Difference between revisions of "ORCA whitepaper"

From PublicWiki
Jump to: navigation, search
(New page: == Whitepaper == === Background === ==== RFID overview ==== ==== ORCA background ==== ==== ERG group ==== === Stakeholders / Concerns === * Why do we care? * Anonymity == Legal consi...)
 
(Technical)
Line 20: Line 20:
 
* Who's writing the encryption code?
 
* Who's writing the encryption code?
 
* Access control?
 
* Access control?
 +
* Who makes cards?
  
 
== Regulatory ==
 
== Regulatory ==

Revision as of 23:52, 16 April 2007

Whitepaper

Background

RFID overview

ORCA background

ERG group

Stakeholders / Concerns

  • Why do we care?
  • Anonymity

Legal considerations

Technical

  • What's encrypted? When? How? Where?
  • Who owns the keys?
  • Who's writing the encryption code?
  • Access control?
  • Who makes cards?

Regulatory

  • Audit trails (DC)
  • Anonymity in warehousing?
  • Data retention
  • Rights to access? Across orgs?
  • Is information that is passed between parties anonymized/aggregated?

Questions

  • Has ERG group had any kind of compromises?

Action Items

  • contact MIT people (Yaw)
  • repurpose best practices from RFID clinic