[OLPC Security] Periodic identity updates

Matt Anderson mra at malloc.org
Tue Feb 20 16:16:03 EST 2007


On Mon, Feb 19, 2007 at 08:32:34PM +0000, Karl O. Pinc wrote:
> On 02/18/2007 04:03:40 PM, Karl O. Pinc wrote:
> >On 02/18/2007 03:18:50 PM, Karl O. Pinc wrote:
> >> The concept is to annually update the child's identity;
> >> the identity established in Bitfrost section 4.
> 
> I think the right name for this would be P_PROVENANCE.
> 
> It's purpose is twofold.  First, as an anti-theft/sale measure it
> augments P_THEFT by making clearer the provenance
> of the XO should it be transferred, for whatever reason, from child
> to child without complete re-initization to
> first-boot state.  Being a separate policy it can be
> used even when P_THEFT is off.
> 
> Second, it allows the
> on-line image of the owner to develop in
> correspondence with the owner's self-image.
> Because the updated identity is authenticated
> using the original identity, the updated identity
> need not be in any centralized database and
> the user's privacy is protected.

To me this second point is the strongest.  As someone who has see just
how much children can change over the course of their development I
was concerned about how the spec did not cover taking a picture other
than at initialization time.  It is possible to look at an 8 year old
and see the resemblance to a picture of a 5 year old, but its a lot
easier if the picture is of them at 7.

I think you've covered a lot of cases in your proposal as well.  
Social ones such as held back, skipping grades, moving to a new school
district, and technical with the rate limiting to keep from exhausting
the flash.

-matt


More information about the Security mailing list