Secure Data Hubs specification released from Manu Sporny on 2019-07-02 (public-credentials@w3.org from July 2019)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 2 Jul 2019 00:09:08 -0400
To: Credentials Community Group <public-credentials@w3.org>
Message-ID: <77f00b6b-a052-a20c-8bf1-032c4625c4a4@digitalbazaar.com>

Hi all,

For a number of years, a handful of us in the community have been
grappling with the problem of personal data storage. How do we store
application data, such as Verifiable Credentials, in a way that is
controlled and administered by us, encrypted by default from parties
that may not have our best interests in mind, and most importantly in a
standards-compliant manner?

There is similar work going on at Hyperledger Aries, DIF's Identity
Hubs, at Solid/Inrupt, and elsewhere in the world. We tried to study
each system and provide a fundamental low-level layer for answering the
question above... we're calling the technology:

Secure Data Hubs

... and here's the Abstract:

We store a significant amount of sensitive data online such as
personally identifying information, trade secrets, family pictures, and
customer information. The data that we store should be encrypted in
transit and at rest but is often not protected in an appropriate manner.
This specification describes a privacy-respecting mechanism for storing,
indexing, and retrieving encrypted data at a storage provider. It is
often useful when an individual or organization wants to protect data in
a way that the storage provider cannot view, analyze, aggregate, or
resell the data. This approach also ensures that application data is
portable and protected from storage provider data breaches.

This is a very rough draft and we hope to incubate the work in the W3C
CCG and eventually gain support for it across various communities and
take it through the standardization process at W3C:

https://msporny.github.io/data-hubs/

If there is interest in collaborating on the specification, we'll
contribute it to the W3C CCG and request that it become a formal work
item in the group. For now, take a look at the spec and let us know what
you think about it. Happy to answer any questions on this mailing list
and on a future CCG call if the Chairs deem this a good topic to cover.

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

Received on Tuesday, 2 July 2019 04:09:33 UTC