[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: starting point for application
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: starting point for application |
|
Date: |
Fri, 06 Nov 2020 18:37:57 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new e6f64b2 starting point for application
new b030cbe Merge branch 'master' of git+ssh://git.taler.net/anastasis
e6f64b2 is described below
commit e6f64b2d0d3c242d8ff0f3e4e702f8cfdbfebb21
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Nov 6 18:37:50 2020 +0100
starting point for application
---
doc/ihf/abstract.txt | 0
doc/ihf/budget.txt | 13 +++++++++++++
doc/ihf/challenges.txt | 0
doc/ihf/compare.txt | 40 ++++++++++++++++++++++++++++++++++++++++
doc/ihf/ecosystem.txt | 34 ++++++++++++++++++++++++++++++++++
doc/ihf/people.txt | 22 ++++++++++++++++++++++
6 files changed, 109 insertions(+)
diff --git a/doc/ihf/abstract.txt b/doc/ihf/abstract.txt
new file mode 100644
index 0000000..e69de29
diff --git a/doc/ihf/budget.txt b/doc/ihf/budget.txt
new file mode 100644
index 0000000..a1d3435
--- /dev/null
+++ b/doc/ihf/budget.txt
@@ -0,0 +1,13 @@
+E-mail authentication backend : 5000 EUR (1 PM)
+SMS authentication backend : 5000 EUR (1 PM)
+Video-Identification authentication backend: 5000 EUR (1 PM)
+Server deployment in Cloud with monitoring : 10000 EUR (2 PM)
+Graphical user interface (standalone) : 5000 EUR (1 PM)
+Client-side cryptography in TypeScript : 5000 EUR (1 PM)
+Reducer-Style API in TypeScript : 10000 EUR (2 PM)
+Documentation and reporting : 2500 EUR
+======================================================
+ 47500 EUR
+
+Developers will be expected to BYOD, hence no cost for hardware. The
+team will coordinate online.
diff --git a/doc/ihf/challenges.txt b/doc/ihf/challenges.txt
new file mode 100644
index 0000000..e69de29
diff --git a/doc/ihf/compare.txt b/doc/ihf/compare.txt
new file mode 100644
index 0000000..95894b9
--- /dev/null
+++ b/doc/ihf/compare.txt
@@ -0,0 +1,40 @@
+There are a few key recovery solutions on the market today. Some
+examples of existing key recovery solutions and their problems shall
+be introduced in the following.
+
+Coinbase is a global digital asset exchange company which provides a
+venue to buy and sell crypto currencies. Coinbase uses wallets secured
+with private keys. To recover this private key the user must provide a
+12-word recovery phrase. Coinbase now offers a “solution” to securely
+deposit this recovery phrase onto the users Google Drive. The security
+here lies within the Google Account and the password used to encrypt
+the security phrase. The problem here is that this approach undermines
+confidentiality: It simply exchanges a hard to guess 12-word
+passphrase with a shorter and easier to guess Google password.
+
+Vault12 is a service using Shamir Secret Sharing provided by the
+Vault-Tec Corporation. Shamir Secret Sharing is a so called „Social
+Recovery“ method. It allows to split all kind of data, (pictures,
+passphrases, cryptographic keys) into shares and distribute them to
+trusted entities, called „Guardians“ in Vault12. To recover the data a
+subset of the chosen Guardians is asked to release their share. The
+released shares are used to reconstruct the data again. Vault12 is
+available for iOS, Android, Windows and MacOS. Unfortunately it is not
+Free Software and therefore lacks transparency.
+
+MI-DATA is a Swiss platform for e-health data. They also use Shamir
+secret splitting to distribute recovery information among a fixed set
+of staff members. However, during key recovery their system
+administrator can have full access to the private health data, voiding
+all the safety assurances key-splitting is supposed to achieve.
+
+Connect.me is a closed source digital identity wallet. The recovery of
+the used key and the wallet works similar to Coinbase: An encrypted
+backup of the user data is stored on the cloud, which can be
+downloaded and decrypted using a recovery phrase. The software offers
+no solution how the user keeps this phrase. The user is therefore
+responsible for storing it correctly.
+
+uPort is an opensource digital identity wallet based on
+Etherium. uPort also works with the 12-word-recovery phrase and also
+does not offer a solution for the user to securely store the phrase.
diff --git a/doc/ihf/ecosystem.txt b/doc/ihf/ecosystem.txt
new file mode 100644
index 0000000..a02305f
--- /dev/null
+++ b/doc/ihf/ecosystem.txt
@@ -0,0 +1,34 @@
+We have letters of support or firm integration commitments from
+various teams, several of which are already involved with NGI:
+
+* The GNU Taler team has committed to integrating Taler into
+ their wallet application to enable backups for their
+ payment solution. They have been funded under NGI Zero.
+ GNU Taler needs a TypeScript reducer API for this.
+
+* Fraunhofer AISEC is interested in using Anastasis for key
+ backup for the Re:claimID identity management solution.
+ They have been funded under NGI POINTER (DISSENS).
+ Re:claimID will need a C-style API for this, which exists.
+
+* NymTech is interested in using Anastasis for their cryptocurrency
+ wallet. Like our team, they were awarded a grant under NGI LEDGER,
+ which was subsequently withdrawn by LEDGER due to process errors in
+ LEDGER. We hope they survive this and we can plan on integration
+ in the future.
+
+* MI-Data is a platform for storing personal medical data for
+ research. The data is encrypted and users must release their
+ data for particular experiments. MI-DATA is interested in
+ Anastasis to simplify their password recovery procedure for users.
+
+* pEp foundation has created an e-mail protocol and implementation
+ using opportunistic encryption. They have also committed to
+ integrating Anastasis with their product.
+
+We expect to engage with additional application developers to drive
+adoption once the reducer API is stable and available in TypeScript
+and C.
+
+Finally, we are in discussions with the GNU project and hope to become
+an official GNU package as soon as the code is in reasonable shape.
diff --git a/doc/ihf/people.txt b/doc/ihf/people.txt
new file mode 100644
index 0000000..ead957f
--- /dev/null
+++ b/doc/ihf/people.txt
@@ -0,0 +1,22 @@
+Dennis Neufeld recently completed his Bachelor's degree in IT Security
+at the Bern University of Applied Sciences (BFH). The design and
+implementation of Anastasis was the topic of their bachelor thesis.
+During the thesis they could successfully develop a proof of concept
+of the software. Dennis is responsible for the integration of
+Anastasis into other products.
+
+
+Vaishnavi Mohan is a software engineer with a master's in distributed
+software systems. She specializes in the development and secure
+deployment of applications on public clouds. She will be responsible
+for the cloud deployment and the integration of the authentication
+backends with existing cloud services.
+
+Berna Alp is an economist by trade. She is currently council member at
+the pretty Easy privacy (pEp) foundation, a board member at
+ISOC Switzerland and she owns a consulting business specialized in IT
+transformation and ERP projects. She has worked as project
+coordinator on World Bank projects, as Senior FI/CO Consultant at
+Andersen Consulting in New York City and as SAP FI/CO & JVA team lead
+at a multi-national steel company implementing SAP in 28 companies and
+17 countries. She is responsible for general management in the team.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: starting point for application,
gnunet <=