Thomas Hardjono

Director - MIT Trust::Data Consortium; MIT
Thomas Hardjono is the CTO of MIT Connection Science and Engineering. He leads technical projects and initiatives around identity, security and data privacy, and engages industry partners and sponsors on these fronts. Thomas is also the technical director for the Internet Trust::Data Consortium. Previous to this Thomas was the Director of the MIT Kerberos Consortium, developing the MIT Kerberos authentication software currently used by millions of users around the world. He has been active in the areas of security, applied cryptography and identity management for nearly two decades now. His work included devices certificates for DOCSIS cable modems, WiFi devices and the Trusted Platform Module (TPM) security hardware. He has taken leadership roles in the IETF, OASIS SSTC, Trusted Computing Group, Kantara and other organizations. At MIT Thomas was instrumental in development/deployment of MITREid-Connect ( He has been a proponent of User Managed Access (UMA) since its inception.

Thomas's Session

Tuesday, June 25
4:35 - 5:00 pm
Personal Data as the Foundation of Privacy-Preserving Digital Identity
Today digital identity is broken and data privacy is inadequately addressed. The 2011 World Economic Forum report on personal data as a new asset class finds that the current ecosystems that access and use personal data is fragmented and inefficient. For many participants, the risks and liabilities exceed the economic returns and personal privacy concerns are inadequately addressed. Current technologies and laws fall short of providing the legal and technical infrastructure needed to support a well-functioning digital economy. The rapid rate of technological change and commercialization in using personal data is undermining end-user confidence and trust. If we are serious about decentralization and blockchain technology as a solution enabler, we should therefore be talking about identity credentials being issued by members of our community and certified by a set of people and institutions with whom we regularly interact. Digital identities cannot be trusted unless they are based on joint sovereignty among members of a community where false assertions have serious negative consequences and where there is sufficient data to make reliable inferences. In this presentation we discuss the principles of Open Algorithms, and present a basic protocol for algorithmic-consent based on the User Managed Access (UMA) flows for authorization.

Enter your details to receive email updates from Identiverse