| Highlights of leadership planning meeting | Andrew | For each content area leader - have other DG participants ‘sign up’ Each content area to decide how to approach collecting a knowledge base and writing a draft for “baseline” content Max offers to coach content area leaders in approaches and ideas Need a more solid description of what problem we are trying to solve Pitch towards purchasers of IDPV, evaluators of IDPV, business operators of IDPV “We will provide information and understanding that empowers ‘buyers’ to identify what problems they can solve with IDPV, how to choose between systems/features, what outcomes they can expect, data protection risks of biometric data (and the threshold-based nature of biometric data), and how to approach integration into existing operations.”
|
| Discuss first rough drafts of “explainer text” | Andrew | Andrew showed the first cut draft text for “IDPV System” and explained that this is a trial balloon to test whether the group feels that this level of description is valuable to advance our mission or whether a different level for the baseline is needed There is an underlying assumption that the target audience is from the “identity” community - this might be improved by considering target audiences from the “IT security” community as well - they may not be aware of IDPV The main idea behind the “core concepts and description” material is to establish a core set of plainly-worded facts about the topic area. Written in neutral language and mostly jargon-free “Descriptions” and “explanations” not “activities” or “definitions” When the group wants to generate material for a particular target, we should be able to take these core facts, go deeper, tailor language, combine with other core facts into content that is very consumable by the target audience Rationale, “who cares”, and other context can be added at audience targeting time - the core material is not intended to be published directly - it should always be tailored.
Shift to discussion about segmentation and audiences - Max to do a high level process diagram on how to ‘research’ and gather information
Topic area assignments (Topic Area Content Pages for full list): - Jay to start writing conceptual descriptions of the core concepts
- Andrew to take IDPV (what it it, how it works today, current attack/threat vectors, current countermeasures, how does widely-adopted AI accelerate current attacks or create new attacks)
- James M to take AI topic area
- Heather - Hacker motivations (social engineering), payloads, simulated humans, synthetic identity
Discussion about a better way to organize topic areas - matrix approach: Examples: Audio as a mechanism used by IDPV systems - it is a core topic Data verification as a mechanism used by IDPV systems - it is a core topic Biometric matching as a mechanism used by IDPV systems - it is a core topic Biometric liveness detection as a mechanism used by IDPV systems - it is a core topic “AI” in the context of the other topic areas - it is a cross-cutting concern “Prevention” in the context of countermeasures for other topic areas - it is a cross cutting concern
Then for each topic area, the leader will work towards a foundational descriptive set of facts that cover: What is the topic? How is it done today? How is it vulnerable to attacks and threats today? What defences or countermeasures exist today? How does “AI” accelerate attacks, introduce new attacks, and improve or degrade the IDPV topic area?
|