GGS-2: Compartmentalized Information Protection

Stage: Finalize

Definitions

Compartmentalization

Compartmentalization, in information security, whether public or private, is the limiting of access to information to persons or other entities on a need-to-know basis to perform certain tasks.

Information

Information is an abstract concept that refers to something which has the power to inform. At the most fundamental level, it pertains to the interpretation (perhaps formally) of that which may be sensed, or their abstractions. Any natural process that is not completely random and any observable pattern in any medium can be said to convey some amount of information. Information is not knowledge itself, but the meaning that may be derived from a representation through interpretation. For instance, this standard contains information and those who understand it know about it.

Protection

Protection is any measure taken to guard something against damage (changes introduced into the system that adversely affect its current or future performance).

CIP

Short for Compartmentalized Information Protection. It is the standard used in the Gen6 ecosystem, designed to safeguard sensitive information by isolating it into separate compartments, ensuring that access is restricted to only those who need it for specific tasks. This approach prevents unauthorized access and minimizes the risk of data leakage, misuse, or corruption. CIP leverages a layered defense strategy ("defense in depth"), using multiple levels of security to maintain the confidentiality, integrity, and availability of information while maintaining compliance with regulatory standards.

Standard Structure of CIP

Immutable Proof Information Storage: Blockchain

Immutable proofs are stored on the blockchain without revealing the data. All proofs's timestamp can be verified through the inspecting the block it was written into.

This provides:

  • Undeniability of proof creation

  • Undeniability of timestamp of event

  • Privacy, as the data itself is off-chain

  • Permissionless access to proofs.

Data Information Storage: G6 Middleware

G6 Middleware provides data storage and permissioned access to them. While the data remains private, it can be revealed to selected entities.

Data can be optionally encrypted, so not even the G6 Middleware provider can understand its content.

This provides:

  • Permissions control of data

  • Information and data security

  • Privacy, as only the proofs are on-chain

  • Allows encryption of data

  • Allows ZK implementations

  • Possibility for 3rd party storage providers and backups

  • Scalable and fast data storage

User Stored Information: Secrets

The keeps her/his own wallet in form of private keys or using the G6 OAuth system at 3rd party provider (not recommended).

This provides:

  • Freedom to create your own identity and share data with your own prefecernces

    • Free choice of what to encrypt, reveal or publish

  • Central authirities cannot block your wallet and account

  • Self-custody and censorship resistance

PreviousGGS-1: Gen6 Identity StandardNextGGS-3: Proof of Humanity

Last updated

Was this helpful?