It was 100 years ago today that the Computing Tabulating Recording Corporation was incorporated through a merger of four companies: the Tabulating Machine Company, the International Time Recording Company, the Computing Scale Corporation, and the Bundy Manufacturing Company.  It’s name was later changed to International Business Machines Corporation.  Today we salute IBM for its innovation and endurance, its ability to remake itself time after time, and for leading the way to the era of modern computing which we now enjoy.

I highly recommend that you read the ZDNet Article, “IBM at 100: 15 inflection points in history” and step through the accompanying photo gallery, “IBM: 100 years of THINKing big.”

I love old photos of the big panels with so many flashing lights.  And that guy probably knows what each of those lights means!

Now that is some crystal ball!

I wonder if the Wizard of Id could get one for me?  We could open a new business: HeavenlyTweets.com. (Alas.  Someone has already camped out on that domain.)

Last month, I created a series of posts (one, two, three) about the Internet of Things.  I turns out that one of my colleagues who inspired that series of blog posts is now employed by Tendril, a company that is involved in this Internet of Things business for real.

According to their press release footer:

Tendril is a leading energy platform company that is helping to drive the large-scale deployment of the Smart Grid through the development of forward-thinking solutions as well as its work to establish industry protocols. The Tendril platform provides an open standards-based, scalable and secure end-to-end solution for the Energy Internet – the network for existing and upcoming Smart Grid technologies. With applications, products and services enabled by the platform, Tendril creates a dialogue and marketplace between energy providers, consumers and the energy ecosystem.

The Smart Grid concept will certainly be involved in attaching lots of devices to the Internet. For one intriguing project, Tendril has teamed with Whirlpool to focus on the roll-out of smart home appliances in the US. For example,

For a refrigerator to actively manage its energy consumption, it must be able to quickly, reliably and seamlessly communicate with the electric utility company. … In this case, the refrigerator will automatically move its defrost cycle to a non-peak time without impacting the performance of the appliance.

I like the idea of having smart appliances coordinate with the electric utility to save energy and reduce my energy bill. It will be great to see what companies like Tendril will do to productively contribute to the Internet of Things.

From the Geek & Poke archives … if she won’t friend you on Facebook, you can follow her on Twitter.

Isn’t that stalking?

I had an interesting Twitter conversation recently with @steve_lockstep and @NishantK about Identity Assurance.  It began with Steve’s comment about how Facebook identities were of little worth, unfit to use with valuable transactions.  Nishant suggested that most Relying Parties (RP’s) are content with “soft” identities that have to with personal likes and interests, while significantly fewer RP’s rely on “hard” identities.

Nishant’s observation about “hard” and “soft” identities made me think of the Mohs Mineral Hardness Scale, which assigns an “absolute” hardness value to different minerals.  Wikipedia’s article uses the following table to illustrate this concept:

Perhaps we could suggest a corresponding mineral and hardness value to each of NIST’s standard four Levels of Assurance (LOA) shown in the following table.

Steve stated on Twitter that “I’m preoccupied with hard identity: doctors, lawyers, bank accts, patients”: scenarios where Facebook just doesn’t work. We could say that Steve is dealing in diamonds (level 4), but Facebook only offers talc (level 1).  Having a tangible example helps illustrate the somewhat ethereal LOA concept.  And over time, perhaps we can come up with a more definitive way to measure just how hard a particular Identity Assurance process really is.

As a parting thought: I have suggested minerals match NIST Assurance Levels 1 and 4.  What would you suggest for the other two?

On June 14th, the PCI Security Standards Council announced publication of the PCI DSS Virtualization Guidelines Information Supplement, which “provides guidance to those in the payment chain on the use of virtualization technology in cardholder data environments in accordance with PCI DSS.”

The introductory section in this document outlines four principles associated with the use of virtualization in cardholder data environments:

1. If virtualization technologies are used in a cardholder data environment, PCI DSS requirements apply to those virtualization technologies.
2. Virtualization technology introduces new risks that may not be relevant to other technologies, and that must be assessed when adopting virtualization in cardholder data environments.
3. Implementations of virtual technologies can vary greatly, and entities will need to perform a thorough discovery to identify and document the unique characteristics of their particular virtualized implementation, including all interactions with payment transaction processes and payment card data.
4. There is no one-size-fits-all method or solution to configure virtualized environments to meet PCI DSS requirements. Specific controls and procedures will vary for each environment, according to how virtualization is used and implemented.

After giving an overview of virtualization, the report sets forth a detailed review of risks inherent in a virtualized environment and specific recommendations about how to deal with those risks.

The document’s appendix describes in detail how each of the 12 broad PCI security controls that are mandated for logical environments need to be applied in a virtual setting.

I have long thought the PCI DSS specification to be a good example of how an industry regulates itself.  The Virtualization Guidelines document shows once again how the payments industry is in step with recent trends in Information Technology.

The National Institute of Standards and Technology (NIST) has released its 2010 Computer Security Division Annual Report. Donna Dodson, Chief, Computer Security Division & Deputy Chief Cybersecurity Advisor offers the following in her welcome statement:

The Computer Security Division (CSD), a component of NIST’s Information Technology Laboratory (ITL), conducts research, development and outreach necessary to provide standards and guidelines,  tools, metrics and practices to protect our nations information and  communication infrastructure.

In fiscal year (FY) 2010, CSD continued to build on its work in security management and assurance, cryptography and systems security, identity management and emerging security technologies.   CSD played a vital role in both national and international security  standard setting.  The division continues its leadership role in technologies and standards for Cloud Computing, Identity Management and as a Government Wide Leader and national coordinator  for the National Initiative for Cybersecurity Education (NICE).  In addition, this year marked the publication of NIST Interagency Report  (NISTIR) 7628,  Guidelines for Smart Grid Security, which identifies  security requirements applicable to the Smart Grid, security-relevant use cases, logical interface diagrams and interface categories,  vulnerability classes abstracted from other relevant cyber security  documents, specific issues applicable to the Smart Grid, and privacy concerns. We also continued to provide reference specifications  in multiple areas, allowing others to leverage our work to increase  the security of their systems and products.

…
Looking forward to FY2011, CSD plans to continue its work in information security, producing standards, guidelines, technical reference materials and specifications to improve the information security management of systems across the Nation and around the  world.

By the way, this report has the coolest front cover of any government report in recent history.  The image shown above is but a small excerpt.  Not that this has anything to do with the contents of the report or anything …

Fortunately, Geek&Poke takes us right to the heart of the issue …

… IT-Business Alignment, of course!

On Monday, the White House released a policy paper entitled, “A Policy Framework for the 2st Century Grid: Enabling Our Secure Energy Future.”  This report sets forth policy recommendations that build upon the Energy Independence and Security Act of 2007 and the Obama Administration’s smart grid investments to foster long-term investment, job growth, innovation, and help consumers save money.

The document’s foreword states:

A smarter, modernized, and expanded grid will be pivotal to the United States’ world leadership in a clean energy future. This policy framework focuses on the deployment of information and communications technologies in the electricity sector As they are developed and deployed, these smart grid technologies and applications will bring new capabilities to utilities and their customers In tandem with the  development and deployment of high-capacity transmission lines, which is a topic beyond the scope  of this report, smart grid technologies will play an important role in supporting the increased use of  clean energy.

A 21st century clean energy economy demands a 21st century grid. Much of the traditional electricity  infrastructure has changed little from the original design and form of the electric grid as envisioned by Thomas Edison and George Westinghouse at the end of the 19th century (EEI 2011, p6). In a 21st  century grid, smart grid technologies will help integrate more variable renewable sources of electricity,  including both utility scale generation systems such as large wind turbines and distributed generation systems such as rooftop solar panels, in addition to facilitating the greater use of electric vehicles and  energy storage. Moreover, such technologies will help enable utilities to manage stresses on the grid, such as peak demand, and pass savings on to consumers as a result.

The report introduction explains further:

The Federal Government, building on the policy direction set forth in the Energy Independence and Security Act of 2007 and the Recovery Act’s historic investments in innovation, offers this policy framework to chart a path forward on the imperative to modernize the grid to take advantage of opportunities made possible by modern information, energy, and communications technology.

The report concludes:

Smart grid technologies and programs represent an evolution in how our electricity system operates. As this report highlights, this transition offers significant promise for utilities, innovators, consumers,and society at large. This document has outlined four essential pillars that will enable the United Statesto transition to a smarter grid:

1. Enable Cost-Effective Smart Grid Investments: Smart grid technology can drive improvements in system efficiency, resiliency, and reliability, and help enable a clean energy economy through cost-effective grid investments. Many of these technologies promise to pay for themselves in operational improvements, and energy savings. The Federal Government’s research,development and demonstration projects, technical assistance, information sharing on technologies and programs, and evaluations provide valuable guidance for utilities, consumers, and regulators about what approaches are the most cost-effective, thereby paving the way for theeffective, ongoing upgrade of the grid.
2. Unlock the Potential of Innovation in the Electricity Sector: A modernized electric grid promises to be a powerful platform for new products and services that improve grid operations and deliver comfort, convenience, and savings to energy customers.
3. Empower Consumers and Enable Informed Decision Making: The success of smart grid technologies and applications depends on engaging and empowering both residential and small business consumers. New tools and programs promise to provide consumers personalized information and equip them to make informed energy choices, while ensuring their energyconsumption data is accorded privacy protections.
4. Secure the Grid: Protecting the electric system from cyber attacks and ensuring it can recover when attacked is vital to national security and prosperity. Developing and maintaining threat awareness and rigorous cybersecurity guidelines and standards are keys to a more secure grid.

The current electric grid and the proposed smart grid are fascinating to me.  From my perspectives as a residential customer, a security professional and an old electrical engineer, it seems incredible that the old system we have works so well. At the same time, the emerging smart grid system should  have great benefits for us all … and provide huge employment opportunities to those involved for many years to come.

On June 9th, the Federal Communications Commission issued  an interesting document, “The Information Needs of Communities – The Changing Media Landscape In A Broadband Age,” authored by Steven Waldman and The Working Group On Information Needs Of Communities.  (A two-page summary of the document is available here.)

The document introduction states:

In culmination of its work over the last year, the FCC Working Group on the Information Needs of Communities delivered a report on June 9, 2011 addressing the rapidly changing media landscape in a broadband age. In 2009, a bipartisan Knight Commission found that while the broadband age is enabling an information and communications renaissance, local communities in particular are being unevenly served with critical information about local issues.

Soon after the Knight Commission delivered its findings, the FCC initiated a staff-level working group to identify crosscurrent and trend, and make recommendations on how the information needs of communities can be met in a broadband world.

I enjoyed reading the statement by FCC Commissioner Michael J. Copps that accompanied the document’s release; here are a few excerpts:

Let’s begin with a basic truth: the future of our country’s media is an issue that goes to the heart of our democracy. A well-informed electorate is the premise and prerequisite of functioning self-government. To make this compact work, it is imperative that the FCC play a vital role in helping to ensure that all Americans have access to diverse and competing news and information that provide the grist for democracy’s churning mill.

…

The Digital Age holds amazing promise for expanding the scope of our democratic discourse. The Staff Report recognizes this and the present Commission has focused tremendous energy on both broadband deployment and adoption. But let’s recognize up-front that building a new town-square paved with broadband bricks and stacked with good news and information is not going to happen on auto-pilot.

…

An open Internet is not the entire solution for robust Twenty-first century journalism. It’s tougher than that, and I, for one, don’t believe we’ll get there absent some positive public policy solutions. We have never had successful dissemination of news and information in this country without some encouraging public policy guidance, going back to the earliest days of the young republic when Washington, Madison and Jefferson saw to it that newspaper were financially able to reach readers all across the fledgling young republic.

…

These issues mean a lot to me because I believe they mean a lot to our country. I have been outspoken about them–and sometimes blunt, I know. I intend to keep speaking out on them in the months and, if needed, the years ahead. This nation faces  stark and threatening challenges to the leadership that brought us and the world successfully through so many dire threats in the century just past. Now we confront fundamental new uncertainties about the revival of our economy, where new jobs will come from, how we will prosper in a hyper-competitive global arena, how to support the kind of education that our kids and grandkids will need to thrive–indeed to survive–in this difficult time, how to open the doors of opportunity to every American, no matter who they are, where they live, or the particular circumstances of their individual lives.We’ve got a lot to get on top of as a country and if we don’t have the facts, don’t have the information, and don’t have the news about what’s going on in the neighborhood and the town and the nation and world around us, our future will be vastly diminished. That’s why so much rides on the future of what we are talking about today.

I think these are valuable objectives, but it isn’t clear where this document will lead.  One author commented, “FCC Report on Media Offers Strong Diagnosis, Weak Prescriptions.”

I personally feel sensitive to this changing landscape.   I love the innovation of the USA Today and Wall Street Journal iPad apps, but I still enjoy reading the local paper-based newspaper over breakfast.  But my favorite local newspaper went out of business a couple of years ago, and the surviving newspaper is steadily shrinking in size.  This local newspaper’s online presence falls far short of the USA Today/WSJ readability model.  It will be interesting to see how this all plays out.

To start with, I think I’ll transfer the whole 465-page report to my iPad and read it there.

PS.  I think the FCC has an ugly logo.  That’s all.