| the problem | | trust network | | personalizing health | what we do |
the crisis of trust
when proven security models are proven failures
Application-centric security models, whether centralized or federated, ultimately depend upon the administrative practices and infrastructure of individual organizations to authenticate and verify the identity of users, and to enforce security and privacy rules.
Each application embeds services to enroll and authenticate users, manage their roles and privileges, and to enforce and monitor access control. It relies upon a set of administrative practices to verify the identity of users, give them elecronic credentials, assign access control privileges, and monitor their activities for inappropriate behavior.
While this approach has become ubiquitous, it has a number of inherent problems that severely undermine the ability to deliver robust privacy protection:
Creates single points of failure for a wide variety of potential breaches - administrative lapses, technical glitches, security exploits by outsiders, fraud or inappropriate use by authorized users.
Concentrates the control, costs and liability for security and privacy in the organizations that control the applications. Thus, application owners may be unwilling to invest enough to enforce securitiy and privacy, may be unwilling to make information available due to liability concerns, or may exploit the lack of transparency by using personal information without consent.
Forces individuals (both users and the people whose data is stored) to trust applications and the organizations that control them, whether they want to or not. There is no way to monitor security and privacy that doesn't depend upon the trustworthiness of the application owners.
Exposes highly sensitive personal information and activities to the application administrators for users accessing information and for those whose personal information is stored.
Fragments identities, credentials and privileges across thousands of islands of applications and administrative practices, with no shared model of who people really are, how to authenticate them, what rights they have, and who trusts whom. This eliminates any possibility of individuals controlling their own trust profile, or to monitor what is done with their information.
The result is a fragmented world of failure-prone security - which in turn creates a crisis of trust. Users lack confidence that their security and privacy will be consistently protected when they share information or use applications. Applications and organizations are unwilling to share information because they lack common mechanisms to develop trust with each other and with their users.
