D4.2 TAS3 Specification of secure data repositories and authoritative sources v1.2 open for public review

June 2009 version (v1.2) of deliverable D4.2 (TAS3 Specification of secure data repositories and authoritative sources) is open to public comments, feedback and review !

All feedback welcome !

You could download it and publish comment from here:

http://www.tas3.eu/project/publications/download

Executive Summary

 This document describes the security mechanisms that are needed to control access to data repositories. Data repositories (or repositories for short) are web based resources that hold data in a secure and privacy preserving manner. They provide web services interfaces that allow the data to be input, updated, retrieved and deleted.

Repositories will hold data of varying sensitivity levels. They may store publicly readable data, or they may store very sensitive data such as medical records. The data may be accessed by the data owner, the data subject, or by third parties. In particular this document describes how data subjects can delegate their access rights to third parties, regardless of whether those third parties are already known to the data repository or not.

The TAS

3 project is primarily concerned with data that is personal, so called personal identifying information (PII). PII can generically be thought of as the attributes of a person, such as their age, name, address, qualifications, medical details etc. This deliverable introduces the concept of an authoritative source (or authentic source – the terms are synonymous) which is the trusted source of a particular data item (or personal attribute). It is preferable that relying parties who wish to access the PII assets of subjects, obtain them from their authoritative sources rather than from “any old” data repository. In this context, it is preferable that personal information from a set of different authoritative sources can be merged together to form a composite data object, without actually copying the data from its authoritative sources to a third party repository. This document describes how such composite objects can be built and secured by using “proof of ownership” references to the authoritative sources. The use of references honours the principle of data collection minimization. It also alleviates the integrity problems associated with data duplication and the existence of multiple distributed copies (replicas and/or caches).3 architecture and the recommended service oriented protocols.

Appendix 1 of this document presents a set of use cases for using secure repositories and indicates the steps involved when a user: first registers with a repository, creates a PII asset in a repository (including the sticky policy to go with it), delegates access rights to a third party, and deletes her account and PII asset from the repository. It also shows the step involved when a third party accesses the repository to either read or append information to the PII asset, and follows the proof of ownership references to retrieved embedded PII assets.

Finally this deliverable shows how secure repositories can be mapped onto the TAS