Established in 2007 and housed under MIT Connection Science since 2015, the MIT Internet Trust Consortium originally evolved from Kerberos, a part of MIT's famous Project Athena. MIT was an early pioneer in cryptography and computer security, creating Kerberos to solve the problem of distributed authentication, and a trail-blazer in open-source software, releasing the project under the then-revolutionary MIT License.
Building on this world-class reputation, the MIT Internet Trust Consortium uses its expertise and knowledge-base to develop new technological building blocks that underlie the emerging personal data ecosystem. These blocks can be combined to address issues like identity management & authentication, authorization & consent management, data security, data mining & privacy-preservation, and digital death & meaningful archiving.
In the same way that the 25 year history of MIT Kerberos has profoundly influenced the way individuals perform authentication in their daily life, we seek to develop new solutions whose positive impact can last beyond the next generation of users of the Internet.
Unequal access to data and resources is one of the biggest problems facing the Internet. Data about individuals are collected on large scales and mined for information, while individuals are often unable to access their own personal data, let alone information about the organizations monitoring them. Organizations who wish to share data responsibly are faced with numerous security and privacy problems.
Paradoxically, this trend is matched by the increasing desire of individuals to share personal data in social networks, and for organizations to share information about their members and network participants.
Equity of access to data and resources on the Internet is core to the survival of the US and World economies going into the 21st Century. Voluntary sharing of data by individuals is becoming an economic imperative that must be addressed by technological tools that respect human rights.
Individuals want control over their personal data, and transparency regarding how their data is shared with third parties. Organizations seek to expand their reach by cross-organizational sharing of de-identified data.
The complexity of the personal data ecosystem is further nuanced by evolving regulatory developments that impact personal data in varying degrees. The US Consumer Privacy Bill of Rights introduces several important aspects into the ecosystem, such as individual control, transparency, consumer right of access and accountability. Similarly, in the European Union the EU Data Protection Directive protects individuals with regard to the processing and free movement of their personal data. The recent National Strategy for Trusted Identities in Cyberspace points to several principals that are fundamental to establishing a trustworthy identity ecosystem which can scale globally.
These regulations cannot be upheld without technologies capable of addressing their mandates.
The emergence of peer-to-peer networks consisting of distributed nodes has pointed to the potential future for decentralized computing and decision-making. The recent digital currencies (e.g. Bitcoin) has shown the various promises of Blockchain infrastructures when coupled with correct incentives and the internalization of costs.
Enigma is a platform for privacy-preserving multiparty computation using Blockchain. It's a decentralized P2P network in which nodes store and operate on data in an encrypted state.
When data-owners store data-sets, Enigma encrypts them into shares and sends those shares to nodes around the network for storage. To access the data, Enigma queries a subset of the nodes, which perform local privacy-preserving computations. They report the results to the querier and record their proof-of-work to the Blockchain, where anyone can verify the transaction and payment.
ChainAnchor is a tool which allows users to retain anonymity within a permissioned blockchain. The ChainAnchor architecture adds an identity and privacy-preserving layer above the blockchain. An anonymous identity verification step allows anyone to read and verify transactions from the blockchain but only anonymous verified identities can have transactions processed.
The use of tamper-resistant hardware provides a significant increase in security, not only for identity-related information but also for the protection of keys used by Bitcoin wallet applications.
OpenPDS is a platform for personal data interchange across multiple data-repositories, allowing users to manage disparate accounts through a uniform interface. More importantly, OpenPDS filters responses to queries through a Safe Answers engine, provider the data-owner a tunable degree of privacy-preservation.
OpenPDS 2.0 builds on OpenPDS 1.0 by adding features, such as a simple multiparty computation capability, simplified "smart contracts" and integration into the OpenID-Connect server for authentication and authorization.