[Log In] []

Exploring the science and magic of Identity and Access Management

Time and money spent in helping men to do more for themselves is far better than mere giving. — Henry Ford

Monday, April 20, 2015

Welcome Home Apollo 13

Space Travel
Author: Mark Dixon
Friday, April 17, 2015
7:57 am

Buffer

Apollo13

Forty five years ago today, the embattled crew of Apollo 13 safely returned home. Against great odds, aided by terrific ingenuity from crews on the ground and undoubtedly by divine providence, the Apollo 13 crew survived an oxygen tank explosion and resultant failure of other systems through improvisation, steely dedication and pure grit.  

I was just finishing my junior year of high school when this occurred. Apollo 13 has been an inspiration to me ever since.

 

Photo: Astronauts James Lovell, John Swigert and Fred Haise are shown soon after their rescue still unshaven and wearing space overalls. 

 

Honoring Jackie Robinson in Space

Space Travel, Sports
Author: Mark Dixon
Wednesday, April 15, 2015
8:53 pm

Buffer

NASA astronaut Terry Virts, wearing a replica Jackie Robinson jersey in the cupola of the orbiting International Space Station, is celebrating Jackie Robinson Day, April 15, with a weightless baseball.

SpaceBall2

April 15th (Baseball’s opening day in 1947) has now come to commemorate Jackie Robinson’s memorable career and his place in history as the first black major league baseball player in the modern era. He made history with the Brooklyn Dodgers (now the Los Angeles Dodgers) and was inducted to the Baseball Hall of Fame in 1962.

Congratulations, Jackie, for your courage!  Thank you, Terry, for a memorable celebration!

 

Version 2015 Data Breach Investigations Report

Information Security
Author: Mark Dixon
Wednesday, April 15, 2015
8:25 pm

Buffer

Verizon2015DBIR

The new Verizon 2015 Data Breach Investigations Report has been published.

It is interesting to note … 

The year 2014 saw the term “data breach” become part of the broader public vernacular, with The New York Times devoting more than 700 articles related to data breaches, versus fewer than 125 the previous year.

And there are undoubtedly more to come. Consider one of the scariest charts in the report:

[The chart] contrasts how often attackers are able to compromise a victim in days or less (orange line) with how often defenders detect compromises within that same time frame (teal line). Unfortunately, the proportion of breaches discovered within days still falls well below that of time to compromise. Even worse, the two lines are diverging over the last decade, indicating a growing “detection deficit” between attackers and defenders.”

VerizonChart01

Enjoy the read! We in the information security industry have a lot of work to do.

 

Cory Doctorow:Will Technology Set Us Free or Enslave Us?

Identity
Author: Mark Dixon
Wednesday, December 3, 2014
12:10 pm

Buffer

CoryDoctorow

I heard my first speech from Cory Doctorow at the Gartner IAM Summit this morning. He gave an interesting overview of the history of digital copyright law and attempts to enforce limited access by schemes such as Digital Rights Management and encrypted data streams. He expanded beyond this basic overview to discuss how current laws make it illegal to reveal hidden flaws in software and devices. Some points I found particularly thought-provoking include:

  • The 1998 Digital Millennium Copyright Act  which criminalized breaking Digital Rights Management methods, wasn’t very effective, because people who were willing to break existing laws to steal content didn’t mind breaking another law.
  • Current copyright laws designed to make it illegal to know how DRM or encrypted streaming video devices work (e.g. Netflix player devices) also make it illegal to reveal flaws in our computers.
  • These laws may stop honest people, but support bad guys’ efforts to discover and weaponize vulnerabilities.
  • The NSA and its British equivalent spent billions of dollars per year to find vulnerabilities in devices, but don’t reveal what they have found.
  • Back doors to systems (such as government-requested back doors to encryption algorithms) have no allegiance.  We must assume that such back doors will be used for evil as well as good purposes.
  • Be suspicious of any software you cannot audit or inspect. How else can you know what lurks therein?
  • Remember – the capacity for human self-deception is bottomless. Will technology set us free or enslave us?

Interesting ideas worthy of further investigation.  The concept of unintended consequences certainly applied here.

 

Earl Perkins: The Identity of Things for the Internet of Things

Identity, Information Security, Internet of Things
Author: Mark Dixon
Wednesday, December 3, 2014
11:20 am

Buffer

Earl Perkings, Gartner

Yesterday, at the Gartner Identity and Access Management SummitEarl Perkins, Gartner’s Research Vice President in Systems, Security and Risk, gave a thought-provoking talk, proposing that Identity and Access Management as it is today is not going to cut it for the Internet of Things. Some the highlights include (filtered through the lens of my interpretation):

  • IoT can be described as as set of devices that can sense and interact with the world around it. Such devices can sense, analyze, act and communicate.
  • Devices, services and applications are creators or consumers of information, and must join humans in having identities.
  • Architectural concepts of IAM may still hold, but the scale will be vastly larger and must accommodate more than human identities.
  • Perhaps the word “thing” should be replaced by the term “entity”
  • Every entity has an identity
  • We need a model of entities and relationships between these entities.
  • We must address layered hierarchies of identities.
  • We should not separate device management and identity management systems.
  • Identity Management and Asset Management systems will likely converge.
  • Identity and Access Management may become:
    • Entity Relationship Management
    • Entity Access Management
  • We may think of architectures in four levels: things, gateways/controllers, connectivity, applications and analytics.
  • Two major camps of consumption: Enterprise (where more money is currently being spent) and Consumer (which is hot and sexy, but not currently making much money).
  • Strong year-over-year IoT growth is happening in four industry sectors:
    • Automotive – 67% CAGR
    • Consumer – 32% CAGR
    • Vertical specific – 24% CAGR
    • Generic business – 44% CAGR
  • Companies are “throwing jello against the wall” to see what sticks.

I really like Earl’s ideas about convergence of “entities” and “relationships” between entities.  Please note my blog post Identity Relationship Diagrams  posted in March 2013.

I also favor his view that identity management should not be separate from device management.

It will be interesting to see how architectures are transformed and what “jello sticks to the wall” in the coming years.

 

You’re Home at Last, my iPad, You’re Home at Last!

General, Identity
Author: Mark Dixon
Tuesday, August 12, 2014
8:16 am

Buffer

Last Wednesday, a dreaded First World Fear was realized.  During a tight connection between flights at the Dallas – Fort Worth airport, I left my iPad in the seat pocket on my first flight.  I didn’t realize what I had done until I reached into my briefcase for it on my next flight. My heart sank. I use the IPad for so many things. To lose it was a huge disruption in my day to day life, not to mention the cost and hassle of replacement

A call to the DFW lost and found department was not reassuring. I was instructed by the telephone robot to leave a message with contact information and lost item description, and wait.  I dutifully complied, but had real doubts about whether I’d ever see my iPad again.  A conversation with an American Airlines gate agent gave a little bit of hope.  She assured me that every lost item was investigated, and that I should be patient for the process to take its course.

My Monday morning, I had about given up hope.  But then – the phone call – my iPad had been found!  I had activated the “Find my iPhone” feature, which caused my phone number to be displayed when ever the device was turned on.  The lost and found agent called me, verified that the device was indeed mine and arranged for it to be returned to me by Fedex. Then things got interesting …

Soon after I received the happy phone call, I received an email, also informing me that the iPad had been found – another nice feature of Find my iPhone.  

Ipaddfw

Apparently, when a device is in the “lost” mode, it will continue to wake up periodically and attempt to send its location via email.  I have received 18 emails to that effect since the iPad was first found yesterday morning, each with a little map pinpointing its current location.

I really enjoyed tracking the iPad’s progress as it found its way back to me via my iPhone’s Find My iPhone app.  In the photos below, you can see my iPad’s circuitous journey around DFW yesterday, its flight to the Fedex hub and back to Phoenix overnight, and the fairly direct route to my home by 7:33 this morning!

Ipad1Ipad2Ipad3

So, in addition to getting my treasured iPad back, I received an object lesson in the value of mobile location services!  We live in wonderful times!

 

“Wink” at The Home Depot: Emerging #IoT Ecosystem?

Internet of Things
Author: Mark Dixon
Thursday, July 10, 2014
6:10 pm

Buffer

Today, I learned from a USA Today article that The Home Depot and Amazon.com have begun to offer home automation devices that work with the Wink app and home automation Wink Hub

Boosting your home’s IQ got easier Monday as The Home Depot began selling a collection of nearly 60 gadgets that can be controlled by mobile devices, including light bulbs, lawn sprinklers and water heaters.

I quickly found that homedepot.com offers more Wink devices on line that does Amazon.com - interesting that the orange bastion of brick and mortar DIY sales seems to be besting Amazon at its own game!

I jumped in my pickup and drove to the nearest Home Depot store - and there it was – a Wink end cap, stationed right between the aisles offering water heaters and replacement toilets. The display wasn’t pretty, but it was there.  I could have loaded up a cart full of water sprinkler controllers, video cameras, door locks, smoke alarms, LED lights, motion sensors and more – all controllable via Wink. Pretty impressive, actually.

HomeDepotWink

Two things are significant here:

  1. The Wink ecosystem for connecting many devices from multiple vendors seems to be emerging more quickly than systems promised by Apple and Google.
  2. The Home Depot is the epitome of American mainstream – making it available to the common folks, not just techno-geeks.  Heck, I was in the Home Depot store three times last Saturday alone to pick up stuff. That’s mainstream.

It is going to be really interesting to see how this stuff becomes part of “The Fabric of our Lives.”

 

The Zen of #IoT: The Fabric of our Lives

Internet of Things
Author: Mark Dixon
Thursday, July 10, 2014
5:10 pm

Buffer

Cotton

When I was a young engineering student at Brigham Young University, I had a physics professor who loved to promote what he called the “Zen of Physics.”  As I recall, he proposed that if we studied the right way and meditated the right way on the virtues of physics, we would reach a state of enlightenment about his beloved area of scientific thought.

As an engineering student more interested in practical application than theoretical science, I never did reach the level of enlightenment he hoped for, although I do remember some exciting concepts related to black holes and liquid nitrogen.

This last week, as I was pondering the merits of the Internet of Things, I had a Zen-like moment, an epiphany or moment of enlightenment of sorts, as I was mowing the lawn, of all things.

My thought at that moment?  The real value of the Internet of Things will become apparent when we find that this technology becomes woven seamlessly and invisibly into “The Fabric of our Lives.”

The Fabric of our Lives” is actually a trademark of the Cotton Industry, so I can’t claim originality, but I think the concept is interesting.  When we come to realize that technology fits us as naturally and comfortably as a favorite old cotton shirt, we tend to forget about the technology itself, but enjoy the benefits of what has slowly become an integral part of ordinary living – woven into the fabric of every day life.

When I had my little epiphany last Saturday, I had forgotten my post from April 1, 2013, entitled, “IoT – Emerging and Receding Invisibly into the Fabric of Life.”  What my Zen moment added is the idea that real value to us as humans is realized not when the first flashy headlines appear, but when the technology recedes quietly into the everyday fabric of our lives.

When I think of technology that has emerged since my childhood and then proceeded to become commonplace, I am amazed: microwave ovens, digital cameras, color television, satellite communications, cable/satellite TV, personal computers, the Internet, social media, smart phones and much more.  Each one of these progressed from being novelties or the stuff of techno-geeks to becoming mainstream threads in the everyday fabric of life.

So it will be with IoT. We talk a lot about it now.  We techno-geeks revel in the audacious beautify of it all.  Just about every publication in the world has something to say about it.  But as first a handful, and then many, of the devices and concepts become commonly accepted, they too will become invisible, but highly valuable threads woven ubiquitously into “The Fabric of our Lives.”

 

#IoT: iHouse, House+ or SmartHome? Something else?

Internet of Things
Author: Mark Dixon
Tuesday, June 24, 2014
3:18 pm

Buffer

Recently, there has been a flurry of articles about IoT and home automation, spurred by Apple’s announcement of HomeKit and Google’s announcement that Nest is buying DropCam. Yesterday, I read an interesting article about how WSJ Tech Columnist Christopher Mims visited SmartThings CEO Alex Hawkinson to “see how he’s turned his home into one of the “smartest” homes in America.”

Smarthome

I applaud this focus on an area of technology that could indeed be of direct benefit to my family and me. But it also raises questions:

As an Mac, iPhone and iPad user, will I be able to extend the useful Apple platform in to a virtual iHouse?

Will Google/Nest/DropCam morph into a useful House+ platform?  Will it interoperate with my Apple stuff or will I have to switch?

Will another more independent company such as SmartThings really make possible a SmartHome?

How much of this will be really useful and easy to use, rather than be a series of geeky science fair projects?  

It was interesting to read Christopher Mims comments about how SmartThings home automation does lots of cool stuff, but not necessarily in an easier way.  Maybe using an iPhone to control everything isn’t really easier than using fashioned light switches or manually adjusting old thermostats.

What I hope emerges are systems that deliver real value to me while being drop-dead simple to use.  Here are a few things I really look forward to:

  1. Coordination of all four AC/Heating zones and ten ceiling fans in my house for optimum comfort and electricity savings, rather than just individual controls provided by Nest and others.
  2. Coordinated control of all ten irrigation circuits for our yard (both sprinkler and drip irrigation) based on weather reports, humidity sensors and soil moisture sensors to optimize water savings and plant health.
  3. Integration of home alarm, garage door and car ignition controls into a single device, preferably my phone, to minimize my frustration and size of my key chain.

The state of the industry right now seems a little bit like the computer industry in the IMSAI computer kit era, when hobbyists could buy lots of components and patch together (sort of) working computers.  Hopefully, the recent IoT announcements will bring real progress beyond the hobbyist phase.

 

MyFitnessPal – #IoT Ecosystem

Internet of Things
Author: Mark Dixon
Friday, May 30, 2014
8:35 am

Buffer

Myfitnesspal

One of the key enablers to substantial growth in the Internet of Things marketplace will be the progressive emergence of integrated ecosystems of devices and software systems that interact in meaningful ways.  I currently use the FitBit One device to track the steps I take each day and record the food I eat in the MyFitnessPal iPhone app.

As I was browsing the MyFitnessPal website recently, I noticed a growing number of partner applications that interact with MyFitnessPal in some way.  Upon further inspection this morning, I counted 51 apps that interact with MyFitness Pal.  The website lists four devices that are integrated for weight management:

  1. Fitbit Aria Wi-Fi Smart Scale
  2. Withings Wi-Fi Scale
  3. iHealth Wireless Scales
  4. Wahoo Balance Scale

Seven devices are listed for activity monitoring

  1. BodyMedia FIT
  2. Fitbit Tracker
  3. Striiv Play Smart Pedometer
  4. Fitbug Air Tracker
  5. Jawbone UP
  6. Lumo Back Posture Sensor
  7. Withings Pulse

I am currently very impressed with the useful integration between the FitBit tracker and the MyFitnessPal app that I use daily.  If the other apps and devices are as well integrated, this fairly simple, but growing ecosystem has great potential.

 

 
 
 
 
 
Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.