Re: Agency First

David:

Numerous people have brought up this particular risk, but it is is much
less likely than a casual analysis might suggest. I'm not saying it's
unlikely that there will be a black market or that people won't attempt
this; I'm saying that there are numerous safeguards that such a formulation
glosses over. "Everything is anonymous" is a simplification, for example;
if the credential contains a fuzzy biometric that matches 1 out of 1000
random people in the population, then it is not strongly identifying, but
the economic value of the credential has decreased by 3 orders of magnitude
because most potential buyers aren't compatible. Link-secret-based
credentials have the concept of device authorization, such that you can't
prove anything with the stolen credential on the black market because it's
not housed on a device that the legitimate owner authorized. Etc.

This is an extremely deep topic. We discussed it at the last IIW and have
since started informal discussions on a mailing list (
credential-fraud-study@googlegroups.com) and would love to have you join. This
doc
<https://docs.google.com/document/d/1yX2-wKPxKPUTGEyxIQKK_Z-azT2A_AykIfPEB1cW-d0/edit>
is
part of the current work items and may be interesting reading if the fraud
topic strikes your fancy. Hopefully we'll bring some thoughts back to the
VC community group soon to produce more formal output.

--Daniel

On Wed, Jul 3, 2019 at 6:51 AM Challener, David C. <
David.Challener@jhuapl.edu> wrote:

> Suppose Alice has a negative HIV rating, and looses control of the
> authority to her Agent (Without her knowledge of course – malware grabs
> hold of control at some point).  Now the Malware agent can sell on the
> black market access to a negative HIV rating. Since everything is
> anonymous, the recipient cannot tell that the HIV rating he gets is not
> linked to the partner he is anticipating dating.
>
>
>
> *From:* Adrian Gropper <agropper@healthurl.com>
> *Sent:* Tuesday, July 02, 2019 9:33 PM
> *To:* W3C Credentials Community Group <public-credentials@w3.org>; Daniel
> Buchner <Daniel.Buchner@microsoft.com>; Daniel Hardman <
> daniel.hardman@evernym.com>
> *Subject:* Agency First
>
>
>
> This is a fork of the Data Hubs / Aries / DIF Thread asking for a
> dedicated call in CCG to discuss whether agent endpoints should be
> specified _before_ data storage endpoints.
>
>
>
> Here's the use case and logic:
>
>    - Alice is on the dating scene and wants an anonymous HIV test.
>    - Anonymous HIV tests are good public health and often free from
>    government or non-profits.
>    - Alice has her choice of where to get the HIV test. Since cost is not
>    an issue, she will pick the one that is most private.
>    - Some of the HIV test labs will support Alice's pairwise pseudonymous
>    DID. She picks that one.
>    - Alice can pick the dating service too. Other things being equal, she
>    will pick the one that is most privacy-preserving.
>    - Alice picks a dating service that supports pairwise pseudonymous
>    DIDs.
>    - Alice does not have a personal data store or a credential wallet.
>    - Alice's test result is available directly from the lab that does the
>    test to anyone with a suitable access token. The format of the result is
>    irrelevant as long as the recipient can understand the difference between
>    Positive and Negative and a Date.
>    - Alice operates an agent that decides semi-autonomously whether Bob
>    should see her test result. The agent could be proprietary to the dating
>    service or self-sovereign to Alice. However it's implemented, the agent
>    must issue a token that the lab will accept to Bob
>    - Although Alice has separate DIDs with the lab and the dating
>    service, she could be correlated if the two DIDs point to the same agent.
>    This is a concern that would need to be mitigated for an agent or a h.ub or
>    a personal data store as endpoint in her DIDs.
>    - From Alice’s agent, Bob's client gets a pointer to the lab and the
>    DID that Alice used at the lab.
>    - Bob's client comes to the lab bearing Alice’s DID. The lab points
>    Bob’s client back to Alice’s agent to get an access token.
>    - If Bob is evil and leaks Alice’s lab and lab DID to Carol, then
>    Carol’s client will likely not be able to get an access token from Alice’s
>    agent so Alice’s HIV status will remain confidential.
>    - If Bob is evil and leaks Alice’s HIV status, it will not be direct
>    from the lab and could have been forged by Bob.
>
> This use-case is important because:
>
>    - It gives Alice market power to choose privacy-preserving service
>    providers (lab, dating service). This will drive adoption. Any service
>    provider can decide to accept a DID regardless of any other service
>    provider as long as the DID resolves to Alice's agent.
>    - Alice does not have to trust the dating service or a personal data
>    store intermediary.
>    - Alice may not need a wallet or Holder at all because no VC is issued.
>    - The data model and protocol for presenting the test result is more
>    or less irrelevant. In practice, it is not totally irrelevant because most
>    labs and services are multi-purpose and the access token will have to be
>    scoped and that implies some data model schema shared between the service
>    provider and the agent.
>
> I'm calling this "Agency First" because:
>
>    - If Alice does choose to control a personal data store, then she can
>    choose a personal data store that respects her agent. Again, the market
>    power is in Alice's hands, or
>    - If Alice chooses to control a Holder then she needs to find a lab
>    that's willing to issue a VC and a Verifier that trusts the DID method, VP,
>    etc...
>
> Adrian
>
>
>

Received on Wednesday, 3 July 2019 13:15:48 UTC