ORCA whitepaper

From PublicWiki
Revision as of 23:52, 16 April 2007 by Colin (talk | contribs) (Technical)

Jump to: navigation, search

Whitepaper

Background

RFID overview

ORCA background

ERG group

Stakeholders / Concerns

  • Why do we care?
  • Anonymity

Legal considerations

Technical

  • What's encrypted? When? How? Where?
  • Who owns the keys?
  • Who's writing the encryption code?
  • Access control?
  • Who makes cards?

Regulatory

  • Audit trails (DC)
  • Anonymity in warehousing?
  • Data retention
  • Rights to access? Across orgs?
  • Is information that is passed between parties anonymized/aggregated?

Questions

  • Has ERG group had any kind of compromises?

Action Items

  • contact MIT people (Yaw)
  • repurpose best practices from RFID clinic