Difference between revisions of "Trust Label"
(→THEWS) |
|||
Line 94: | Line 94: | ||
==='''THEWS'''=== | ==='''THEWS'''=== | ||
+ | *[http://gforge.hl7.org/gf/download/docmanfileversion/9171/14182/Privacy-Related%20Context%20Information%20for%20Ubiquitous%20Health.pdf Privacy-Related Context Information for Ubiquitous Health] | ||
+ | *[http://gforge.hl7.org/gf/download/docmanfileversion/9172/14183/Trust%20Information-Based%20Privacy%20Architecture%20for%20Ubiquitous%20Health.pdf Trust Information-Based Privacy ARchitecture for Ubiquitous Health] | ||
===Trust Label Harmonization Proposal=== | ===Trust Label Harmonization Proposal=== |
Revision as of 19:38, 25 May 2016
Contents
Trust Label Purpose
Trust codes are required to meet stakeholder use case for a discoverable and computable set of metadata to convey asserted trust attributes of an exchange partner.
Trust Library
Block Chaining
- bitcoin a peertopeer electonic cast system satoshi nakamoto
- Can Trust-Based Private Blockchains Be Trusted?
- What is Proof of Existence:
- What is proof of existence? Use our service to anonymously and securely store an online distributed proof of existence for any document. Your documents are NOT stored in our database or in the bitcoin blockchain, so you don't have to worry about your data being accessed by others.
- All we store is a cryptographic digest of the file, linked to the time in which you submitted the document. In this way, you can later certify that the data existed at that time. This is the first online service allowing you to publicly prove that you have certain information without revealing the data or yourself, with a decentralized certification based on the bitcoin network.
- The key advantages are anonymity, privacy, and getting a decentralized proof which can't be erased or modified by anyone (third parties or governments). Your document's existence is permanently validated by the blockchain even if this site is compromised or down, so you don't depend or need to trust any central authority. All previous data timestamping solutions lack this freedom.
Proof-of-work 'paradigm shift' Let us digress for a moment to a prior argument in order to elucidate the immense paradigm shift that proof-of-work delivers in the form of a trustless environment.
Many would argue that cheating by, or collusion amongst, regulated parties is an illegal act with associated and significant deterrent costs which are sufficient to enforce the rules.
As evidenced above, we know this line of reasoning to be faulty.
The reason for this is because when practicably employed, traditional deterrents generate both a non-deterministic and dynamic environment whereby deterrent costs inevitably become cost/benefit estimations – that is, zero cost for successful evasions versus more money due at some future point in time for unsuccessful cheating.
Contrary to the traditional deterrents approach, proof-of-work is entirely deterministic, whereby parties know the cost of cheating and collusion and must decide to pay this cost upfront.
If efficiency is greatest when the countermeasures are most expensive and immediate, then proof-of-work in the context of a distributed ledger and the trustless environment it helps to generate is a massive paradigm shift that is foundationally new and revolutionary.
It should be apparent by now that trust-based systems are merely unsecure and non-empirical software 'workarounds' (if you can even call them that) to the provision of a real security work-product, proof-of- work. In addition, it should be equally apparent that the arguments in support of workarounds to proof-of-work arise, not from a wisdom that it is prudent to build a distributed ledger without proof-of-work, but rather they arise solely from the historical inability to attain proof-of-work in an economical way.
It should also be obvious from the discussion that the proof-of-work protocol is factually the underlying key to unlocking the huge paradigm shift and efficiency of distributed-ledger blockchain technology – no traditional deterrents and countermeasures required – there really is no other viable alternative. Incorporating the proof-of-work protocol into private blockchain technology taps directly into the immense efficiency of the bitcoin blockchain paradigm shift. Without it, all you've built is an old-fashioned (and inefficient) distributed database.
Problem: No mechanism to track provenance of digital contracts exchanged between machines No method for verifying non-repudiation beyond digital e-signatures on contracts Weak method to sharing versions of contracts among negotiating parties Solution: Enhance CommonAccord architecture with hash-chains for tracking state of negotiated contracts Publish hash-chains to ledger (public or private) Provide mechanism for parties to access private repositories containing contracts Legal documents are mostly handled as text blobs, in a complex, semi-proprietary format. Authoring, reviewing, sharing, managing are all difficult. Establishing provenance is often impossible The impact is delay, cost, risk, fear, imbalance, and a systemic advantage for large actors Data Model and Version Tracking:
- Data model expresses contracts in modular parts
- GitHub model for change mgmt & version tracking
- Parties check-out contract into private repositories
Access control to contracts and metadata:
- UMA model for access control to private repositories
- Parties access repo, do changes, send Metadata
- Each change generates hash-points in doc hash-tree
Ledger system:
- Captures current state of contracts exchange/flow
- Hash of Metadata added to ledger
- Can use today’s Blockchain or future technology
- IBM Internet of things block chain
- Linux Foundation Unites Industry Leaders to Advance Blockchain Technology
- On Public and Private Blockchains - Ethereum Blog
- The Blockchain and the Rise of Networked Trust
DirectTrust
- DirectTrust HIT Coordinator David Kibbe Slides
- DirectTrust Overview
- DTAAP Accreditation 031314 final
Federal Trust Bundle
- FHA Directed Exchange Guidelines
- FHA Certificate Issuance Assurance in Direct White Paper
- FPKIPA Criteria Methodology for Cross-Certification with the U.S. Federal Bridge Cerification Authority FBCA
- FPKIPA PKI Attribute Paper
- FISMA slides
GTRI - IDESG
- GTRI Trustmark
- IDESG TFTM Brief
- TFTM-high-level-discussion
- IDESG_PPT_TFTM
- IDESG Trust Framework Baseline Functional Requirements - Final_07_17_2015
- TFTM_Conformance_Program
- IDESG_Conformance_Attestation_Program_v0.5
- TFTM_Self-Assement_Listing_Service_User_Guide_V.9_-_Final_Draft
- IDESG Self Assessment Listing Instructions
NATE
- NATE Directed Exchange slides
- ONC approved NATE PHR Pilot
- NATE Blue Button for Consumer Onboarding
- NATE Blue Button for Consumer [NBB4C 2014 FHA slides]
- NATE Blue Button for Consumer Policy
- NATE Blue Button for Consumer Procedures
===ONC===*ONC Governance Framework Trusted EHIE
THEWS
- Privacy-Related Context Information for Ubiquitous Health
- Trust Information-Based Privacy ARchitecture for Ubiquitous Health