Mission: "towards a public utility for human centric transparency and data control "
Summary
...
(Note to Reader) This specification is a work in progress and is being updated week of July 4th,
Scope
This specification is extends the ANCR Record Specification into a Controller Credential
...
and has 3 key objectives
- Addressing a Critical digital trust security flaw
...
- as identified in the ANCR Notice Record.
- digital security defaults for iDm systems (common baseline)
- Address Key Cyber Security and Data gov Liability Issues
- Who control’s, how much control,
- Who benefits, how they benefit
- Who’s in controls cred
- Adding x Fields
- Address Key Cyber Security and Data gov Liability Issues
- digital security defaults for iDm systems (common baseline)
- Update on ANCR Record to make a Controller credential that embeds all the required transparency / security data into notice, notification and disclosures
- Utilizes did’s and VC for controller credential identifier’s
- Adding identifiers - did field
- adding other fields types
- accountable person +
- Utilizes did’s and VC for controller credential identifier’s
- Scale International data gov framework for consent to extend ISO framework to the SSI /ToiP governance framework,
...
- mapping authoritative data governance roles
...
- Governance Framework Mapping
- Authoritative roles and semantics to the
- Governance Framework Mapping
...
- ToiP governance framework
...
- generic did based roles
- Use Cases
- Annex Assessment
- Assessing the transparency of an identifier / SSI implementation
- how many parties is the identifier shared with ?
- Assessing the transparency of an identifier / SSI implementation
- Annex Interop -Mapping
- Annex Assessment
DeCon for SSI:
- This document aims to bridge the ISO/IEC 29100 (formalized international security and privacy framework standard that is free) with ISO/IEC 27002 (formalized information security controls) to the trust over IP governance framework.
- The method is
- to specify the extension of notice records and consent receipts into micro-credentials with DiD's to generate electronic eNotice and eConsent receipts utilizing ToiP Governance Framework ecosystem.
- The controller credential is an extension of the Kantara Initiative, ANCR Notice Record specification, and apart of the eNotice record and eConsent receipt information structure used for the AuthC (authorization default) Protocol.
- to get access to the current draft - please join a work group call and request it.
...