OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xdi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xdi] Re: Projects to Propose for EU Horizon 2020 funding for XDI

Thank you Neil. What would be a next step for moving ahead with an application for Horizon 2020 and XDI ?

Markus



On Mon, Jul 7, 2014 at 2:34 PM, Neil McEvoy <neil.mcevoy@ifossfoundation.org> wrote:

Folks

Here is the 'Cloud Privacy By Design' scenario and document that I described, that is based on Ann Cavoukians program and includes the reference to XDI as part of that Big Data work etc.

http://canadacloud.net/roadmap/cloud-privacy-by-design/

Kind regards, Neil.


On Wed, Apr 2, 2014 at 10:39 AM, Dan Blum <dan@respectnetwork.net> wrote:
Hi Neil, and TC friends,
As the TC met Friday and was positively disposed to explore seeking EU Horizon 2020 funding for XDI work, and Respect Network Corporation and Neustar also seem positively so disposed, Markus and I were to think over the weekend on some possible projects. The following are some ideas that came to me yesterday.

That is: At the XDI TC, we're currently working on defining XDI Cryptographic Specifications, Security Mechanisms and Privacy Mechanisms. As we wrestle with complex questions of seralialization, canonicalization, etc. it occurs to me that early stage XDI will have two challenges it must overcome related to security.

1) Interoperability testing - the ability to prove that two or more different XDI implementations separately developing to the specs, can work together
2) Security evaluation - demonstrating through analysis and then testing that complex, distributed data structures created with XDI native access control and procted with XDI cryptography, are robust

What if, therefore, we were to propose that

1) Funding be allocated to create a second, independent XDI code base that can be interoperability tested with Project Danube and future XDI code bases? This would enable XDI interoperability to progress faster and with more certainty. The entity building the second code base could also release it to open source while commercializing consulting and support services. Additionally, this entity could potentially create a commercial interoperability testing service.

2) Funding be allocated for a formal security evaluation of XDI committee draft specifications. Early implementations or profiles of the specification could be evaluated or tested using specially-developed tools or leveraging existing ones such as the high level protocol specification language (HLPSL) and the Automated Validation of Internet Service Protocols and Application (AVISPA). The entity building any testing tools could also release them to open source while commercializing consulting and support services. Additionally, this entity could potentially create a commercial security testing service.

Best regards,
Dan



--
Neil McEvoy
VP Business Development
iFOSSF.org
Skype:neil.mcevoy1

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]