Re: [DG-IDoT] Notes from Friday call - ERM

14 Aug 2014

      FYI and speaking of NIST, I just stumbled across a draft
<http://csrc.nist.gov/publications/drafts/nistir-8014/nistir_8014_draft.pdf>
of NISTIR 8014 "Considerations for Identity Management in Public
Safety Mobile Networks (DRAFT)"

Upon initial scanning, it looks like a promising approach from an IDOT
perspective - section 4.2 discusses device registration and issuance
immediately after section 4.1 user registration.

There is a comment period until 2014-08-22, so if anyone wants to weigh in
on the document there is still time.

Regards,
Scott

On Thu, Aug 14, 2014 at 5:53 AM, <Ingo.Friese@telekom.de> wrote:
...
Hi ,
Few comments about Scott’s this Venn diagram:
-          I like it very much because it shows that Object IDM is not
only an extension of user-IdM, it has to be addressed with new approaches
-          Currently there are three circles (device, person,
organization). Are there more circles possible? I guess… but these three
are a good starting point for the moment
-          To me these circles are rather bubbles (I don’t know how to
draw this ;-)…because the connections e.g. btw. device and person might
have different  flavors
My mobile phone (incl. its sensors) for example might be a  personal
device ( I bought it private) or maybe its my personal device but paid by
my company
infact the relationship btw. me and the personal device then is different
-          I think* relationships* play a central role in this discussion
(see the NIST asset spec…Scott sent to the list)
Best Ingo
*From:* dg-idot-bounces@kantarainitiative.org [mailto:
dg-idot-bounces@kantarainitiative.org] *On Behalf Of *Mildner, Frank
*Sent:* Dienstag, 12. August 2014 17:41
*To:* sshorter@electrosoft-inc.com; dg-idot@kantarainitiative.org
*Subject:* Re: [DG-IDoT] Notes from Friday call - ERM
Hi Scott,
Last Friday you introduced some ideas regarding Entity Relationship
Modelling the Identities of Things.
Thank you very much – for your presentation. Ingo and me have the  ERM
issue in our mind for a long time.
I think your ERM is a good starting point – as you show at slide 3 and 6
A missing key indicator in the IoT ID landscape is the information in
rhomb !
In an IoT example: a sensor – *belongs, is owned, scales, ……-* something
I think we need rather filled/stuffed/intelligent links between objects,
 instead of poor SQL links .
I would like to start a discussion in our group  about  mechanism whereby
 we can find an object based on the relationship. (rhomb in slide6)
Have a nice day – see you
Mit freundlichen Grüßen / Viele Grüße / Best Regards
Frank Mildner
*DEUTSCHE TELEKOM AG*
T-Labs (Research & Innovation)
Dipl.-Ing. Frank Mildner
Deutsche-Telekom-Allee 7, 64295 Darmstadt
+4961515834747 (Tel.)
+496151899838 (Fax)
E-Mail: frank.mildner@telekom.de
www.telekom.com
*Erleben, was verbindet.*
*DEUTSCHE TELEKOM AG*Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender)
Vorstand: Timotheus Höttges (Vorsitzender),
Reinhard Clemens, Niek Jan van Damme, Thomas Dannenfeldt,
Dr. Thomas Kremer, Claudia Nemat
Handelsregister: Amtsgericht Bonn HRB 6794
Sitz der Gesellschaft: Bonn
*Grosse Veränderungen fangen klein an **–** Ressourcen schonen und nicht
jede E-Mail drucken.*
*Von:* dg-idot-bounces@kantarainitiative.org [
mailto:dg-idot-bounces@kantarainitiative.org
<dg-idot-bounces@kantarainitiative.org>] *Im Auftrag von *Scott Shorter
*Gesendet:* Freitag, 8. August 2014 17:08
*An:* dg-idot@kantarainitiative.org
*Betreff:* [DG-IDoT] Notes from today's call
My quick action items:
- Here's the link to join the Kantara SDO liaison subcommittee, to
   participate in the email list and access the review files on the wiki:
   http://signup.kantarainitiative.org/liaison-sub-committee/
- TSCP workshop: http://tscpworkshop.com/  I think we're participating
   in the "securing the supply chain" track
My longer term action items:
- Re-visit ITU-T's OID as an namespace model in light of XRI's
   capabilities
- Review SCAP's Asset Identification standard (and Common Platform
   Enumeration (CPE), Common Vulnerability Enumeration (CVE)) as namespace
   models
- Share Kantara's comments about identity proofing non-person entities
   from last year's comment process with the list.
Whew. Have a good weekend!
-
Scott
--
==============================================================
*Scott Shorter, Principal Security Engineer*
Electrosoft *–* Fueling Customer Success Through Outstanding Value and
Trust!
*Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 *
1893 Metro Center Drive; Ste 228; Reston, VA 20190
(703) 437-9451 x21 (office);   (240) 994-7793 (cell)
sshorter@electrosoft-inc.com (Email);   http://www.electrosoft-inc.com
 (Web)
==============================================================
-- 
==============================================================
*Scott Shorter, Principal Security Engineer*
Electrosoft *–* Fueling Customer Success Through Outstanding Value and
Trust!
*Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 *
1893 Metro Center Drive; Ste 228; Reston, VA 20190
(703) 437-9451 x21 (office);   (240) 994-7793 (cell)
sshorter@electrosoft-inc.com (Email);   http://www.electrosoft-inc.com (Web)
==============================================================