[MyData & Open Data] This man thinks big data and privacy can co-exist, and here's his plan

• Previous message: [MyData & Open Data] This man thinks big data and privacy can co-exist, and here's his plan
• Next message: [MyData & Open Data] This man thinks big data and privacy can co-exist, and here's his plan
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks Sam; thanks for the ref Andy. Stef: re your concerns: in broad
design terms when an individual uses Mydex to create a personal data store
they create their own key, and they alone hold it. So initially the
individual encrypts the data with a passphrase only they know.
Since Mydex itself does not hold they key this protects against the insider
threat or superinjunction. It does mean the user is stuck if they lose
their key and has to start again. The architecture will support an
escalation of access control (eg adding a voice biometric).

In terms of jurisdiction Mydex is a Community Interest Company registered
in Scotland. Data is currently hosted in the UK.


William



On 28 August 2013 22:11, Sam Smith <s at msmith.net> wrote:

> I think William Heath who runs Mydex is on this list, and will introduce
> you to the right people there.
>
> I trust that they've got it right from various discussions with them.
>
>
> Regards
> Sam
>
> On 28 Aug 2013, at 22:05, stef <s at ctrlc.hu> wrote:
>
> > howdy,
> >
> > On Wed, Aug 28, 2013 at 08:28:37PM +0100, Andy Turner wrote:
> >> Some personal data can be stored very securely in a Mydex Personal Data
> Store (http://mydex.org/understand-pds/).
> >
> > i dabble in crypto and security, and after browsing the site i have not
> been
> > convinced, do you know about any technical descriptions on what crypto
> > protocols they deploy and how? there's a lot of handwaving and promising
> going
> > on, but without the background, i'd say it's not very well defended
> against
> > insiders, super-injunctions and other anti-terrorism data-grabs. there's
> some
> > research on this based on zero knowledge protocols, and chaumian and
> brandsian
> > zero knowledge proofs, in the eu fp7 framework there's a project that is
> quite
> > well equipped with all the necessary patents in the field (ibm +
> microsoft).
> > so it's not impossible to do, but not very mature, and if you're in the
> wrong
> > jurisdiction you might run into patent troubles.
> >
> > --
> > pgp: https://www.ctrlc.hu/~stef/stef.gpg
> > pgp fp: FD52 DABD 5224 7F9C 63C6  3C12 FC97 D29F CA05 57EF
> > otr fp: https://www.ctrlc.hu/~stef/otr.txt
> >
> > _______________________________________________
> > MyData-Open-Data mailing list
> > MyData-Open-Data at lists.okfn.org
> > http://lists.okfn.org/mailman/listinfo/mydata-open-data
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/mydata-open-data/attachments/20130828/f92d2cea/attachment-0001.html>

• Previous message: [MyData & Open Data] This man thinks big data and privacy can co-exist, and here's his plan
• Next message: [MyData & Open Data] This man thinks big data and privacy can co-exist, and here's his plan
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]