| how it works |
the end of "faith-based" security:
The trust network is enabled by a new category of internet infrastructure (the "trust broker") that enables a neutral network of consent management, authentication, identity verification, audit, policy enforcement and anonymous payment services.
This approach goes beyond just interoperability - it supports "syndicated services" which combine the collective intelligence and capabilities of any combination of services, people or applications connected to the network in satisfying any given request for information.
The trust broker uses novel zero-knowledge protocols and algorithms that make it possible to syndicate the knowledge of any combination of people, systems or services connected to the network into a collective intelligence as to identities, privileges, trust relationships, and policies.
This intelligence can be dynamically linked to privacy sensitive informations as it flows through the network, so that individual applications and organizations releasing privacy sensitive information do not have the burden of enforcing security and privacy policies and preferences.
Once connected to the resilient trust network, information can be routed, copied, and securely accessed via any email client, browser, fax machine, or application in any organization.
The trust network's syndicated security model supports a variety of capabilities that dramatically improves security and mitigates liability.
Supports on-demand multifactor authentication of anyone based upon publicly known coordinates (email, phone, fax, etc.) and standard infrastructure, enabling more convenient access and less administrative friction while avoiding risk of breach due to phishing or "data spills".
Eliminates single points of failure and increases convenience by "syndicating" the collective intelligence of many diverse and independent sources to authenticate individuals and verify their identities, credentials and trust relationships; and distributing responsibility for policy enforcement, audit, and governance.
Supports a patient-centric governance model where security and privacy practices are defined by neutral policy organizations, standards bodies, regulators, responsible stakeholders and individual stakeholders..
Enables independent consent management services, allowing individuals to specify their own policies for their personal information regardless of who accesses it and where it is stored.
Supports information-centric security and privacy policies which are linked to records based upon their contents (i.e. who the patient is, the sensitivity of the contents, and who created them) rather than the applications used to access them.
Supports independent audit services that track, monitor and certify compliance with security and privacy practices, and to detect and deter inappropriate behavior.
Supports zero-knowledge protocols and zero-knowledge indices so that trust service providers can't violate individual privacy even if they wanted to.
Supports "linked-in for trust" where individuals can form self-organizing trust and reputation networks with mutual verification of identity, relationships, trust and privileges.
Supports "trust-rank" algorithms that dramatically improve the robustness and convenience in authenticating and verifying individuals and their trust relationships.
Supports personalized security and privacy policies at very fine grain, down to individual users and single pieces of information, making consensus on policies and practices unnecessary.
This information-centric security model means there is no need to trust any given application or the organizations that own them. Instead, security and privacy can be driven by policy services specified by whoever "owns" the right to share information, and enforced by the network itself.
