Re: Secure Data Hubs specification released from Kim Hamilton on 2019-07-02 (public-credentials@w3.org from July 2019)

From: Kim Hamilton <kimdhamilton@gmail.com>
Date: Mon, 1 Jul 2019 23:14:21 -0700
To: Daniel Buchner <daniel.buchner@microsoft.com>, Daniel Hardman <daniel.hardman@evernym.com>, Manu Sporny <msporny@digitalbazaar.com>
Cc: Credentials Community Group <public-credentials@w3.org>
Message-ID: <CAFmmOzfOMtFKjZjuQ1oSe5B_HswPpXxPNTL=gmqmH2mtfYJL6g@mail.gmail.com>

(+some  Daniels)

Thanks for initiating this Manu. I’m glad to hear this is intended to align
with other efforts, such as the agents/hubs unification work started at
IIW.

As a CCG work item (draft specification, I’m assuming) the scope would
likely be narrower than what’s being discussed in other groups, but if this
can be a solid basis for these efforts, it would be very interesting.

Therefore adding Daniels to the thread for discussion.

On Mon, Jul 1, 2019 at 9:11 PM Manu Sporny <msporny@digitalbazaar.com>
wrote:

> Hi all,
>
> For a number of years, a handful of us in the community have been
> grappling with the problem of personal data storage. How do we store
> application data, such as Verifiable Credentials, in a way that is
> controlled and administered by us, encrypted by default from parties
> that may not have our best interests in mind, and most importantly in a
> standards-compliant manner?
>
> There is similar work going on at Hyperledger Aries, DIF's Identity
> Hubs, at Solid/Inrupt, and elsewhere in the world. We tried to study
> each system and provide a fundamental low-level layer for answering the
> question above... we're calling the technology:
>
> Secure Data Hubs
>
> ... and here's the Abstract:
>
> We store a significant amount of sensitive data online such as
> personally identifying information, trade secrets, family pictures, and
> customer information. The data that we store should be encrypted in
> transit and at rest but is often not protected in an appropriate manner.
> This specification describes a privacy-respecting mechanism for storing,
> indexing, and retrieving encrypted data at a storage provider. It is
> often useful when an individual or organization wants to protect data in
> a way that the storage provider cannot view, analyze, aggregate, or
> resell the data. This approach also ensures that application data is
> portable and protected from storage provider data breaches.
>
> This is a very rough draft and we hope to incubate the work in the W3C
> CCG and eventually gain support for it across various communities and
> take it through the standardization process at W3C:
>
> https://msporny.github.io/data-hubs/
>
> If there is interest in collaborating on the specification, we'll
> contribute it to the W3C CCG and request that it become a formal work
> item in the group. For now, take a look at the spec and let us know what
> you think about it. Happy to answer any questions on this mailing list
> and on a future CCG call if the Chairs deem this a good topic to cover.
>
> -- manu
>
> --
> Manu Sporny (skype: msporny, twitter: manusporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: Veres One Decentralized Identifier Blockchain Launches
> https://tinyurl.com/veres-one-launches
>
>

Received on Tuesday, 2 July 2019 06:14:56 UTC