EnThinnai Blog

There is a report that EU will be funding a research effort into Cloud Storage Technologies to the tune of $21.4 M. This project will be spearheaded by IBM’s research team in Haifa and it will take three years for the projet to complete.

The following paragraph in that story is my focus today: “The project will explore other advanced features for cloud storage, such as flexible but secure access control. For example, a company may want to distribute a video to participants of a conference, but they may not want to give access credentials to those people for its own network. The project will look into ways the video can be shared securely under those conditions while also being accessible by people through any device, Kolodner said.”

One of the upcoming features of EnThinnai is applicable for the described scenario. As was noted in a previous post, Notes in EnThinnai will have three parameters will be used to control access. The first is the standard “To” parameter identifying specific people that are allowed to access the content. This parameter will contain a list of OpenIDs of the individuals. The second parameter is “responsibility tag”. This will identify the authority resposible for issueing “responsibility”. The third parameter is “interest” tag where individuals declare their interest in material associted with a keyword.

The idea is when a company wants to distribute video to participants of a conference, they will create a “Note” and identify the conference organizer as the issuing authority and the name of the conference as the associated tag. When somebody tries to access this Note, the system will use OpenID procedure to authenticate the visitor and then use OpenID Attribute Exchange to query the conference organizer to confirm the visitor’s participation in the conference. Once this done, the system will allow access to the Note. Use of user-centri id like OpenID ensures that access is flexible and at the same time using an issuing authority to control acccess makes it secure.