trust frameworks for mobile sentient...

Trust Frameworks for MobileSentient Devices

October 7, 2013

Dr. John H ClippingerMIT Media Lab - [email protected]

[email protected]©John Henry Clippinger

1Monday, October 7, 13

mailto:[email protected]




strange new data ecology is in the making


internet device immersion

• sensors

• controllers

• new infrastructure

• new data commons

• bots


Data define a new sphere of life

Data are not about but for:

• seeing - recognizing - doing

• influencing - learning - improving

• controlling - feedback -correction

We are inside looking out - not outside looking in

Data are like water - essential nutrient of Digital Ecosystem

Observers and actors are now digital devices


PEOPLE TAKING CONTROL OVER PERSONAL DATA

• QUANTIFIED SELF : Wanting to control one’s personal data for health, financial, educational, recreational, social, and purchasing

• MARKETING : Consumer is point for aggregation to deliver 360O services

• GOVERNMENT SERVICES: Open Data and My Data services for education, health, and energy,

5


A. DIGITIZATION PERSONAL - CHEAP - NETWORKED - AWARE - UBIQUITOUS

• OPEN MOBILE PLATFORM - 2009 $300 for unlocked Android - Touch Screen - WiFi- GPS - 2013 Same Phone <$35.00 -

• INTERNET OF THINGS - sensors - actuators - seeing - hearing - sensing with attached analytics - Smart - networked homes and cities - driverless cars - autonomous drones - NFC - RFID - Smart Dust - Billions and Billions

• PERSONAL DATA STORES- Cloud Services to give people control over the sharing of their data - 30 startups

• MOBILE PHONE - as personal sensor collector

INFINITE AND SPONTANEOUS SUPPY OF DATA AS THE MEDIUM OF THE NEW ECOSYSTEM

6


BIG DATA ANALYTICS

• NO SAMPLING - real time calculation of actual distributions - no “average customers” - only real behaving customers

• ACCURATE PERSONAL PREDICTION Identify on actual identities (biological) and attributes - income, gender, preferences

• 5-10 X CONVERSION RATES of offers to purchases- no longer push advertising or lead generation - but pull market making

• MACHINE LEARNING- gets better and better - smarter & smarter - “lives off of and grows in predictive powers with data

EASIER TO KNOW YOUR CUSTOMER WITH ACCESSIBLE HIGHLY PREDICTIVE - ROBUST DATA - REDUCE RISK INCREASE TRUST

7


ENGAGE 3.48 BILLION CONSUMERS IN EMERGING MARKETS

Using mobile airt ime incentives, Jana enables brands to connect directly with consumers in emerging markets via their mobile phones.


traditional solutions to identity, authority and control over access privileges

Hindu Caste System

Medieval Chain of Being

Patriarchal Lineages


artifacts of identities - access -

Text


Ooops what we thinking - we forgot the authentication layer!


Devices like PeopleNeed to be:

• authenticated

• verified,

• permitted

• governed

Some devices will become autonomous bots - that learn, explore, access, control, create


GLOBAL REGULATORY CHANGES

• user control over personal data

• consumer data bill of rights

• mobility of data

• privacy by design

• transparency and accountability

• self-determination

Personal Data:The Emergence of a New Asset Class


Regulatory Problem with Data as Third Party Observations

•Do not collect = do not see

•Opt out = digital pariah

•Notification and consent = denial of service attack

•Do not track = do not know-learn

•Do not share = digital ghetto

Harms and Duties come with the use of the specific use of the data and chain of custody


the next generation of “phones”

sentient devices - “spy phone” vs. “my phone”

55

It sees you and your “friends”, listens to you, monitors your

health, movements, interactions, activities, and

tirelesslylearns to know you better -

for yourself and others:

Google NowGoogle Glasses

Moto XPrimeSense

Qualcomm Chips


data + Machine Learning define the new device interface

• predictive & adaptive

• learns and adjusts interface

• Personal Data Cloud and Machine Learning


login-password- authentication - certificates - permissions =

digital red tape hellMickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento”


Social Stack

16#

2.#Distributed#Id#Management#–#Defining#&#Gran9ng##&#Managing#Access##

1.#Secure#Core#Iden9ty#–#Personas#–#Personal#Data#Stores#&#PlaBorms#

3.#OptFin#Trusted#VPN#–#Permissions#Engines#–#APIs#–#Trust#Wrappers#–Trusted#Compute#Frameworks##

4.#“Baked#In”#Open#Services:#Payment#–#Currency#–#Reputa9on#F#

#5.#User#Driven#Trusted#Apps:#(“Among#Friends”#–#Shared#QS#DataF#Social#Commerce#–#Data#Banking#


(OMS)

The OMS Trustworthy Compute Framework (TCF) implements a social stack for an individual - group - device -

•Federated, single-sign on for a user's devices and clients via OpenID Connect

•Enables Personal Data Store ( Cloud) and APIs for collecting and sharing data

•User, persona, group, and identity management

•Data access control and sharing

•On-demand compute resources for data analysis and real-time feedback

•Infrastructure deployment at scale


Trusted Compute Cell

Each TCC cell is composed of several virtual resource applications

•OpenID Connect Server

•(sub)Network of compute resources

•Deployment of Web Application(s) and hosting environments

•Personal Data Store


Trusted Application Bundle Enables Formation of Interoperable Trusted Application

Networks

TAB for GroupC2C - B2C

TAB for Portals (Private Trusted Network of Trusted

Networks)B2B

P-TCC

OIDC

PDS

APP(UICOMPUTE REGISTRY


Trusted Compute Framework

22


This%work%is%licensed%under%a%Crea2ve%Commons%A6ribu2on8ShareAlike%3.0%%Unported%License:%h6p://crea2vecommons.org/licenses/by8sa/3.0/deed.en_US%

Rule%of%Law%Engine%Access%Policy%Reasoning%Pa6erns%

Fire%All%Matching%Policy%Rules%

Request%for%%Personal%Data%Access%

Allow/Deny%Request%Responses%(One%response%per%matching%rule%within%the%policy)%

Mul2ple%%Allow/Deny%%Request%Responses% Retract%Lower%Priority%Response%

More%than%one%response?%

Yes$

No$

Determine%Policy%

Priori2es%

Release%the%lone%surviving%Allow/Deny%Response%for%the%policy,%triggering%data%access%and%audit%logging%

External%Input/Output%

Within%Rule%of%Law%Engine%

Determine%Jurisdic2on%

Loca2on%Update%Ac2ve%Jurisdic2on%

Retract%Prior%Jurisdic2on%Assert%Ac2ve%Jurisdic2on%

Jurisdic2on%Change?%

Yes$

No$

5%



COPPA%8%Parental%Consent%Example%

“Our%Club”%–%safe%social%networking%for%children%online%and%at%theme%parks%

Approve% Un8enroll%End%permissions%on:% 4/30/2014%

12%

Your%consent%for%Lisa,%age%11,%to%be%enrolled%in%“Our%Club”%%and%for%Disney%Corp.%to%access%Lisa’s%personal%data:%

Cancel%

First&NameLast&Name

Home&AddressEmail&Address

Phone&NumberGeolocation

PhotosVideosAudio

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices

ServicesServices



Rule%of%Law%Engine%8%Key%Results%

•  Can%express%complex%data%protec2on8sharing%policies%and%permissions%as%executable,%enforceable,%and%auditable%computer%code%

•  Can%readily%express%data%protec2on8sharing%%facts,%rules,%and%priori2es%for%different%par2es,%condi2ons%and%jurisdic2ons%

•  Enable%deployment%of%Trust%Wrappers/Manifests%to%encapsulate%arbitrary%levels%of%complexity%simply%and%completely%

•  Provide%provable%methods%for%“interoperability”%of%data%protec2on8sharing%across%jurisdic2ons%and%dynamic%contexts%

•  COPPA%policy%can%be%seamlessly%triggered%and%integrated%with%OMS%Trust%Framework%personal%data%access%management%

16%


Governance & Regulation By API

6 areas for API regulatory definition for Personal Data

APIs for governance - download from Regulatory Body Portal Trusted Compute Cells (TCCs) express and enforces “meta-regulatory principles” - “Safe Harbor Principles

Automated Reporting to RB Portal to Independent Auditor through periodic monitoring, log analysis, and failure/performance detection

Correct Failures/Upgrade Performance through design

Predetermined Dispute Resolution - reduce litigation expense and delays and uncertainty

USE CASE: LOCATION - TIME - PEOPLE DATA

Data Group

collectioncriteria

1

FailureLoggings

correction5

Sanctionsdispute

resolutioncriteria

6

Permitteduse and

computationcriteria

2

AccessControl

permissions3

Logging auditing criteria &metrics

4

Downloadable Regulatory Module for Personal Data (RMPD)


Mobile & Sensor Based Identity Authentication

• Reduce enrollment - authentication coordination costs by containing authentication within device

• Individual movement - interaction “digital signatures” combined with behavior-metrics, biometrics and social data provide rigorous and real time authentication for global transactions

• User & independent algorithm as “identity provider”


Digital Asset Exchanges

• Move towards digital - crypto-currencies - BitCoin - Ripple - Ven - Mobile Minutes - Rewards

• Personal Data Accounts as stores of value - digital assets - backing exchanges in “personal data assets” of high value personal data for digital currencies

• Dynamic digital asset exchanges for aggregating, valuing, and trading digital assets - to make markets

• New digital technologies for Know Your Customer (KYC) and Anti-Money Laundering (AML)

• Global Mobile Platforms of exchange


Keep It Simple

29


thank youquestions ?

www.idcubed.org


http://www.idcubed.org

http://www.idcubed.org

Flexible - Organic AuthorizationTOFU ( Trust On First Use)

©2012 The MITRE Corporation

Whitelist Trusted partners, business contracts,

customer organizations, trust frameworks

Graylist User-based trust decisions

Follow TOFU model, keep logs

Blacklist Very bad sites we don’t want to deal with, ever

Org

aniz

atio

ns

deci

de th

ese End-users

decide these

60


Mobile'Territorial'Lab'

•  Understand)the)needs)and)the)behavior)of)users.)

•  Star3ng)community:)young)families)with)newborns))

•  Short)term)outcomes:)1.  Developing) and) tes3ng) a' new'

model'of'DATA'OWNERSHIP)

2.  Understanding) the) dynamics' of'people’s'needs'

)3.  U n d e r s t a n d i n g) p e o p l e ’ s'

interacBons' in) the) generated)social)networks)

)

)

A)joint)project)between:))


Field Trials Mobile Territorial Lab:

34


Prospective Use Case: MIT as Trusted Compute Framework

• Provide Personal Data Store and platforms to all MIT alumni, faculty and students for MIT curated services.

• MIT acts as trusted party for setting up and protecting personal-MIT data. Enable MIT VPNs for MIT students - faculty-alumni for sharing academic data and setting up trusted networks.

• Enables MIT to delivery state of art learning services and analytics, simplify sharing career and educational data, leverage MIT experiences and networks.

• Enable MIT to be innovator in Social Stack technologies, services, and practices.


3

Reality Analysis Mobile Health Prototype

On app startup, a Mobile Health Triangle summary graph is shown. Tapping an axis shows recent values for that dimension – let’s look at Activity.

Detailed view of Activity shows activity levels by hour for the last week. Swipe all the way to the right to reach the audit log.

Select start/end dates, then enter script & requester values to filter out the entries that are shown.


ACCELERATED SOFTWARE DEVELOPMENTTHROUGH OPEN PLATFORMS

• OPEN SOURCE PLATFORMS: - Hadoop - Open Stack - Salt - Fabric - Django -Puppet - All leverage one another - Model Based Development - DRY (Do Not Repeat Yourself)

• OPENID CONNECT OAuth2 - open source platform for federating identity and permissions through access control rules

• TOFU (Trust on First Use) - Dynamic Registration - Gray lists - organic authentication - based upon growing data and metrics - many flavors of trust

• BETTER EXPERIENCE - no passwords - permission based sharing with member websites and apps

37


Data Ecology

• Immersed in data - new “sphere”

•Data are like water not oil - it sustains life and needs to circulate and to be pure

•Data are the essential nutrients to the life of any digital ecosystem

•Cut off the data - contaminate the data and the data ecosystem dies.


becomes invisible to the user


Trusted Compute Cell


40


41


trust frameworks for mobile sentient...

Documents