FreeTrust Decentralized Identity - freedom of trust

Call for FreeTrust NSTIC Pilot trust networking development partners and potential pilot groups

 WikiWorld (Map)Wed, 11 Mar 2015 10:01:04 -0700 last edited: Wed, 11 Mar 2015 10:55:22 -0700  
Currently identity trust is delegated from an authority from the top down. User Managed Authorization (UMA) is beginning to change that for the individual but there is a lack of a mechanism for developing personal trust networks which may be found to be trustworthy at a higher level.

We are seeking public funding for bottom up evolution of a trustworthy federated identity ecosystem where the rules of  organizations and users participating are all obeyed for there to be any authorization of a transaction thereby eliminating the necessity for anyone to trust any specific entities.

The project funding would start on or after Sept 1.  We are asking for developer resources to help build it and pilot groups that have application for it.  

Is anyone working in a related area?  We are not stuck on our particular approach at this point.  We do not want to reinvent anything that exists.

At this stage we only need a promise to participate in a particular role if funded.  But time is short, we need commitments in less than a week.

The goal is establishing trust P2P creating trust circles which become trust networks for groups or organizations.

Trust would include:
1. I trust (or not) the ID provider (IdP) you trust most (yourself perhaps) to be the identity provider about yourself that I trust
2. I trust (or not) you will not divulge any of my personal information according to my rules (extended OpenUMA)
3. I trust who you trust except where I have made a choice to trust or not.

While not necessary for this project provision for trusts like "I trust you to deliver what you promise" should be considered for future projects.

The handling of independent trusts for different persona and roles of an individual is also being considered.  These may correspond to channels in RedMatrix with which trusts would be associated with rather than individuals.  Persona for organization also needs to be considered.

A network of FreeTrust ForgeRock IdPs with Open UMA would interoperate with distributed FreeTrust RedMatrix servers.  Trust updates would make ForgeRock API calls to update user and system managed rules in a private and secure manner. There would be hooks in RedMatrix to access and update UMA rules for a trust relationships (rules) for aspects and individuals.

Let us know what you may be interested in offering.


#identity #redmatrix #privacy #integrity #trust #anonymity