Re: [xdi] Re: Projects to Propose for EU Horizon 2020 funding for XDI

[Neil McEvoy <neil.mcevoy@ifossfoundation.org>]

Hi Markus

Basically i) synch up an R&D proposal between us first, based around this theme I have shared, 'Cloud Privacy By Design', and then ii) further synch up with other researchers based on the project funding opportunities there are. I have someone working on ii) right now, so we can compare this to what we think for i).

On this note pls check these out:

- I updated the C-PbD doc a fair bit, adding case studies like the Govt of Canada for their use of federated identity, via SecureKey. How would RN/ XDI relate to these 'heavyweight' players and their respective products?

see: http://cloudbestpractices.net/guides/cloud-privacy-by-design/

- iPayments: Identity-Enabled Digital Payments: I am zeroing in on key scenarios like Mobile Payments, with a goal of articulating the specific role of Identity, so 'iPayments', see:

http://tinyurl.com/ccn-ipayments

Again players like SecureKey are heavily involved in these sectors, and it spans across Retail, Banking and Government industry needs, so very fertile focus area.

Kind regards, Neil.

On Sat, Jul 12, 2014 at 1:51 AM, Markus Sabadello <markus.sabadello@xdi.org> wrote:

Thank you Neil. What would be a next step for moving ahead with an application for Horizon 2020 and XDI ?

Markus

On Mon, Jul 7, 2014 at 2:34 PM, Neil McEvoy <neil.mcevoy@ifossfoundation.org> wrote:

Folks

Here is the 'Cloud Privacy By Design' scenario and document that I described, that is based on Ann Cavoukians program and includes the reference to XDI as part of that Big Data work etc.

http://canadacloud.net/roadmap/cloud-privacy-by-design/

Kind regards, Neil.

On Wed, Apr 2, 2014 at 10:39 AM, Dan Blum <dan@respectnetwork.net> wrote:

Hi Neil, and TC friends,

As the TC met Friday and was positively disposed to explore seeking EU Horizon 2020 funding for XDI work, and Respect Network Corporation and Neustar also seem positively so disposed, Markus and I were to think over the weekend on some possible projects. The following are some ideas that came to me yesterday.

That is: At the XDI TC, we're currently working on defining XDI Cryptographic Specifications, Security Mechanisms and Privacy Mechanisms. As we wrestle with complex questions of seralialization, canonicalization, etc. it occurs to me that early stage XDI will have two challenges it must overcome related to security.

1) Interoperability testing - the ability to prove that two or more different XDI implementations separately developing to the specs, can work together

2) Security evaluation - demonstrating through analysis and then testing that complex, distributed data structures created with XDI native access control and procted with XDI cryptography, are robust

What if, therefore, we were to propose that

1) Funding be allocated to create a second, independent XDI code base that can be interoperability tested with Project Danube and future XDI code bases? This would enable XDI interoperability to progress faster and with more certainty. The entity building the second code base could also release it to open source while commercializing consulting and support services. Additionally, this entity could potentially create a commercial interoperability testing service.

2) Funding be allocated for a formal security evaluation of XDI committee draft specifications. Early implementations or profiles of the specification could be evaluated or tested using specially-developed tools or leveraging existing ones such as the high level protocol specification language (HLPSL) and the Automated Validation of Internet Service Protocols and Application (AVISPA). The entity building any testing tools could also release them to open source while commercializing consulting and support services. Additionally, this entity could potentially create a commercial security testing service.

Best regards,

Dan

--
Neil McEvoy
VP Business Development
iFOSSF.org
Skype:neil.mcevoy1

--
Neil McEvoy
VP Business Development
iFOSSF.org
Skype:neil.mcevoy1