Re: [Geopriv] Device vs. Target Terminology

Hi Martin, 

I am raising these issues because I received these questions with the
work on the RADIUS GEOPRIV document: http://www.ietf.org/rfc/rfc5580.txt
I tried to address them to some extend in Section 7.3. 

There I had the problem that identity information (NAI = Network Access
Identity) could be available during the initial network attachment.
Additionally, there is the question to what this NAI actually refers to
(i.e., NAIs can be assigned to machines, individual persons, or
subscriber accounts).  

I believe we care about privacy problems that arise when a device is
located and tracked and there is a relationship with a human (Target). 

I don't think that we have to do a lot in the document itself but point
out that there is some additional aspects protocol designers & others
need to think about. From a protocol point of view our work stops at the
Device but the security and privacy considerations need to talk about
the relationship between the device and a Target. 

Ciao
Hannes

PS: Figure 1 in
http://www.ietf.org/id/draft-ietf-geopriv-http-location-delivery-16.txt
quite nicely shows the Target and the Device as separate entities and it
even provides text around the relationship between the two. Reusing
something from there for the architecture document sounds useful to me.

                     +---------------------------------------------+
                     | Access Network Provider                     |
                     |                                             |
                     |   +--------------------------------------+  |
                     |   | Location Information Server          |  |
                     |   |                                      |  |
                     |   |                                      |  |
                     |   |                                      |  |
                     |   |                                      |  |
                     |   +------|-------------------------------+  |
                     +----------|----------------------------------+
                                |
                                |
                               HELD
                                |
     Rule Maker   - _     +-----------+         +-----------+
           o          - - | Device    |         | Location  |
          <U\             |           | - - - - | Recipient |
          / \       _ - - |           |   APP   |           |
         Target - -       +-----------+         +-----------+

                        Figure 1: Significant Roles

>-----Original Message-----
>From: ext Thomson, Martin [mailto:Martin.Thomson@andrew.com] 
>Sent: 15 September, 2009 09:36
>To: Tschofenig, Hannes (NSN - FI/Espoo); ext Alissa Cooper; GEOPRIV
>Subject: RE: [Geopriv] Device vs. Target Terminology
>
>How about:
>
> - We protect the privacy of a Target.
> - We locate a Device.
>
>Does this informal distinction work for you?
>
>Device and Target are frequently co-located.  Sometimes they 
>are the same thing (or close enough).  Therefore, just to be safe:
>
> - We protect the privacy of a Device.
>
>But we shouldn't ever actually _say_ that because it confuses 
>the issue.
>
>> -----Original Message-----
>> From: Tschofenig, Hannes (NSN - FI/Espoo) 
>> [mailto:hannes.tschofenig@nsn.com]
>> Sent: Tuesday, 15 September 2009 4:04 PM
>> To: ext Alissa Cooper; GEOPRIV
>> Cc: Thomson, Martin
>> Subject: RE: [Geopriv] Device vs. Target Terminology
>> 
>> Sounds useful to add both terms and to explain that in many 
>situations 
>> there is a one-to-one relationship. However, there are cases were 
>> there isn't such a relationship and hence the privacy properties may 
>> be different. Example: I was told that in various countries 
>in Africa 
>> mobile phones are shared among various persons. In Finland, for 
>> example, this is rather uncommon.
>> 
>> If we use the term "device" for the physical entity and "target" for 
>> the human using it then we should re-read some of our 
>documents again 
>> to see whether we use the new terms consistently.
>> 
>> Ciao
>> Hannes
>> 
>> >-----Original Message-----
>> >From: ext Alissa Cooper [mailto:acooper@cdt.org]
>> >Sent: 14 September, 2009 22:06
>> >To: GEOPRIV
>> >Cc: Martin Thomson; Tschofenig, Hannes (NSN - FI/Espoo)
>> >Subject: Re: [Geopriv] Device vs. Target Terminology
>> >
>> >I took a look back at how we use "Target" and "device" in
>> >geopriv- arch. In section 2.3 (immediately following the section 
>> >where "Target"
>> >is defined), we say the following:
>> >The term "Target" may refer not only to an individual whose 
>location 
>> >is described by a LO, but also to that individual's device, 
>since the 
>> >device engages in protocol interactions, not the 
>individual. For the 
>> >remainder of this document, the term "Target" refers to the device.
>> >Geopriv can also be used to convey location information about a 
>> >device that is not directly linked to a single individual, 
>such as a 
>> >package or product containing a location-capable sensor, or 
>a device 
>> >linked to multiple individuals.
>> >I think in some of the other documents we do the same thing 
>that was 
>> >done here, which is to pick one term that is generally accurate but 
>> >may actually mean both target and device, or one or the other, in 
>> >some contexts. The difference is that for geopriv-arch we chose 
>> >Target, whereas for the other documents we chose Device. My 
>proposal:
>> >
>> >1. Add the definition of Device from 3693 to section 2.2 of
>> >geopriv- arch.
>> >2. Move the paragraph above from section 2.3 to section 2.2.
>> >3. Switch the convention established in that paragraph, so that we 
>> >use "Device" in the remainder of the document rather than "Target," 
>> >unless the point being made explicitly deals with something related 
>> >to the person who is the Target (e.g., when we are discussing the 
>> >person's privacy interest, such as in 3.1.2 where we talk 
>about "the 
>> >real identity of the Target.").
>> >
>> >I think that might clear up the confusion.
>> >
>> >Alissa
>> >
>> >
>> >On Sep 6, 2009, at 7:56 AM, Alissa Cooper wrote:
>> >
>> >> On Aug 23, 2009, at 8:26 PM, Thomson, Martin wrote:
>> >>> For this second reason, Target is the right term to use when 
>> >>> discussing privacy.  A Target is any entity that the location 
>> >>> information _could_ refer to, and who might have a stake in
>> >ensuring
>> >>> that the information is protected.
>> >>>
>> >>
>> >> I'm fairly certain this is the reason why Target is used in 
>> >> geopriv- arch -- because one of the primary motivations 
>for writing 
>> >> the document was to explain the privacy architecture at a 
>high level.
>> >>
>> >>> The arch document should recognize the distinction between
>> >the two.
>> >>> We are building tools for Devices that aren't applicable in the 
>> >>> general sense to Targets.  However, we need the generic "Target"
>> >>> label.
>> >>
>> >> I will take a look through and see where it makes sense in the 
>> >> document to use Device instead of Target.
>> >>
>> >> Alissa
>> >>
>> >>>
>> >>> --Martin
>> >>>
>> >>>> -----Original Message-----
>> >>>> From: geopriv-bounces@ietf.org
>> >[mailto:geopriv-bounces@ietf.org] On
>> >>>> Behalf Of Tschofenig, Hannes (NSN - FI/Espoo)
>> >>>> Sent: Saturday, 22 August 2009 4:13 AM
>> >>>> To: geopriv@ietf.org
>> >>>> Subject: [Geopriv] Device vs. Target Terminology
>> >>>>
>> >>>> Hi all,
>> >>>>
>> >>>> the 'device' vs 'target' terminology from 
>> >>>> http://www.ietf.org/rfc/rfc3693.txt is confusing for me, see:
>> >>>>
>> >>>>     Target:
>> >>>>        The entity whose location is desired by the Location 
>> >>>> Recipient.
>> >>>>        In many cases the Target will be the human "user"
>> >of a Device
>> >>>>        or an object such as a vehicle or shipping
>> >container to which
>> >>>>        the Device is attached.  In some instances the
>> >Target will be
>> >>>>        the Device itself.
>> >>>>
>> >>>>     Device:
>> >>>>        The technical device whereby the location is 
>tracked as a 
>> >>>> proxy
>> >>>>        for the location of a Target.
>> >>>>
>> >>>> In 
>http://www.ietf.org/id/draft-ietf-geopriv-arch-00.txt we talk 
>> >>>> about the Target but the device terminology is gone:
>> >>>>
>> >>>>  Target:   An individual or other entity whose location is
>> >sought in
>> >>>>     the Geopriv architecture.  The Target is the entity whose 
>> >>>> privacy
>> >>>>     Geopriv seeks to protect.
>> >>>>
>> >>>> [Btw, I only refer to entity instead of individual as in our 
>> >>>> protocol mechanisms there are no 'humans' as such only
>> >identifiers.]
>> >>>>
>> >>>> The problem is that we use the term 'device' in our documents.
>> >>>> Examples:
>> >>>>
>> >http://tools.ietf.org/html/draft-ietf-geopriv-http-location-delivery
>> >>>> -15
>> >>>> 
>http://tools.ietf.org/id/draft-winterbottom-geopriv-held-identity
>> >>>> -
>> >>>> extens
>> >>>> ions-09.txt
>> >>>>
>> >http://tools.ietf.org/html/draft-ietf-sipcore-location-conveyance-01
>> >>>> (Actually, we sometimes use Target and sometimes Device.)
>> >>>>
>> >>>> The differentiation between Target and Device only 
>makes sense if 
>> >>>> there is a clear difference between the two.
>> >>>>
>> >>>> My question: Should we stick with the terminology used in 
>> >>>> draft-ietf-geopriv-arch-00.txt and not use device anymore? This 
>> >>>> would require us to run a find/replace action over a few of our 
>> >>>> documents.
>> >>>>
>> >>>> Ciao
>> >>>> Hannes
>> >>>> _______________________________________________
>> >>>> Geopriv mailing list
>> >>>> Geopriv@ietf.org
>> >>>> https://www.ietf.org/mailman/listinfo/geopriv
>> >>>
>> >>>
>> 
>>---------------------------------------------------------------------
>> >>> --------------------------- This message is for the designated 
>> >>> recipient only and may contain privileged, proprietary, or
>> >otherwise
>> >>> private information.
>> >>> If you have received it in error, please notify the sender 
>> >>> immediately and delete the original.  Any unauthorized 
>use of this 
>> >>> email is prohibited.
>> >>>
>> 
>>---------------------------------------------------------------------
>> >>> ---------------------------
>> >>> [mf2]
>> >>> _______________________________________________
>> >>> Geopriv mailing list
>> >>> Geopriv@ietf.org
>> >>> https://www.ietf.org/mailman/listinfo/geopriv
>> >>>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> Geopriv mailing list
>> >> Geopriv@ietf.org
>> >> https://www.ietf.org/mailman/listinfo/geopriv
>> >>
>> >
>> >
>> >
>
>---------------------------------------------------------------
>---------------------------------
>This message is for the designated recipient only and may 
>contain privileged, proprietary, or otherwise private information.  
>If you have received it in error, please notify the sender 
>immediately and delete the original.  Any unauthorized use of 
>this email is prohibited.
>---------------------------------------------------------------
>---------------------------------
>[mf2]
>