Last Friday afternoon, at the invitation of Doug Brunke of GrowthNation, I was privileged to attend a private showing of the SolarImpulse airplane during its stop in Phoenix along its Across America tour.

What a delightful experience!  More than just a fun scientific excursion, to me this was a celebration of innovation, dedication and profound enthusiasm for conquering the impossible.  Bertrand Piccard, co-founder and chairman of SolarImpulse has stated:

Adventure is not necessarily a spectacular deed, but rather an “extra-ordinary” one, meaning something that pushes us outside our normal way of thinking and behaving. Something that forces us to leave the protective shell of our certainties, within which we act and react automatically. Adventure is a state of mind in the face of the unknown, a way of conceiving our existence as an experimental field, in which we have to develop our inner resources, climb our personal  path of evolution and assimilate the ethical and moral values that we need to accompany our voyage.

The solar powered airplane, with a wingspan of 208 feet, uses 2,000 square feet of solar panels to power its flight and charge its batteries, so it can fly both during the day and at night.  It completed a 26 hour day and night flight in 2010.  A second generation aircraft, currently under construction, is scheduled to attempt an around the world flight in 2015.

Besides viewing the airplane and talking to engineers who were preparing for the next leg or its journey to Dallas, Texas, we were addressed by Dr. Piccard and the second pilot, André Borschberg, “an engineer and graduate in management science, a fighter pilot and a professional airplane and helicopter pilot, is the co-founder and CEO.” I found their messages challenging and enlightening.  I applaud their innovation and tenacity.

Several photos I took during the tour have been uploaded to SmugMug if you would care to take a look.

As I reviewed news stories about the tragic Oklahoma tornado, I couldn’t help but notice the stark contrast between a photo taken from far away and one taken up close and personal.  The first photo is from NASA: “The image was captured on May 20, 2013, at 19:40 UTC (2:40 p.m. CDT) as the tornado began its deadly swath.”

The second is from a CBS News account on the day the storm hit: “A child is pulled from the rubble of the Plaza Towers Elementary School in Moore, Okla., and passed along to rescuers Monday, May 20, 2013.”

My thoughts and prayers go out to the people who are struggling to cope with the aftermath of this huge disaster.  How wonderful to hear stories of the many, many people who are giving personal, selfless service to help the good people of Oklahoma.

I like the diagram Mark O’Neill of Vordel put in a recent post, “Identity is the New Perimeter.” That phrase has been floating around for some time, but I think this diagram illustrates the concept in the simplest, clearest way I have seen:

The article does a good job of describing this new way of looking at security.  As Mark mentioned in the post, Bill Gates once said, “security should be based on policy, not topology.”

Today, I read an interesting white paper, “Big Data in M2M: Tipping Points and Subnets of Things,” published by Machina Research. From the introduction:

This White Paper focuses on three hot topics in the TMT space currently: Big Data and the ‘Internet of Things’, both examined through the prism of machine-to-machine communications. We have grouped these concepts together, since Big Data analytics within M2M really only exists within the context of heterogeneous information sources which can be combined for analysis. And, in many ways, the Internet of Things can be defined in those exact same terms: as a network of heterogeneous devices.

The white paper does a good job of exploring the emerging trends of the Internet of Things, potential business opportunities and challenges faced.

As one could expect, “authenticity and security of different kinds of data,” was identified as a big challenge:

Big Data is about “mashing up” data from multiple sources, and delivering significant insights from the data. It is the combination of data from within the enterprise, from openly available data (for example, data made available by government agencies), from data communities, and from social media. And with every different source of data arises the issues of authenticity and security. Machina Research predicts that as a result of the need for data verification, enterprises will have a greater inclination to process internal and open (government) data prior to mashing-up with social media.

The following diagram shows the increase security risk as more data from external sources is collected and analyzed.

This yet another indicator of how Identity and Access Management will be critical in the successful evolution of the Internet of Things.

This morning, I was read a recent Oracle White Paper entitled, “Transforming Customer Experience: The Convergence of Social, Mobile and   Business Process Management.”  It gave interesting perspective on the blending of emerging paradigms – mobile and social – with the older discipline of Business Process Management.

To stay ahead in today’s rapidly changing business environment, organizations need agile business processes that allow them to adapt quickly to evolving markets, customer needs, policies, regulations, and business models. … Social and mobile business models have already contributed important new frameworks for collaboration and information sharing in the enterprise. While these technologies are still in a nascent state, BPM and service oriented architecture (SOA) solutions are well established, providing a history of clear and complementary benefits.

The key is effectively leveraging the strengths of existing, proven architectures while taking advantage of new opportunities:

The term “Social BPM” is sometimes used to describe the use of social tools and techniques in business process improvement efforts. Social BPM helps eliminate barriers between decision makers and the people affected by their decisions. These tools facilitate communication that companies can leverage to improve business processes. Social BPM enables collaboration in the context of BPM and adds the richness of modern social communication tools.

… Social BPM increases business value by extracting information from enterprise systems and using it within social networks. Meanwhile, social technologies permit employees to utilize feedback from social networks to improve business processes.

I found one use case presented in the paper to be particularly instructive. As illustrated in the following diagram,

A claims management system assigns a task to an individual claims worker with the expectation that the user will complete the task to advance the process. Of course, to accomplish this type of knowledge-based task, the individual must often engage other people within the business .

However, Social BPM enables the use of social networking tools to extend collaboration beyond the traditional enterprise boundaries, as shown in the following diagram:

Not only can internal knowledge workers use social networking tools to find each other and share information, but also customers can interact with the process at specific steps, using mobile devices, to supply their own information into a business process. For example, a customer involved in an auto accident might upload photos taken with a cell phone into the process via a claims management app provided by the insurance company.

In order to make this all work, participants will need to use both enterprise and social identity credentials. Because they are using mobile devices, the IAM system must accommodate  mobile, social and cloud infrastructures in order to effectively use information.  This is very much in line with the principles set forth in the Gartner Nexus I addressed yesterday.

Today I read a year-old document published by Gartner, entitled, “The Nexus of Forces: Social, Mobile, Cloud and Information.”  It explains the interaction among these market forces better than any single document I have read:

Research over the past several years has identified the independent evolution of four powerful forces: social, mobile, cloud and information. As a result of consumerization and the ubiquity of connected smart devices, people’s behavior has caused a convergence of these forces.

In the Nexus of Forces, information is the context for delivering enhanced social and mobile experiences. Mobile devices are a platform for effective social networking and new ways of work. Social links people to their work and each other in new and unexpected ways. Cloud enables delivery of information and functionality to users and systems. The forces of the Nexus are intertwined to create a user-driven ecosystem of modern computing. (my emphasis added)

Excerpts from Gartner’s treatment of each of these areas include:

Social

Social is one of the most compelling examples of how consumerization drives enterprise IT practices. It’s hard to think of an activity that is more personal than sharing comments, links and recommendations with friends. Nonetheless, enterprises were quick to see the potential benefits. Comments and recommendations don’t have to be among friends about last night’s game or which shoes to buy; they can also be among colleagues about progress of a project or which supplier provides good value. Consumer vendors were even quicker to see the influence — for good or ill — of friends sharing recommendations on what to buy.

Mobile

Mobile computing is forcing the biggest change to the way people live since the automobile. And like the automotive revolution, there are many secondary impacts. It changes where people can work. It changes how they spend their day. Mass adoption forces new infrastructure. It spawns new businesses. And it threatens the status quo.

Cloud

Cloud computing represents the glue for all the forces of the Nexus. It is the model for delivery of whatever computing resources are needed and for activities that grow out of such delivery. Without cloud computing, social interactions would have no place to happen at scale, mobile access would fail to be able to connect to a wide variety of data and functions, and information would be still stuck inside internal systems.

Information

Developing a discipline of innovation through information enables organizations to respond to environmental, customer, employee or product changes as they occur. It will enable companies to leap ahead of their competition in operational or business performance.

Gartner’s conclusion offers this challenge:

The combination of pervasive mobility, near-ubiquitous connectivity, industrial compute services, and information access decreases the gap between idea and action. To take advantage of the Nexus of Forces and respond effectively, organizations must face the challenges of modernizing their systems, skills and mind-sets. Organizations that ignore the Nexus of Forces will be displaced by those that can move into the opportunity space more quickly — and the pace is accelerating.

So, what does this mean for Identity and Access Management?  Just a few thoughts:

1. While “Social Identity” and “Enterprise Identity” are often now considered separately, I expect that there will be a convergence, or at least a close interoperation of, the two areas. The boundaries between work and personal life are being eroded, with work becoming more of an activity and less of a place.  The challenge of enabling and protecting the convergence of social and enterprise identities has huge security and privacy implications. 
2. We cannot just focus on solving the IAM challenges of premised-based systems.  IAM strategies must accommodate cloud-based and premise-based systems as an integrated whole.  Addressing one without the other ignores the reality of the modern information landscape.
3. Mobile devices, not desktop systems, comprise the new majority of user information tools. IAM systems must address the fact that a person may have multiple devices and provide uniform means for addressing things like authentication, authorization, entitlement provisioning, etc. for use across a wide variety of devices.
4. We must improve our abilities to leverage the use of the huge amounts of information generated by mobile/social/cloud platforms, while protecting the privacy of users and the intellectual property rights of enterprises.
5. Emerging new computing paradigms designed to accommodate these converging forces, such as personal clouds, will require built-in, scalable, secure IAM infrastructure.
6. The Gartner Nexus doesn’t explicitly address the emergence of the Internet of Things, but IoT fits well within this overall structure.  The scope of IAM must expand to not only address the rapid growth of mobile computing devices, but the bigger virtual explosion of connected devices.

We live in an interesting time. The pace of technological and social change is accelerating. Wrestling with and resolving IAM challenges across this rapidly changing landscape is critical to efforts to not only cope with but leverage new opportunities caused by these transformative forces.

Which type of glasses do you prefer?

I love this photo of Chris Cassidy, one of our great NASA astronauts, at work.  

The NASA web site explains:

Repairing the Station in Orbit Expedition 35 Flight Engineers Chris Cassidy (pictured) and Tom Marshburn (out of frame) completed a spacewalk at 2:14 p.m. EDT May 11, 2013 to inspect and replace a pump controller box on the International Space Station’s far port truss (P6) leaking ammonia coolant. The two NASA astronauts began the 5-hour, 30-minute spacewalk at 8:44 a.m.

A leak of ammonia coolant from the area near or at the location of a Pump and Flow Control Subassembly was detected on Thursday, May 9, prompting engineers and flight controllers to begin plans to support the spacewalk. The device contains the mechanical systems that drive the cooling functions for the port truss.

What a thrill it must be for these guys!

In a recent Forbes article entitled, “The Cloud Revolution and Creative Destruction,” Oracle’s Bob Evans put cloud computing in perspective (my emphasis added):

We’ll begin to see the real the real creative-destruction power of the cloud unleashed when we begin to define the cloud in terms of what business customers want and need, and when we stop diddling around with inside-baseball constructs that mean little or nothing to the businesspeople who are ready to spend many tens of billions of dollars on cloud solutions that focus on and deliver business value. .. 

That’s the real magic of the cloud: it lets businesses rethink where and how they deploy their precious IT dollars, and allows those businesses to focus more of their IT budgets on projects that truly matter.

Business value.  Focusing here makes cloud computing worthwhile.

In the NASA photo below, Expedition 35 Flight Engineer Chris Cassidy has a few light moments with the Robonaut 2 in the Destiny Laboratory onboard the Earth-orbiting International Space Station.

Robonaut 2, or R2, is a dexterous humanoid robot built and designed at NASA Johnson Space Center in Houston, Texas. Sent to the International Space Station in 2011 with the intention of aiding astronauts on dangerous tasks and freeing them from some the more mundane work, upgrades to the R2 system continue to produce novel advances in the field of robotics. 

IronMan he isn’t, but it’s fun to see advances in robotic technology. And even robots have identity.