Sometimes someone comes up with an idea that is so elegant and simple, yet so powerful, that I just marvel. One of my favorite tools of all time is the old beer can opener that had a can opener on one end and pop bottle cap opener on the other. No moving parts! Fits in the hand. Low price. Etc. Now our friends at Kynetx have figured out how to give any object an identity by attaching a simple tag to it - a QR sticker or an RFID chip, for example, that connects to its personal cloud. Welcome to the Internet of Things! (IoT)

  • Phil Windley: Introducing SquareTag
    “A little tag that can be attached to something, and contains a short code—the tag’s ID—that points to a dedicated online computer that stores data and runs programs. These computers are persistent data objects (PDOs—what I’ve called a “personal cloud” in other contexts). The PDO is a virtual representation of some thing in the physical world.”

Phil and friends have put out a series of introductory whitepapers about this:

  • The Live Web Series
    “The Live Web Series is a series of white papers about concepts and technologies that are making the Live Web a reality. Our vision includes lightweight, cloud-based, virtual computers that we call personal clouds connected in a relationship web using personal channels, communication links of extraordinary power. Using these as building blocks, we envision a powerful and yet practical Internet of Things and new ways of conducting commerce.”

There were lots of other items of interest to the identity community this week:

General

  • Dave Kearns: The buzz for 2013
    “Last time out, I ended by saying “Next time we’ll take a look at two ideas that, hopefully, will be the talk of 2013.” I lied. Depending on how you look at it, it’s either four ideas – or one idea. And there’s sure to be a buzzword/phrase/abbreviation/acronym or two coming about from it – or them. I do know that there are four concepts, known fairly well within the identity community, that need to coalesce to create a grand scheme which can be turned into a buzz phrase and picked up by the general media so let’s take a look and see how they’ll fit together.”
  • Andre Durand: 2013: It's go time
    “I recently started a day with a morning run across the Golden Gate Bridge. It was as inspirational as it was reflective, as I ran from the peninsula of San Francisco over to Marin County. It is these moments in life when epiphanies seem to appear and the future gains focus.”
  • Google wants Password123 in Museum of Bad Headaches
    “Should typed passwords ever make their way into the Memory Bin, no tears will be shed in certain quarters at Google. The search giant is taking a serious look at a computing future where users have a safer environment that can secure their online information and accounts via physical passwords, perhaps in the form of finger rings or USB sticks or keys. Google's Vice President of Security Eric Grosse and engineer Mayank Upadhyay have presented their suggestions for better hardware authentication in an upcoming research paper to be published in Security & Privacy magazine.”
  • Robert McMillan: Google Declares War on the Password
    “ Want an easier way to log into your Gmail account? How about a quick tap on your computer with the ring on your finger? This may be closer than you think. Google’s security team outlines this sort of ring-finger authentication in a new research paper, set to be published late this month in the engineering journal IEEE Security & Privacy Magazine. In it, Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay outline all sorts of ways they think people could wind up logging into websites in the future — and it’s about time.”
    [Mark Atwood: Thoughts on Google, YubiCo, and "The War on Passwords"]
  • John Fontana: Password life expectancy down to seconds
    “End-user generated passwords continue to have little defense against hackers, according to Deloitte Canada.”
  • Secure Crypto: Cluster Cracker
    “The results published show that the most common techniques of storing passwords are vulnerable to offline attack. They also show that when a password is secured using ‘bcrypt’ or ‘sha512crypt’ the number of guesses possible is dramatically reduced and thus security is dramatically increased. Both algorithms are secure against brute force attacks. But, dictionary attacks will still work against weak passwords.”
  • Phil Hunt: Is OAuth2 Ready for Use?
    “In what seems to be becoming a regular thing, I have another blog post on the Oracle IDM blog, "Standards Corner: A Look at OAuth2", where I answer some tough questions:
    • What is the difference between OAuth1 and OAuth2?
    • Is OAuth2 mature enough to use?
    • Should customers deploy OAuth1?
    • What's happening with OAuth2?”
  • Anil John: User Consent in the Age of Attributes - Part 2
    “In a previous blog post on user consent, I had created a mock-up of a consent UI as a thought exercise. But I've always been on the lookout for what has been shown to work effectively in an operational setting. In this blog post, I wanted to highlight the consent dialog that is in production use by the WAYF federation hub.”
  • Sean Deuby: Microsoft Formally Announces Its “Cloud OS” Strategy
    “Private cloud, Azure public cloud, third-party cloud services, and mobile device management under one Windows Server 2012 / System Center 2012 SP1 umbrella”
  • Robert David Graham: I conceal my identity the same way Aaron was indicted for
    “According to his indictment, Aaron Swartz was charged with wirefraud for concealing/changing his "true identity". It sent chills down my back, because I do everything on that list (and more).”

Technology

Events

  • Personal Clouds - Community Gathering
    “Personal Data Ecosystem Consortium
    Tuesday, January 29, 2013 from 6:00 PM to 9:00 PM (PST)
    San Francisco, CA”
  • IDESG 3rd Plenary Meeting
    “February 5-7, 2013
    Phoenix Convention Center”
  • Kantara Initiative to Appear at HIMSS13
    “New Orleans welcomes the 2013 HIMSS Annual Conference and Exhibition, March 3-7, 2013, at the Ernest N. Morial Convention Center. More than 36,000 healthcare industry professionals are expected to attend to discuss health information technology issues and review innovative solutions designed to transform healthcare.”
  • European Identity & Cloud Conference 2013
    “May 14 – 17, 2013 at the Dolce Ballhaus Forum Unterschleissheim, Munich/Germany,”

APIs

  • Drummond Reed: Trillions – The Video
    “Setting a new precedent here – blogging about a book even before I’ve finished reading the first chapter. But I’m reading Trillions at the recommendation of several close friends in the industry (Phil Windley, Peter Vander Auwera) who believe it’s highly relevant to where we are going with personal clouds and XDI. And just the introduction makes so much sense that I know I’m going to savor every chapter. If you want to see why, just watch this wonderfully executed 3-minute video from MAYA, the company behind the book.”

Valuable Identity

 

* Required Fields