Difference between revisions of "ORCA whitepaper"
From PublicWiki
(New page: == Whitepaper == === Background === ==== RFID overview ==== ==== ORCA background ==== ==== ERG group ==== === Stakeholders / Concerns === * Why do we care? * Anonymity == Legal consi...) |
(→Technical) |
||
Line 20: | Line 20: | ||
* Who's writing the encryption code? | * Who's writing the encryption code? | ||
* Access control? | * Access control? | ||
+ | * Who makes cards? | ||
== Regulatory == | == Regulatory == |
Revision as of 23:52, 16 April 2007
Contents
Whitepaper
Background
RFID overview
ORCA background
ERG group
Stakeholders / Concerns
- Why do we care?
- Anonymity
Legal considerations
Technical
- What's encrypted? When? How? Where?
- Who owns the keys?
- Who's writing the encryption code?
- Access control?
- Who makes cards?
Regulatory
- Audit trails (DC)
- Anonymity in warehousing?
- Data retention
- Rights to access? Across orgs?
- Is information that is passed between parties anonymized/aggregated?
Questions
- Has ERG group had any kind of compromises?
Action Items
- contact MIT people (Yaw)
- repurpose best practices from RFID clinic