Tuesday Jan 19, 2010

The Value of Data and Meaningful Analytics

Semantics: “The study of meaning”

markmontgomery This morning I read a thought-provoking article by my associate Mark Montgomery entitled “Systemic failures, by design.” The article proposes that in many high-profile cases, catastrophes could have been averted or moderated if appropriate semantic-based analysis and action had been taken, based on data that existed prior to the event:

Over the course of the past dozen years the U.S. has experienced a series of dangerous and costly systemic failures throughout our security and regulatory framework. The unfettered bubble in technology, missed opportunities to prevent 9/11—leading to two ongoing wars, the tragic response to Katrina, the largest financial crisis in history, the Fort Hood massacre, and the ‘underwear bomber’ incident on Christmas Day all share one commonality.

In each of these cases, data had been collected by U.S. government agencies that contained a high probability of either entirely preventing or substantially mitigating each event, if only the information had been recognized and acted upon within the window of time allowed by circumstances. In case after case, repeated warnings by recognized experts, sourced internally and externally, were ignored or suppressed.

In the past few months, I blogged a couple of times about the use of data analytics with Digital Identity:

In his address at Digital ID World, Jeff Jonas’ discussion about using data analytics to discover space-time-travel characteristics of individuals was both challenging and disturbing. He proposed that advanced analytic techniques could be effectively used to pinpoint the identities of people of interest based on patterns of use of mobile phones and other data sources readily available today.

While there is certainly danger of loss of freedom to ordinary citizens due to government surveillance, it is apparent that a much better job of identifying and acting upon potential threats and the identities of people involved is quite possible if existing data, lawfully acquired, is more effectively analyzed in meaningful (aka semantic) ways.

Friday Jan 15, 2010

Identity Management: Securing Information in the HIPAA Environment

Next Thursday, January 21st, I will be giving a presentation at the Sun Horizons conference, “Healthcare Integration Through a New Perspective.”  My topic will be “Identity Management: Securing Information in the HIPAA Environment,”  I will explore how the complementary functionality of Identity Management and Master Patient Index technologies can enable effective management of Patient Consent Management, a vital requirement for online health information networks.


If you would like to discuss the topic or meet me in Washington, DC, please drop me a line.  After the event, I’ll post my presentation deck for review.

Thursday Jan 07, 2010

Testing Facebook Integration – With Wibiya

I have begun to experiment with methods for integrating this Discovering Identity blog with Facebook and Twitter, using the Wibiya toolbar, which appears at the bottom of the screen.  This is a Wordpress plugin, which was easy to configure and install.

Feel free to use the toolbar to become a fan of our Facebook page and join our Facebook community.  You can also use the toolbar to join my Twitter conversation.

Please let me know what you think.

Note: for those who see this on the blogs.sun.com version of the blog, please visit us at DiscoveringIdentity.com to see the Wibiya toolbar.

Wednesday Dec 30, 2009

BYU Management Society: Promoting Ethics and Morality in Business

I was pleased to see the following video introducing the BYU Management Society, sponsored by my alma mater, Brigham Young University.

“The Management Society was founded in 1977 by Dean Merrill J. Bateman as an organization of alumni and friends of the BYU College of Business—now Marriott School of Management. Membership includes not only BYU and Marriott School alumni, but many other business professionals with the same desire for professional advancement, high ethical standards, career development, and continuing education. Twenty-Five years after its founding, the management society is an influential organization with about 6,000 members in 40 U.S. cities and 10 countries.”

The major objective of the BYU Management Society are:

“To extend the values and influence of moral and ethical leadership, the Marriott School, and BYU through a premier organization for the development of management and business leaders.”

I graduated from the BYU engineering college, not the management school, and didn’t actively participate in the Society until about 10 years ago, but I have certainly enjoyed my relationship with an outstanding group of people from varied backgrounds during the years I have been involved.

Tuesday Dec 29, 2009

Moving to Wordpress: DiscoveringIdentity.com

wordpress Today, I imported all entries from the Discovering Identity blog from blogs.sun.com into my WordPress blog at DiscoveringIdentity.com.  I believe that I will have more flexibility in publishing my blog and associated content using the WordPress publishing engine than was available on the Roller site.

The blog is now hosted at Dreamhost, which has excellent facilities for hosting WordPress blogs.

I will double-post content to both the DiscoveringIdentity.com and blogs.sun.com sites for the forseeable future, but do not intend to provide further upgrades to the structure of the blogs.sun.com site.

feed-icon-16x16  If you care to follow my postings on the new site, please bookmark the RSS feed.

Thursday Dec 24, 2009

Hyper-Connected Christmas Eve

A great tradition of our family is to gather at the kitchen table after Christmas Eve festivities, drink hot chocolate and talk with each other. As we did so this year, we suddenly realized that we were all connected to the Internet, interacting on Facebook, Twitter and blogs using a variety of devices – extending our Christmas Eve chatter to people far removed from our physical home. Not shown in this photo are my iPhone and the desktop computer on the kitchen desk behind me as I was taking the photo.  Just another example of how technology has changed and enriched our lives. 

With sincere apologies to Holly for a very unflattering photo!

Hyper-connected Christmas Eve

Wednesday Dec 23, 2009

Math Geek Humor

I’m only about two years late to the party, but I stumbled across this wonderfully rye cartoon from G. J. Caulkins today.  Enjoy!



Technorati Tags: , , ,

1000 Posts! 1000 Thanks!

The previous post, the Dixon Family Christmas Card, was the one-thousandth post on the Discovering Identity blog.  Many thanks for following, visiting, commenting, and otherwise supporting this ongoing investigation into the science and magic of Identity Management.

One Thousand. Many Thanks.

Thanks to  Charleston Primary School for a great photo.

Technorati Tags: ,

Merry Christmas from the Dixon Family

A Christmas Card from our family to yours. May you have a happy holiday season and wonderful new year!


Technorati Tags: ,

Tuesday Dec 22, 2009

Experimenting with FOAF

Thanks to the help of Henry Story, who recently presented the concepts of FOAF (an acronym of Friend of a friend) in a Sun Identity Interest teleconference forum, I have begun to experiment a bit with the technology.

According to the FOAF Wikipedia article:

FOAF is a descriptive vocabulary expressed using the Resource Description Framework (RDF) and the Web Ontology Language (OWL). Computers may use these FOAF profiles to find, for example, all people living in Europe, or to list all people both you and a friend of yours know. This is accomplished by defining relationships between people. Each profile has a unique identifier (such as the person's e-mail addresses, a Jabber ID, or a URI of the homepage or weblog of the person), which is used when defining these relationships.

The FOAF project, which defines and extends the vocabulary of a FOAF profile, was started in 2000 by Libby Miller and Dan Brickley. It can be considered the first Social Semantic Web application, in that it combines RDF technology with 'Social Web' concerns.

The FOAF project provides a way for me to maintain my personal Identity profile and link to others I know, creating a global social graph of acquainted people.  I don’t know much yet, but am intrigued by its possibilities.

You can visit my FOAF Card by clicking here, or view the XML for the corresponding FOAF file by clicking here.

If you have a FOAF file and would like to be added to my “knows” list, please send my the URL for your FOAF file.

Thanks!  I’ll keep you updated on my progress.

My Christmas Wish List: Personal Identity-Persona Service

christmas_wish_list It is almost Christmas Eve.  In the midst of an insomnia episode, I conjured up a crazy notion of making a Christmas wish list of things I want from a Personal Identity-Persona Service (PIPS).   Your list may be different, but here’s mine.

  1. Secure Identity Bank Vault for my Identity Profile and Credentials.  Of all the potential Identity Providers jostling for prominence in the market, I favor my bank the most.  They take pretty good care of my money, enable me to selectively send some of my money to other people, and seem to be sensitive to the issues surrounding security, privacy, liability and potential cyber threats.  I think I could trust them to take good care of my online Identity.  Think of it as the bank providing a safe deposit box for all the Identity attributes that I want to store and use, and providing the means to selectively take out Identity attributes for presentation to other people.  This vault should be located in a secure cloud, so I can get access from any computer or mobile device of my choice.  I think this is a concept even my technology-challenged wife, mother and father could readily understand and accept. 
  2. Really Easy to use Identity/Profile/Persona Editor.  With my Secure Identity Bank Vault in place, I need a really easy to use way to fill that vault with my Identity information and maintain it over time.  This will include the information I would normally include provide to an online merchant or social network, as well as subsets of such information that I can define for the purpose of presenting different personae to facilitate different online experiences.
  3. Multiple Levels of Identity Assurance or Validation.  I want to make sure that other people can’t impersonate me by setting up a  fake Identity Bank Vault for Mark Dixon that could be used to conduct illicit transactions.  To do that, methods need to be in place to validate the claims I make about my identity, such as birthplace, social security number, credit card numbers, etc.  Progressively rigorous checks of my background information will allow me to confidently present Bronze, Silver, Gold or Platinum Identity credentials to enable different levels of online interaction.
  4. Really Easy to use Persona Selector.  I need the ability to easily select from a set of personae I have defined in the Identity Bank Vault.   For example, I will most likely have one persona to use for online shopping, one for interaction with state government, and another for using my church website.  This selector needs to be immediately accessible, probably in the browser toolbar.  For mobile use, the persona selector needs to be easily accessed and presented by any online application that requires me to log in or pay for services.
  5. Multiple Levels of Secure Authentication.  I want to make sure that no one can access and use my Identity Bank Vault or persona and credentials it contains without my explicit permission.  In some cases, I may want to simply surf the web and virtually window shop by identifying myself with a user name and password.  However, I would like to restrict access to any financial transactions or health care record access by requiring a digital certificate (probably on a USB fob) and perhaps with a fingerprint check (perhaps via that same USB device).
  6. Option to Use Separate Personae for Login and Payment.  In some cases, I may want to use an Internet Persona to poke around the web, do some window shopping and try things out.  I may want to log in to Amazon, eBay, Barnes and Noble or other merchants before I decide to buy.  None of these merchants needs to know my credit card information before I decide to buy something.  Therefore, I need an easy method for first identifying myself and subsequently presenting my payment method.
  7. Audit Reports.  I would like to get an online “Identity bank statement” each month or on demand, detailing the my use of PIPS service.  This would allow me to verify that all uses were legitimate and would help me determine if adjustments were needed in my profile or use of the service.
  8. Fraud Insurance.  If a privacy breach or other unauthrorized use of my Identity or credentials occur through no fault of my own, I would like to be insured against possible damages.  This would be similar to the fraud protection currently provided by credit card companies.

Of course, in order for a PIPS service to be worth much, social Networks, online merchants, government agencies and other relying parties will need to accept my PIPS profile and credentials.   But wouldn’t it be great if I could maintain one set of Identity and Profile information and have that available for consumption by any merchant or social network, according to my wishes?  I would be willing to pay a yearly fee for such a service, much like I pay certain bank fees now. Or, perhaps those fees would be waived if I maintained a certain account balance or averaged a certain transaction volume on a credit card issued by the bank.

Will something like this happen?  I think so.  Probably not in 2010.  By 2015? I certainly hope so.

Monday Dec 21, 2009

The Ecstasy and Agony of Evernote

Evernote is an essential workhorse in my daily life.  I currently have 3,467 notes in my various Evernote notebooks, using an Evernote premium account.  I use the product multiple times every day for note-taking (I have a reputation as a prodigious note-taker), personal journal (almost daily), electronic filing (I rarely file paper any more) and as a general, all-around information repository.  I particularly like its architectural model using intelligent client applications synchronized with a server-side database.  This allows me to keep information in sync on my laptop and desktop machines (both Windows) as well as my iPhone

That is the “ecstasy” part.  The “agony” came when I installed the long-awaited new Windows client (version 3.5 beta) last week.  What I hoped would be a major improvement of the Windows client, was, instead, a deep disappointment. While I liked a few new features, such as the mixed view, the core note taking engine is still very primitive.  If anything, it was a step  backwards.

The two biggest problems are the very awkward and limited outlining capability and the complete lack of templates.  The new table feature is extremely basic.  I  submitted suggestions in all three areas several months ago, but apparently these seemingly basic functions for a product with “Note” in the name weren’t desirable enough to see the light of day.

It is very painful when I have to drop back to Microsoft OneNote to get access to a decent outlining editor, and then transfer the result to Evernote, rather than have a native capability for outlining.  For a guy who thinks in outlines, all I can say is, “Arrrgghh!”

Perhaps Evernote should open up their architecture so third parties could create plugins to provide functionality not available in the core product.  For example, the Thunderbird add-on “QuickText” provide very useful email message templating capability for a product that lacks such a feature.  Perhaps other plugin vendors could provide decent outlining and table functionality.

Here’s hoping that Evernote someday gets it right. Please!

Wednesday Dec 16, 2009

Strategic News Service: Tech Predictions for 2010

Mark Anderson, publisher of Strategic News Service, talks about his yearly technology predictions in the following Business Week library video.    An overriding theme seems to be that consumers are demanding, and progressively getting, highly personalized, context-aware, mobile services and content. This demand driving big changes in hardware platforms, operating systems, media distribution and pricing, and network infrastructure. Much of the work I am involved with at Sun is focused directly on these major shifts in markets and technology. This whole area is rife with large, market changing opportunities.

A longer audio presentation, recorded December 10, 2009 at the Waldorf-Astoria, New York, is available. Listen to the presentation now.

Thanks to Kip Meacham for sharing the link.

Friday Dec 11, 2009

Mark Mail ... Gotta Like that Name

Tonight I stumbled across a website for Mark Mail, a “free service for searching mailing list archives.”  I tried searching for “Discovering Identity” and found nine entries, two of which referred to this blog.  I suppose that means this blog is waaaaay out in the long tail of the Mark Mail economy.

But I still like the name.

Technorati Tags: , ,

Thursday Dec 10, 2009

Federated Identity for Electronic Medical Records

Many thanks to my good friend Jonathan Gershater for sending me the link to another excellent post about Identity and Healthcare.  I particularly like his illustration of using Federated Identity to facilitate trusted exchange of medical records between different medical service providers. 

A user of any (Healthcare) ServiceProvider, who has been issued a digital identity by the trusted IdentityProvider, may seamlessly interact with the healthcare providers (SPs). The user will present the digital identity issued by the IdP, the SP will verify the Identity, and the user will be granted access to the Service Provider’s application. However, based on the user’s attributes and role, the functionality available to the user will vary.  A physician may alter a medical record but only within their specialty ( a dermatologist cannot alter a prescription for spectacles). A pharmacist may view but not alter the prescription for insulin in a healthrecord.  A patient may only view but not alter their medical record.

Federated Identity for Electronic Medical Records


Discovering Identity was founded on blogs.sun.com in May 2005 as a means of documenting my exploration of the field of Identity and Access Management. In February, 2010, I switched to hosting the blog at DiscoveringIdentity.com. In March 2012, I began posting Oracle-related information in both places.

Thanks for stopping by.

Please connect with me in cyberspace at LinkedIn or Twitter.

The views expressed on this blog are my own and do not necessarily reflect the views of my employer, Oracle Corporation, or any other person or organization.


« July 2016