Networks… we containerized them, too.
WebShield provides Dockerized applications that run in your environment, on your terms, allowing you to set up Privacy Networks and share resources with the network
Anything of value can be published to the Privacy Network as a protected resource, including the right to use data, algorithms, apps, services or infrastructure, the right to rely upon policies, accreditations or contracts, the right to display a brand or image, the right to send a message to or interact with a person or organization.
Trust Criteria and Trust Credentials
Resources can be protected by trust criteria which express requirements for authorizing access or use of the resource, including regulatory compliance requirements, payment and licensing terms, privacy policies, and authorized recipients or purposes of use. Resources can also gain trust credentials which specify its semantics, interfaces, provenance and accreditations.
Trust credentials and trust criteria are cryptographically bound to resources in order to create a Trust Block™, and then written to one or more databases or distributed ledgers to create the Proof of Trust™ BlockChain. This creates a distributed governance network that documents the credentials and relationships of resources, and ensures proper enforcement of specified policies across organizations and through time.
Privacy Networks and Privacy Domains
A Privacy Domain can be a resource and can act as a trusted privacy and compliance preserving perimeter around an organization's local services. As part of Privacy Network enabling services the organization sets up their own Privacy Domains and connects them to one another using privacy pipes into an internal Privacy Network. An organization can run an internal privacy network, just like an intranet. Privacy Networks can be connected together into a network of networks and controlled by different network operators.
Privacy pipes are conceptually similar to “smart proxies” that sit in front of your local services. Pipes produce and consume the Trust Blocks™ that envelop data resources flowing between the domains, enforce information flow control between domains, and apply algorithms to the data before it leaves the domain.
Unified Trust Model
We crowdsource our trust content and methodologies by partnering with trust authorities who certify Privacy Networks for compliance with diverse policies and regulatory requirements (HIPAA, CFR 42-2, FERPA, COPPA, GLBA, IRS 6103, EU GDPR, FISMA, etc.). Trust authorities leverage WebShield’s Unified Trust Model, which defines a common vocabulary language between them and establishes a mutual trust with shared governance. The Unified Trust Model (UTM) is a meta model designed to help resolve the conflicts and interoperability issues between models and credentials.
Embedding Trust into Data Flows
Organizations can have independent trust authorities certify their policies for compliance. Once a domain is certified with credentials, data and other resources may become shareable according to these policies and related trust criteria tracked by WebShield. For example, organizations may embed trust into their resource and data flows and demonstrate HIPAA compliance as per a specific authority. This verified certification is stamped into any data transactions via Trust Blocks, providing an auditable compliance trail.
An Authorization Network is a specialized Privacy Network that contains identities, identity verifiable claims, and linked data related to identity proofing and authorizing access. With WebShield, enterprises and organizations can utilize the Authorization Network as an outsourced service for access authorization, identity proofing, and compliance while absolving enterprises of liability for such data. WebShield partners with security companies who want to run their services inside the Authorization Network. The Authorization Network will incorporate privacy-preserving shared services for cybersecurity, surveillance, reputation, and systems management.