In his keynote speech at Oracle Open World today, Dr. Thomas Kiessling, Chief Product and Innovation Officer of Deutsche Telekom reviewed his company’s emerging business in M2M.  One use case he described has been referred to in some circles as the “Connected Cow.” Current technology allows dairy cows to be electronically tagged for identification and equipped with temperature sensors to detect the optimum time for breeding. This can help big dairies be more efficient and productive.

When I grew up on a small dairy farm in Idaho, we weren’t nearly so high tech! But now, as we grapple with the challenges of how to administer the expanding universe of people and devices in the Internet of Things, we should also think about how to connect cows and other animals to the Internet!  After milk cows, what will be next?  Dogs and cats?  Pet hamsters?

We have quite a few milk cows in the US (about 9 million), but we have about 78 million pet dogs and 86 million cats   If we connect all them to the Internet, just think of what we could do!

But I wonder how we would establish identity trust relationships with all these connected creatures!

To prepare for my first meeting with Ann Cavoukian earlier this year, I drafted a brief table which proposed a set of principles for Security by Design that aligned with the well-know foundational principles for Privacy by Design. It seemed to me that this would provide a starting point for exploring how security both supported and benefited from Privacy by Design principles.  I published that draft table on my blog back in March of this year.

After reviewing the draft table, Ann asked me to work with her on a paper to amplify this alignment concept.  The result was the paper, “Privacy and Security by Design: An Enterprise Architecture Approach” which was published earlier this week.

The table I originally drafted became the following table published in the final paper:

In the following video, Dr. Ann Cavoukian describes the paper I was privileged to co-author with her.

More information and a download link is available here.

Today, we are pleased to announce publication of a paper entitled “Privacy and Security by Design: An Enterprise Architecture Approach,” which I co-authored with Ann Cavoukian, Ph.D., Information & Privacy Commissioner, Ontario, Canada.

In the foreword to the paper, Dr. Cavoukian wrote:

In an earlier paper with Oracle, we discussed the convergence of paradigms between the approach to privacy I have long championed called Privacy by Design, and a similar approach to security called ‘Security by Design.’ The current and future challenges to security and privacy oblige us to revisit this convergence and delve deeper. As privacy and security professionals, we must come together and develop a proactive approach to security – one that is indeed “by design.” To this end, I am delighted to be partnering with Mark Dixon, Enterprise Architect, Information Security, at Oracle Corporation, on this joint paper.

This paper has two key objectives:

• Define a set of foundational “Security by Design” principles that are modelled upon and support the 7 foundational principles of Privacy by Design.
• Illustrate an enterprise-level process for defining and governing the strategic journey of Security by Design through an enterprise architecture approach.

To achieve these objectives, the paper includes the following major sections:

• Foundational Principles of Privacy by Design
• Foundational Principles of Security by Design
• The Enterprise Security Journey
• Conclusion

The conclusion states:

“In this paper, we explored the strong synergy that exists between the related disciplines of privacy and security. While on the one hand, strong security is essential to meet the objectives of privacy, on the other hand, well-known privacy principles are valuable in guiding the implementation of security systems. On the basis of this synergy, we defined a set of foundational principles for Security by Design that are modeled upon and support the foundational principles of Privacy by Design. …

“On the basis of this new Security by Design approach, we then developed an enterprise-level process for defining, governing and realizing a ‘by design’ approach to security. In order to become a reality for enterprises, Security by Design requires strong leadership and continuous goal-setting. However, Enterprise Architecture is an ongoing journey, not a single project or disjointed set of loosely related projects. Our discussion found that if an EA framework is followed to define an EA security strategy in harmony with the holistic, interdisciplinary principles of Privacy by Design and Security by Design, and if a formal governance process is implemented to guide and govern the journey, then an enterprise can be proactive, rather than reactive, in addressing any security concerns.

We hope this paper will assist enterprises to deliver stronger security and better privacy, for all of their stakeholders – a win/win proposition.

Thirty six years ago this month, I commenced my senior year in college and Voyager 1 was launched. Yesterday’s article in the Washington Post stated, 

The tireless Voyager I spacecraft, launched in the disco era and now more than 11 billion miles from Earth, has become the first man-made object to enter interstellar space.

Instruments on this spacecraft, powered by the radioactive decay of Plutonium 238, are expected to continue operating until 2025 – pumping back information from where no man has gone before.  Pretty cool stuff!

It was an honor today to be announced as a Privacy by Design Ambassador by the Information and Privacy Commissioner of Ontario, Canada:

Privacy by Design Ambassadors are an exclusive, but growing, group of privacy thought-leaders committed to ensuring the ongoing protection of personal information by following the Principles of PbD.  Ambassadors advance the case for embedding privacy protective measures in technology, processes and physical design. …

The Information and Privacy Commissioner of Ontario (IPC) is an independent officer of the Legislature whose mandate is to oversee compliance with public sector access and privacy legislation and health sector privacy legislation in the province of Ontario.

The IPC recognizes ambassadors based on their attestations that they apply the principles of Privacy by Design. The IPC does not endorse any company or product of any recognized ambassador.

It was humbling to be listed among others whom I admire and respect for their contributions to the industry we serve.

I have deeply appreciated the opportunity to work closely with Dr. Ann Cavoukian and her staff on a soon to be announced joint paper on principles of privacy and security.  I look forward to announcing and discussing this paper soon.

In response to a Tweet I recently posted about my #YellowJeepProject weight loss journey, Shannon O’Keefe suggested that I should take a look at the QNX Jeep Wrangler Reference vehicle. What a cool way to show off the “QNX CAR Platform for Infotainment“!

The QNX CAR Platform for Infotainment is a unique set of pre-integrated and optimized technologies from QNX Software Systems and dozens of ecosystem partners. Designed for flexibility, this unique platform provides development teams with a variety of options for building reliable world-class infotainment systems that keep pace with ongoing advancements in mobile device markets.

All of a sudden, I sensed a great convergence between my interest in the Internet of Things and my personal love for Jeeps.  What a great idea to have such leading edge, Internet-ready technology showcased in a vehicle that has become symbolic of freedom and adventure.  I’m sure those innovative folks who designed the first Jeep 72 years ago didn’t have a clue of what we are seeing now! It is stuff like this that moves us closer and closer to make connected cars a reality.

I enjoyed a subsequent exchange with Paul Leroux,  who authored the blog post about the Jeep reference vehicle.  I learned that both Shannon and Paul had offered their own garages to park the Jeep, so I knew better than to request that privilege.  I hope to see it sometime while it is on tour, or somehow wrangle (pun intended) a trip to its home base in Ottawa.

A short video about the making of the QNX reference vehicle is fun to watch.  Now, I could only convince the QNX folks to paint the Jeep yellow!

My last post addressed my baby steps with wearable IoT devices.  The IoT device in this post is a bit more stationary.

Last year, I installed an attic fan to help drive hot air out of my attic.  This is part of my ongoing effort to minimize energy costs due to the famous Arizona (dry) heat.  Controlled by a simple thermostat, the fan comes on automatically when the temperature in my attic exceeds about 90 degrees.

Two problems: 1) In the hot Arizona summer, it runs virtually all of the time, and 2) the fan is not very quiet, despite my attempts to muffle the noise, so it tends to disturb the quiet of the night.

So, I looked for a solution to allow me to turn the fan off remotely if I got tired of the rumbling noise in the middle of the night.  The makers of my new alarm system claimed to have a great solution that would allow me to control the fan via the same iPhone interface I use to arm, disarm and monitor the alarm system.  But alas, I was faced with a device purchase, installation fees and monthly enhancements to my alarm bill.

So … I decided to purchase a WeMo switch  which proved to be less expensive, with no monthly fees, and an absolute breeze to install.  Now I can easily turn the fan on or off from my iPhone from anywhere in our home WiFi network.  The fan is shown below, plugged into the WeMo device, which plugs into the standard electrical outlet.

The second photo shows the WeMo iPhone app.  Simply elegant.  It just works.  My next project is to learn how to work with the WeMo device remotely using IFTTT.

 

According to Wikipedia,

The Quantified Self is a movement to incorporate technology into data acquisition on aspects of a person’s daily life in terms of inputs (e.g. food consumed, quality of surrounding air), states (e.g. mood, arousal, blood oxygen levels), and performance (mental and physical). Such self-monitoring and self-sensing, which combines wearable sensors (EEG, ECG, video, etc.) and wearable computing, is also known as lifelogging. Other names for using self-tracking data to improve daily functioning are “self-tracking”, “auto-analytics”, “body hacking” and “self-quantifying”.

Without realizing I was becoming part of such a movement, I began using the Fitbit tracker device a while ago.  It is an integral part of tracking my daily activity for my Yellow Jeep weight loss project.

This week, I decided to replace the abysmal Fitbit calorie tracking capability with MyFitnessPal  which has a far more comprehensive database of food types.  It turns out that Fitbit works well as an a input to the MyFitnessPal site via a published API.  My basic setup is shown below.

I continue to carry my Fitbit device everywhere I go.  it syncs with the Fitbit iPhone app, which passes the information to the Fitbit website, which in turn passes the amount of calories measured by the Fitbit device to the MyFitnessPal app.  

I record my food and water intake in the MyFitnessPal iPhone app, which updates the MyFitnessPal database in the cloud.  The iPhone app also retrieves the calorie information that came from Fitbit and displays the calorie intake minus exercise output on my phone.

It is a fairly simple process, but seems to work well.  Stay tuned for some thoughts about addressing the larger Quantified Self puzzle.

Today I read an informative paper published by GigaOM Research entitled, “The Internet of Things: A Market Landscape.”  I find The Internet of Things to be the most interesting area of technology and business in my professional world today.  This paper did an excellent job of providing an overview of the IoT landscape and highlighting both opportunities and challenges.

A few things that I found intriguing:

IoT is not just new technology:

The internet of things is not a single technology trend. Rather, it is a way of thinking about how the physical world at large and the objects, devices, and structures within it are becoming increasingly interconnected.

The market is moving rapidly to mind-boggling scale:

1. Some 31 billion internet-connected devices will exist by 2020, according to Intel.
2. A family of four will move from having 10 connected devices in 2012 to 25 in 2017 to 50 in 2022.
3. Mobile subscriptions will exceed the number of people in the world by early 2014.

Identity is first on the list of important characteristics:

For things to be manageable, they need to be identifiable either in terms of type or as a unique entity. … Identification by type or by instance is fundamental to the internet of things.

The power of IoT comes from connectivity, not just individual components:

The internet of things is an ultra-connected environment of capabilities and services, enabling interaction with and among physical objects and their virtual representations, based on supporting technologies such as sensors, controllers, or low-powered wireless as well as services available from the wider internet.

The biggest challenges?  Security, monitoring and surveillance:

Computer security, say the experts, boils down to protecting the confidentiality, integrity, and availability of both data and services. With the internet of things looking set to create all manner of data, from heart rate and baby monitors to building management systems, there is clearly going to be a great deal to protect. …

The internet of things enables the whole world to be monitored. …  the potential for the inappropriate use of such technologies — for example, to spy on partners or offspring — will grow. In the business context as well, the role of the internet of things offers a wealth of opportunity but also of abuse.

The bottom line?  The possibilities are vast, the challenges daunting, but IoT is happening.  It will be great to go along for the ride.