to the defendant.  Lawyers do some 
pretty bizarre things to show "possible" and the only way the 
prosecutors can get their jobs done is to go to bizarre 
lengths to make their case "airtight".  But every venue, judge and 
jury doesn't work the same way or see this the same way.  To 
some, "quacks like a duck" is all they need to know.  Now, 
do a little global traveling in which in every venue you visit, 
pig loving donkeys get treated differently, but access to the 
fact that your email address was in the DonkeyLovesPigs data base 
is a global fact.

So before we even get to who owns the software, we have to be very 
scrupulous about what the information can be used for, and when 
machine-reasoning has to be questioned as to interpretation.  And 
the problem here is:  We Don't Control That.  At that point, 
disconnecting looks like the safest option.  Kiss the NewNew 
Economy goodbye.

So who does control that?  Today, anybody.  As soon as you 
sent the first piece of email, or signed up for the first 
subscription, you said goodbye to the ability to control the 
use of that string if not the right.

So something like Hailstorm has to happen.  So now you have 
the next problem of administration.  If a someone can sign 
you up to DonkeysLovePigs, how can you be sure someone can't 
get your Hailstorm information and sign you up to something 
even more incriminating?  And that's a simple case.  Identity 
theft is big business.

My intuition is that companies who make the software for authentication 
can't own the services as well.  Imprudent.  Yet even then,
depending on how used, these services require oversight to protect the
public 
from abuse.  That is the way public safety systems work and 
in that one, we are mainly protecting the accused....

... and everyone with a driver's license, a gun permit, a pawnshop 
ticket and so on.  That's why those systems aren't on the web.

Len 
http://www.mp3.com/LenBullard

Ekam sat.h, Vipraah bahudhaa vadanti.
Daamyata. Datta. Dayadhvam.h


-----Original Message-----
From: Dimitris Dimitriadis [mailto:dimitris.dimitriadis@improve.se]

I don't know, I just get a bit worried by someone wanting to own the channel
through which people interact with others (here I do not mean the connection
to the internet) as well as their means of asserting that they are who they
claim.

Prev by Date: ANN: enableNet Business Process Integrator V3.0 Freeware Edition(Repost)
Next by Date: RE: Help: XML Schema - any element with fixed type?
Previous by thread: RE: Copyrighting schemas, Hailstorm
Next by thread: SV: Copyrighting schemas, Hailstorm
Index(es):
- Date
- Thread