[Log In] []

Exploring the science and magic of Identity and Access Management

All our dreams come true if we have the courage to pursue them. — Walt Disney

Saturday, April 25, 2015

A Message to Dad

Family, Space Travel
Author: Mark Dixon
Wednesday, April 22, 2015
10:03 pm

Buffer

This in an advertisement from Hyundai, but it has a really cool message. Enjoy!

 

In Pursuit of a “Known Traveler Number”

Identity, Travel
Author: Mark Dixon
Wednesday, April 22, 2015
4:59 pm

Buffer

Precheck

I have been using the TSA PreCheck service since soon after its inception in 2011, without paying an enrollment fee, after being invited by US Airways to participate. This has allowed me to use the simpler and faster TSA PreCheck lane at airport security, rather than joining the majority of fliers in regular security lines. However a couple of weeks ago, I received a notice from American Airlines, which is merging with US Airways, that I now needed to register for a “Known Traveler Number” (KTN) so I can continue to use the PreCheck service. I don’t really know why my gratis status is no longer acceptable, but it apparently it is.

So, I filled out a pre-registration form at Universal Enroll last week, booked at a screening appointment at a registration center a few miles from my house, and went through the final process today. 

Today’s registration process was unexpectedly painless. It took less than 15 minutes, including a short wait in the lobby, fingerprinting, stepping through a series of Identity Proofing steps and paying the $85 fee. Alas, I still don’t have a KTN.  That is supposed to be issued in a week or two after some big computer in the sky processes my information. Then, I am supposed to be set up to use the PreCheck lane every time.

The downside?  The government has me in yet another identity database.  My KTN will be linked to my SSN, as well as to my fingerprints and other personal identification data. Big Brother seems closer than ever before!

Next step after the KTN?  I will need to get a new Arizona drivers license that is Real ID compliant before January if I want to continue flying. Yet another Federal tentacle into my life! 

 

Welcome Home Apollo 13

Space Travel
Author: Mark Dixon
Friday, April 17, 2015
7:57 am

Buffer

Apollo13

Forty five years ago today, the embattled crew of Apollo 13 safely returned home. Against great odds, aided by terrific ingenuity from crews on the ground and undoubtedly by divine providence, the Apollo 13 crew survived an oxygen tank explosion and resultant failure of other systems through improvisation, steely dedication and pure grit.  

I was just finishing my junior year of high school when this occurred. Apollo 13 has been an inspiration to me ever since.

 

Photo: Astronauts James Lovell, John Swigert and Fred Haise are shown soon after their rescue still unshaven and wearing space overalls. 

 

Honoring Jackie Robinson in Space

Space Travel, Sports
Author: Mark Dixon
Wednesday, April 15, 2015
8:53 pm

Buffer

NASA astronaut Terry Virts, wearing a replica Jackie Robinson jersey in the cupola of the orbiting International Space Station, is celebrating Jackie Robinson Day, April 15, with a weightless baseball.

SpaceBall2

April 15th (Baseball’s opening day in 1947) has now come to commemorate Jackie Robinson’s memorable career and his place in history as the first black major league baseball player in the modern era. He made history with the Brooklyn Dodgers (now the Los Angeles Dodgers) and was inducted to the Baseball Hall of Fame in 1962.

Congratulations, Jackie, for your courage!  Thank you, Terry, for a memorable celebration!

 

Version 2015 Data Breach Investigations Report

Information Security
Author: Mark Dixon
Wednesday, April 15, 2015
8:25 pm

Buffer

Verizon2015DBIR

The new Verizon 2015 Data Breach Investigations Report has been published.

It is interesting to note … 

The year 2014 saw the term “data breach” become part of the broader public vernacular, with The New York Times devoting more than 700 articles related to data breaches, versus fewer than 125 the previous year.

And there are undoubtedly more to come. Consider one of the scariest charts in the report:

[The chart] contrasts how often attackers are able to compromise a victim in days or less (orange line) with how often defenders detect compromises within that same time frame (teal line). Unfortunately, the proportion of breaches discovered within days still falls well below that of time to compromise. Even worse, the two lines are diverging over the last decade, indicating a growing “detection deficit” between attackers and defenders.”

VerizonChart01

Enjoy the read! We in the information security industry have a lot of work to do.

 

Cory Doctorow:Will Technology Set Us Free or Enslave Us?

Identity
Author: Mark Dixon
Wednesday, December 3, 2014
12:10 pm

Buffer

CoryDoctorow

I heard my first speech from Cory Doctorow at the Gartner IAM Summit this morning. He gave an interesting overview of the history of digital copyright law and attempts to enforce limited access by schemes such as Digital Rights Management and encrypted data streams. He expanded beyond this basic overview to discuss how current laws make it illegal to reveal hidden flaws in software and devices. Some points I found particularly thought-provoking include:

  • The 1998 Digital Millennium Copyright Act  which criminalized breaking Digital Rights Management methods, wasn’t very effective, because people who were willing to break existing laws to steal content didn’t mind breaking another law.
  • Current copyright laws designed to make it illegal to know how DRM or encrypted streaming video devices work (e.g. Netflix player devices) also make it illegal to reveal flaws in our computers.
  • These laws may stop honest people, but support bad guys’ efforts to discover and weaponize vulnerabilities.
  • The NSA and its British equivalent spent billions of dollars per year to find vulnerabilities in devices, but don’t reveal what they have found.
  • Back doors to systems (such as government-requested back doors to encryption algorithms) have no allegiance.  We must assume that such back doors will be used for evil as well as good purposes.
  • Be suspicious of any software you cannot audit or inspect. How else can you know what lurks therein?
  • Remember – the capacity for human self-deception is bottomless. Will technology set us free or enslave us?

Interesting ideas worthy of further investigation.  The concept of unintended consequences certainly applied here.

 

Earl Perkins: The Identity of Things for the Internet of Things

Identity, Information Security, Internet of Things
Author: Mark Dixon
Wednesday, December 3, 2014
11:20 am

Buffer

Earl Perkings, Gartner

Yesterday, at the Gartner Identity and Access Management SummitEarl Perkins, Gartner’s Research Vice President in Systems, Security and Risk, gave a thought-provoking talk, proposing that Identity and Access Management as it is today is not going to cut it for the Internet of Things. Some the highlights include (filtered through the lens of my interpretation):

  • IoT can be described as as set of devices that can sense and interact with the world around it. Such devices can sense, analyze, act and communicate.
  • Devices, services and applications are creators or consumers of information, and must join humans in having identities.
  • Architectural concepts of IAM may still hold, but the scale will be vastly larger and must accommodate more than human identities.
  • Perhaps the word “thing” should be replaced by the term “entity”
  • Every entity has an identity
  • We need a model of entities and relationships between these entities.
  • We must address layered hierarchies of identities.
  • We should not separate device management and identity management systems.
  • Identity Management and Asset Management systems will likely converge.
  • Identity and Access Management may become:
    • Entity Relationship Management
    • Entity Access Management
  • We may think of architectures in four levels: things, gateways/controllers, connectivity, applications and analytics.
  • Two major camps of consumption: Enterprise (where more money is currently being spent) and Consumer (which is hot and sexy, but not currently making much money).
  • Strong year-over-year IoT growth is happening in four industry sectors:
    • Automotive – 67% CAGR
    • Consumer – 32% CAGR
    • Vertical specific – 24% CAGR
    • Generic business – 44% CAGR
  • Companies are “throwing jello against the wall” to see what sticks.

I really like Earl’s ideas about convergence of “entities” and “relationships” between entities.  Please note my blog post Identity Relationship Diagrams  posted in March 2013.

I also favor his view that identity management should not be separate from device management.

It will be interesting to see how architectures are transformed and what “jello sticks to the wall” in the coming years.

 

You’re Home at Last, my iPad, You’re Home at Last!

General, Identity
Author: Mark Dixon
Tuesday, August 12, 2014
8:16 am

Buffer

Last Wednesday, a dreaded First World Fear was realized.  During a tight connection between flights at the Dallas – Fort Worth airport, I left my iPad in the seat pocket on my first flight.  I didn’t realize what I had done until I reached into my briefcase for it on my next flight. My heart sank. I use the IPad for so many things. To lose it was a huge disruption in my day to day life, not to mention the cost and hassle of replacement

A call to the DFW lost and found department was not reassuring. I was instructed by the telephone robot to leave a message with contact information and lost item description, and wait.  I dutifully complied, but had real doubts about whether I’d ever see my iPad again.  A conversation with an American Airlines gate agent gave a little bit of hope.  She assured me that every lost item was investigated, and that I should be patient for the process to take its course.

My Monday morning, I had about given up hope.  But then – the phone call – my iPad had been found!  I had activated the “Find my iPhone” feature, which caused my phone number to be displayed when ever the device was turned on.  The lost and found agent called me, verified that the device was indeed mine and arranged for it to be returned to me by Fedex. Then things got interesting …

Soon after I received the happy phone call, I received an email, also informing me that the iPad had been found – another nice feature of Find my iPhone.  

Ipaddfw

Apparently, when a device is in the “lost” mode, it will continue to wake up periodically and attempt to send its location via email.  I have received 18 emails to that effect since the iPad was first found yesterday morning, each with a little map pinpointing its current location.

I really enjoyed tracking the iPad’s progress as it found its way back to me via my iPhone’s Find My iPhone app.  In the photos below, you can see my iPad’s circuitous journey around DFW yesterday, its flight to the Fedex hub and back to Phoenix overnight, and the fairly direct route to my home by 7:33 this morning!

Ipad1Ipad2Ipad3

So, in addition to getting my treasured iPad back, I received an object lesson in the value of mobile location services!  We live in wonderful times!

 

“Wink” at The Home Depot: Emerging #IoT Ecosystem?

Internet of Things
Author: Mark Dixon
Thursday, July 10, 2014
6:10 pm

Buffer

Today, I learned from a USA Today article that The Home Depot and Amazon.com have begun to offer home automation devices that work with the Wink app and home automation Wink Hub

Boosting your home’s IQ got easier Monday as The Home Depot began selling a collection of nearly 60 gadgets that can be controlled by mobile devices, including light bulbs, lawn sprinklers and water heaters.

I quickly found that homedepot.com offers more Wink devices on line that does Amazon.com - interesting that the orange bastion of brick and mortar DIY sales seems to be besting Amazon at its own game!

I jumped in my pickup and drove to the nearest Home Depot store - and there it was – a Wink end cap, stationed right between the aisles offering water heaters and replacement toilets. The display wasn’t pretty, but it was there.  I could have loaded up a cart full of water sprinkler controllers, video cameras, door locks, smoke alarms, LED lights, motion sensors and more – all controllable via Wink. Pretty impressive, actually.

HomeDepotWink

Two things are significant here:

  1. The Wink ecosystem for connecting many devices from multiple vendors seems to be emerging more quickly than systems promised by Apple and Google.
  2. The Home Depot is the epitome of American mainstream – making it available to the common folks, not just techno-geeks.  Heck, I was in the Home Depot store three times last Saturday alone to pick up stuff. That’s mainstream.

It is going to be really interesting to see how this stuff becomes part of “The Fabric of our Lives.”

 

The Zen of #IoT: The Fabric of our Lives

Internet of Things
Author: Mark Dixon
Thursday, July 10, 2014
5:10 pm

Buffer

Cotton

When I was a young engineering student at Brigham Young University, I had a physics professor who loved to promote what he called the “Zen of Physics.”  As I recall, he proposed that if we studied the right way and meditated the right way on the virtues of physics, we would reach a state of enlightenment about his beloved area of scientific thought.

As an engineering student more interested in practical application than theoretical science, I never did reach the level of enlightenment he hoped for, although I do remember some exciting concepts related to black holes and liquid nitrogen.

This last week, as I was pondering the merits of the Internet of Things, I had a Zen-like moment, an epiphany or moment of enlightenment of sorts, as I was mowing the lawn, of all things.

My thought at that moment?  The real value of the Internet of Things will become apparent when we find that this technology becomes woven seamlessly and invisibly into “The Fabric of our Lives.”

The Fabric of our Lives” is actually a trademark of the Cotton Industry, so I can’t claim originality, but I think the concept is interesting.  When we come to realize that technology fits us as naturally and comfortably as a favorite old cotton shirt, we tend to forget about the technology itself, but enjoy the benefits of what has slowly become an integral part of ordinary living – woven into the fabric of every day life.

When I had my little epiphany last Saturday, I had forgotten my post from April 1, 2013, entitled, “IoT – Emerging and Receding Invisibly into the Fabric of Life.”  What my Zen moment added is the idea that real value to us as humans is realized not when the first flashy headlines appear, but when the technology recedes quietly into the everyday fabric of our lives.

When I think of technology that has emerged since my childhood and then proceeded to become commonplace, I am amazed: microwave ovens, digital cameras, color television, satellite communications, cable/satellite TV, personal computers, the Internet, social media, smart phones and much more.  Each one of these progressed from being novelties or the stuff of techno-geeks to becoming mainstream threads in the everyday fabric of life.

So it will be with IoT. We talk a lot about it now.  We techno-geeks revel in the audacious beautify of it all.  Just about every publication in the world has something to say about it.  But as first a handful, and then many, of the devices and concepts become commonly accepted, they too will become invisible, but highly valuable threads woven ubiquitously into “The Fabric of our Lives.”

 
 
 
 
 
Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.