[Log In] []

Exploring the science and magic of Identity and Access Management

Whenever I hear anyone arguing for slavery, I feel a strong impulse to see it tried on him personally. — Abraham LIncoln

Friday, December 19, 2014

Cory Doctorow:Will Technology Set Us Free or Enslave Us?

Identity
Author: Mark Dixon
Wednesday, December 3, 2014
12:10 pm

Buffer

CoryDoctorow

I heard my first speech from Cory Doctorow at the Gartner IAM Summit this morning. He gave an interesting overview of the history of digital copyright law and attempts to enforce limited access by schemes such as Digital Rights Management and encrypted data streams. He expanded beyond this basic overview to discuss how current laws make it illegal to reveal hidden flaws in software and devices. Some points I found particularly thought-provoking include:

  • The 1998 Digital Millennium Copyright Act  which criminalized breaking Digital Rights Management methods, wasn’t very effective, because people who were willing to break existing laws to steal content didn’t mind breaking another law.
  • Current copyright laws designed to make it illegal to know how DRM or encrypted streaming video devices work (e.g. Netflix player devices) also make it illegal to reveal flaws in our computers.
  • These laws may stop honest people, but support bad guys’ efforts to discover and weaponize vulnerabilities.
  • The NSA and its British equivalent spent billions of dollars per year to find vulnerabilities in devices, but don’t reveal what they have found.
  • Back doors to systems (such as government-requested back doors to encryption algorithms) have no allegiance.  We must assume that such back doors will be used for evil as well as good purposes.
  • Be suspicious of any software you cannot audit or inspect. How else can you know what lurks therein?
  • Remember – the capacity for human self-deception is bottomless. Will technology set us free or enslave us?

Interesting ideas worthy of further investigation.  The concept of unintended consequences certainly applied here.

 

Earl Perkins: The Identity of Things for the Internet of Things

Identity, Information Security, Internet of Things
Author: Mark Dixon
Wednesday, December 3, 2014
11:20 am

Buffer

Earl Perkings, Gartner

Yesterday, at the Gartner Identity and Access Management SummitEarl Perkins, Gartner’s Research Vice President in Systems, Security and Risk, gave a thought-provoking talk, proposing that Identity and Access Management as it is today is not going to cut it for the Internet of Things. Some the highlights include (filtered through the lens of my interpretation):

  • IoT can be described as as set of devices that can sense and interact with the world around it. Such devices can sense, analyze, act and communicate.
  • Devices, services and applications are creators or consumers of information, and must join humans in having identities.
  • Architectural concepts of IAM may still hold, but the scale will be vastly larger and must accommodate more than human identities.
  • Perhaps the word “thing” should be replaced by the term “entity”
  • Every entity has an identity
  • We need a model of entities and relationships between these entities.
  • We must address layered hierarchies of identities.
  • We should not separate device management and identity management systems.
  • Identity Management and Asset Management systems will likely converge.
  • Identity and Access Management may become:
    • Entity Relationship Management
    • Entity Access Management
  • We may think of architectures in four levels: things, gateways/controllers, connectivity, applications and analytics.
  • Two major camps of consumption: Enterprise (where more money is currently being spent) and Consumer (which is hot and sexy, but not currently making much money).
  • Strong year-over-year IoT growth is happening in four industry sectors:
    • Automotive – 67% CAGR
    • Consumer – 32% CAGR
    • Vertical specific – 24% CAGR
    • Generic business – 44% CAGR
  • Companies are “throwing jello against the wall” to see what sticks.

I really like Earl’s ideas about convergence of “entities” and “relationships” between entities.  Please note my blog post Identity Relationship Diagrams  posted in March 2013.

I also favor his view that identity management should not be separate from device management.

It will be interesting to see how architectures are transformed and what “jello sticks to the wall” in the coming years.

 

You’re Home at Last, my iPad, You’re Home at Last!

General, Identity
Author: Mark Dixon
Tuesday, August 12, 2014
8:16 am

Buffer

Last Wednesday, a dreaded First World Fear was realized.  During a tight connection between flights at the Dallas – Fort Worth airport, I left my iPad in the seat pocket on my first flight.  I didn’t realize what I had done until I reached into my briefcase for it on my next flight. My heart sank. I use the IPad for so many things. To lose it was a huge disruption in my day to day life, not to mention the cost and hassle of replacement

A call to the DFW lost and found department was not reassuring. I was instructed by the telephone robot to leave a message with contact information and lost item description, and wait.  I dutifully complied, but had real doubts about whether I’d ever see my iPad again.  A conversation with an American Airlines gate agent gave a little bit of hope.  She assured me that every lost item was investigated, and that I should be patient for the process to take its course.

My Monday morning, I had about given up hope.  But then – the phone call – my iPad had been found!  I had activated the “Find my iPhone” feature, which caused my phone number to be displayed when ever the device was turned on.  The lost and found agent called me, verified that the device was indeed mine and arranged for it to be returned to me by Fedex. Then things got interesting …

Soon after I received the happy phone call, I received an email, also informing me that the iPad had been found – another nice feature of Find my iPhone.  

Ipaddfw

Apparently, when a device is in the “lost” mode, it will continue to wake up periodically and attempt to send its location via email.  I have received 18 emails to that effect since the iPad was first found yesterday morning, each with a little map pinpointing its current location.

I really enjoyed tracking the iPad’s progress as it found its way back to me via my iPhone’s Find My iPhone app.  In the photos below, you can see my iPad’s circuitous journey around DFW yesterday, its flight to the Fedex hub and back to Phoenix overnight, and the fairly direct route to my home by 7:33 this morning!

Ipad1Ipad2Ipad3

So, in addition to getting my treasured iPad back, I received an object lesson in the value of mobile location services!  We live in wonderful times!

 

#IoT for Employee Management

Identity, Internet of Things
Author: Mark Dixon
Monday, May 12, 2014
4:27 pm

Buffer

Ready to monitor, track and analyze employee behavior using the latest IoT technology?  Just ask Dilbert (aka Employee 3452378).

Dilbert 140511

 

KuppingerCole: Information Security Predictions and Recommendations 2014

Cloud Computing, Identity, Information Security, Internet of Things
Author: Mark Dixon
Thursday, December 19, 2013
2:53 pm

Buffer

Kuppingercole

Kuppinger Cole just released an insightful Advisory Note: “Information Security Predictions and Recommendations 2014.”  The introduction stated:

Information Security is in constant flux. With the changing threat landscape, as well as a steary stream of new innovations, demand for Information Security solutions is both growing and re-focusing.

I like both the predictions and recommendations in this report.  Here are a few excerpts from my favorite recommendations:

Cloud IAM (Identity and Access Management)

Define an IAM strategy for dealing with all types of users, devices, and deployment models that integrates new Cloud IAM solutions and existing on-premise IAM seamlessly.

API Economy

Before entering this brave, new world of the API “Economy”, define your security concept first and invest in API Security solutions. Security can’t be an afterthought in this critical area.

IoEE (Internet of Everything and Everyone)

Before starting with IoEE, start with IoEE security. IoEE requires new security concepts, beyond traditional and limited approaches.

Ubiquitous Encryption

Encryption only helps when it is done consistently, without leaving severe gaps.

The whole paper is well worth reading.  Hopefully, this post whetted your appetite a little bit.

 

Great Book – Age of Context: Mobile, Sensors, Data and the Future of Privacy

Identity, Privacy, Technology
Author: Mark Dixon
Tuesday, October 29, 2013
10:24 pm

Buffer

Ageofcontext

This evening, I finished reading a fascinating book, “Age of Context: Mobile, Sensors, Data and the Future of Privacy,” by Robert Scoble and Shel Israel.

Scoble and Israel propose that we are in the midst of a perfect storm:

Our perfect storm is composed not of three forces, but five, and they are technological rather than meteorological: mobile devices, social media, big data, sensors and location-based services. … they’re already causing disruption and making waves. As discrete entities, each force is already part of your life. Together, they have created the conditions for an unstoppable perfect storm of epic proportion: the Age of Context.

I have long been fascinated with the concept of context. I first mentioned context as an important factor in Identity Management in July, 2005,  as I blogged about the Catalyst Conference.  During my years with Sun Microsystems, we often spoke about “context-aware, blended services” being delivered via mobile devices.  For example, in September, 2008, one of my blog posts entitled, “Sensor-triggered Personalized Services,” stated, in part:

Project Destination, an initiative I lead for Sun, is all about providing the infrastructure to deliver highly personalized, context-aware, blended services to online users across the “screens of your life.” When you couple sensor technologies with Identity, personalization and service orchestration techniques, you can get some powerful results.

It is great to see the progression and refinement of that concept.  I sense we are barely scratching the surface of possibilities in this arena.  Lot of fun ahead!

 

Internet of … Cows!

Identity, Internet of Things
Author: Mark Dixon
Thursday, September 26, 2013
7:10 pm

Buffer

Cow

In his keynote speech at Oracle Open World today, Dr. Thomas Kiessling, Chief Product and Innovation Officer of Deutsche Telekom reviewed his company’s emerging business in M2M.  One use case he described has been referred to in some circles as the “Connected Cow.” Current technology allows dairy cows to be electronically tagged for identification and equipped with temperature sensors to detect the optimum time for breeding. This can help big dairies be more efficient and productive.

When I grew up on a small dairy farm in Idaho, we weren’t nearly so high tech! But now, as we grapple with the challenges of how to administer the expanding universe of people and devices in the Internet of Things, we should also think about how to connect cows and other animals to the Internet!  After milk cows, what will be next?  Dogs and cats?  Pet hamsters?

We have quite a few milk cows in the US (about 9 million), but we have about 78 million pet dogs and 86 million cats   If we connect all them to the Internet, just think of what we could do!

But I wonder how we would establish identity trust relationships with all these connected creatures!

 

IoT: A Market Landscape

Identity, Information Security, Internet of Things, Privacy
Author: Mark Dixon
Friday, August 9, 2013
12:14 pm

Buffer

Gigaom

Today I read an informative paper published by GigaOM Research entitled, “The Internet of Things: A Market Landscape.”  I find The Internet of Things to be the most interesting area of technology and business in my professional world today.  This paper did an excellent job of providing an overview of the IoT landscape and highlighting both opportunities and challenges.

A few things that I found intriguing:

IoT is not just new technology:

The internet of things is not a single technology trend. Rather, it is a way of thinking about how the physical world at large and the objects, devices, and structures within it are becoming increasingly interconnected.

The market is moving rapidly to mind-boggling scale:

  1. Some 31 billion internet-connected devices will exist by 2020, according to Intel.
  2. A family of four will move from having 10 connected devices in 2012 to 25 in 2017 to 50 in 2022.
  3. Mobile subscriptions will exceed the number of people in the world by early 2014.

Identity is first on the list of important characteristics:

For things to be manageable, they need to be identifiable either in terms of type or as a unique entity. … Identification by type or by instance is fundamental to the internet of things.

The power of IoT comes from connectivity, not just individual components:

The internet of things is an ultra-connected environment of capabilities and services, enabling interaction with and among physical objects and their virtual representations, based on supporting technologies such as sensors, controllers, or low-powered wireless as well as services available from the wider internet.

The biggest challenges?  Security, monitoring and surveillance:

Computer security, say the experts, boils down to protecting the confidentiality, integrity, and availability of both data and services. With the internet of things looking set to create all manner of data, from heart rate and baby monitors to building management systems, there is clearly going to be a great deal to protect. …

The internet of things enables the whole world to be monitored. …  the potential for the inappropriate use of such technologies — for example, to spy on partners or offspring — will grow. In the business context as well, the role of the internet of things offers a wealth of opportunity but also of abuse.

The bottom line?  The possibilities are vast, the challenges daunting, but IoT is happening.  It will be great to go along for the ride.

 

Identity
Author: Mark Dixon
Tuesday, August 6, 2013
4:45 pm

Buffer

Ripplelogo

This afternoon I completed a second step in an interesting exercise.  A couple of months ago, after reading about various alternative currencies, such as BitCoin, I signed up for an account with Ripple.com  which was born of an idea to use a decentralized currency system, base on the Ripple protocol for a payment network:

In its developed form, the Ripple network is intended to be a peer-to-peer distributed social network service with a monetary honour system based on trust that already exists between people in real-world social networks; this form is financial capital backed completely by social capital. 

Ripple uses the Ripple currency, XRP (sometimes called ripples).

I don’t understand the potential uses or the pros and cons of such a network, but I thought it would be interesting to see how they handled security and identity.

ScanSwap

As of this afternoon, I now have a Ripple wallet at Ripple.com, and an account at SnapSwap, a new US-based Ripple gateway, that is linked to a personal bank account.  I have 2,500 Ripples in my wallet, placed there as rewards for signing up with Ripple.com and SnapSwap.  I think at the current exchange rate, all those Ripples are worth about USD $10. 

Somehow in this system, I am supposed to be able to exchange dollars for ripples and vise versa, but I haven’t figured out why I would want to.  Any ideas?

 

Tony Robbins: Finding Your True Identity

Identity
Author: Mark Dixon
Thursday, August 1, 2013
5:01 pm

Buffer

Identitymask

A link to an uplifting post by Tony Robbins caught my eye this morning – a post about Identity, but not about the digital type – about how we define ourselves.  I was inspired by these words from the post, “The Meaning of Life: Finding your True Identity:”

People have enormous capabilities beyond what’s thought to be possible. The power to tap into our tremendous potential comes from our identity: how we define ourselves, and what believe we can achieve.

Six “Key Principles of Identity” are proposed:

  1. Identity is the most important power that determines our actions.
  2. Once we know who we are, we must learn to be ourselves.
  3. Sometimes, people maintain the illusion that their behavior decides who they really are.
  4. When you take responsibility, you restore your identity.
  5. The fastest way to expand our identity is to do something that’s inconsistent with our current self-image.
  6. Our personal identities are in a constant state of evolution.

Knowing who I am is foundational for my life. I really believe that.

 
 
 
 
 
Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.