Re: [DG-IDoT] Notes from Friday call - ERM
Hi Scott, Last Friday you introduced some ideas regarding Entity Relationship Modelling the Identities of Things. Thank you very much – for your presentation. Ingo and me have the ERM issue in our mind for a long time. I think your ERM is a good starting point – as you show at slide 3 and 6 [cid:image002.png@01CFB654.A340BA30] A missing key indicator in the IoT ID landscape is the information in rhomb ! In an IoT example: a sensor – belongs, is owned, scales, ……- something I think we need rather filled/stuffed/intelligent links between objects, instead of poor SQL links . I would like to start a discussion in our group about mechanism whereby we can find an object based on the relationship. (rhomb in slide6) Have a nice day – see you Mit freundlichen Grüßen / Viele Grüße / Best Regards Frank Mildner DEUTSCHE TELEKOM AG T-Labs (Research & Innovation) Dipl.-Ing. Frank Mildner Deutsche-Telekom-Allee 7, 64295 Darmstadt +4961515834747 (Tel.) +496151899838 (Fax) E-Mail: frank.mildner@telekom.de www.telekom.comhttp://www.telekom.com/ Erleben, was verbindet. DEUTSCHE TELEKOM AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Timotheus Höttges (Vorsitzender), Reinhard Clemens, Niek Jan van Damme, Thomas Dannenfeldt, Dr. Thomas Kremer, Claudia Nemat Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn Grosse Veränderungen fangen klein an – Ressourcen schonen und nicht jede E-Mail drucken. Von: dg-idot-bounces@kantarainitiative.org [mailto:dg-idot-bounces@kantarainitiative.org] Im Auftrag von Scott Shorter Gesendet: Freitag, 8. August 2014 17:08 An: dg-idot@kantarainitiative.org Betreff: [DG-IDoT] Notes from today's call My quick action items: * Here's the link to join the Kantara SDO liaison subcommittee, to participate in the email list and access the review files on the wiki: http://signup.kantarainitiative.org/liaison-sub-committee/ * TSCP workshop: http://tscpworkshop.com/ I think we're participating in the "securing the supply chain" track My longer term action items: * Re-visit ITU-T's OID as an namespace model in light of XRI's capabilities * Review SCAP's Asset Identification standard (and Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE)) as namespace models * Share Kantara's comments about identity proofing non-person entities from last year's comment process with the list. Whew. Have a good weekend! - Scott -- ============================================================== Scott Shorter, Principal Security Engineer Electrosoft – Fueling Customer Success Through Outstanding Value and Trust! Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 1893 Metro Center Drive; Ste 228; Reston, VA 20190 (703) 437-9451 x21tel:%28703%29%C2%A0437-9451%20x21 (office); (240) 994-7793tel:%28240%29%20994-7793 (cell) sshorter@electrosoft-inc.commailto:sshorter@electrosoft-inc.com (Email); http://www.electrosoft-inc.comhttp://www.electrosoft-inc.com/ (Web) ==============================================================
Hi , Few comments about Scott’s this Venn diagram: - I like it very much because it shows that Object IDM is not only an extension of user-IdM, it has to be addressed with new approaches - Currently there are three circles (device, person, organization). Are there more circles possible? I guess… but these three are a good starting point for the moment - To me these circles are rather bubbles (I don’t know how to draw this ;-)…because the connections e.g. btw. device and person might have different flavors My mobile phone (incl. its sensors) for example might be a personal device ( I bought it private) or maybe its my personal device but paid by my company infact the relationship btw. me and the personal device then is different - I think relationships play a central role in this discussion (see the NIST asset spec…Scott sent to the list) Best Ingo From: dg-idot-bounces@kantarainitiative.org [mailto:dg-idot-bounces@kantarainitiative.org] On Behalf Of Mildner, Frank Sent: Dienstag, 12. August 2014 17:41 To: sshorter@electrosoft-inc.com; dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] Notes from Friday call - ERM Hi Scott, Last Friday you introduced some ideas regarding Entity Relationship Modelling the Identities of Things. Thank you very much – for your presentation. Ingo and me have the ERM issue in our mind for a long time. I think your ERM is a good starting point – as you show at slide 3 and 6 [cid:image001.png@01CFB7A6.286D4E60] A missing key indicator in the IoT ID landscape is the information in rhomb ! In an IoT example: a sensor – belongs, is owned, scales, ……- something I think we need rather filled/stuffed/intelligent links between objects, instead of poor SQL links . I would like to start a discussion in our group about mechanism whereby we can find an object based on the relationship. (rhomb in slide6) Have a nice day – see you Mit freundlichen Grüßen / Viele Grüße / Best Regards Frank Mildner DEUTSCHE TELEKOM AG T-Labs (Research & Innovation) Dipl.-Ing. Frank Mildner Deutsche-Telekom-Allee 7, 64295 Darmstadt +4961515834747 (Tel.) +496151899838 (Fax) E-Mail: frank.mildner@telekom.demailto:frank.mildner@telekom.de www.telekom.comhttp://www.telekom.com/ Erleben, was verbindet. DEUTSCHE TELEKOM AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Timotheus Höttges (Vorsitzender), Reinhard Clemens, Niek Jan van Damme, Thomas Dannenfeldt, Dr. Thomas Kremer, Claudia Nemat Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn Grosse Veränderungen fangen klein an – Ressourcen schonen und nicht jede E-Mail drucken. Von: dg-idot-bounces@kantarainitiative.orgmailto:dg-idot-bounces@kantarainitiative.org [mailto:dg-idot-bounces@kantarainitiative.org] Im Auftrag von Scott Shorter Gesendet: Freitag, 8. August 2014 17:08 An: dg-idot@kantarainitiative.orgmailto:dg-idot@kantarainitiative.org Betreff: [DG-IDoT] Notes from today's call My quick action items: * Here's the link to join the Kantara SDO liaison subcommittee, to participate in the email list and access the review files on the wiki: http://signup.kantarainitiative.org/liaison-sub-committee/ * TSCP workshop: http://tscpworkshop.com/ I think we're participating in the "securing the supply chain" track My longer term action items: * Re-visit ITU-T's OID as an namespace model in light of XRI's capabilities * Review SCAP's Asset Identification standard (and Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE)) as namespace models * Share Kantara's comments about identity proofing non-person entities from last year's comment process with the list. Whew. Have a good weekend! - Scott -- ============================================================== Scott Shorter, Principal Security Engineer Electrosoft – Fueling Customer Success Through Outstanding Value and Trust! Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 1893 Metro Center Drive; Ste 228; Reston, VA 20190 (703) 437-9451 x21tel:%28703%29%C2%A0437-9451%20x21 (office); (240) 994-7793tel:%28240%29%20994-7793 (cell) sshorter@electrosoft-inc.commailto:sshorter@electrosoft-inc.com (Email); http://www.electrosoft-inc.comhttp://www.electrosoft-inc.com/ (Web) ==============================================================
FYI and speaking of NIST, I just stumbled across a draft
http://csrc.nist.gov/publications/drafts/nistir-8014/nistir_8014_draft.pdf
of NISTIR 8014 "Considerations for Identity Management in Public
Safety Mobile Networks (DRAFT)"
Upon initial scanning, it looks like a promising approach from an IDOT
perspective - section 4.2 discusses device registration and issuance
immediately after section 4.1 user registration.
There is a comment period until 2014-08-22, so if anyone wants to weigh in
on the document there is still time.
Regards,
Scott
On Thu, Aug 14, 2014 at 5:53 AM,
Hi ,
Few comments about Scott’s this Venn diagram:
- I like it very much because it shows that Object IDM is not only an extension of user-IdM, it has to be addressed with new approaches
- Currently there are three circles (device, person, organization). Are there more circles possible? I guess… but these three are a good starting point for the moment
- To me these circles are rather bubbles (I don’t know how to draw this ;-)…because the connections e.g. btw. device and person might have different flavors
My mobile phone (incl. its sensors) for example might be a personal device ( I bought it private) or maybe its my personal device but paid by my company infact the relationship btw. me and the personal device then is different
- I think* relationships* play a central role in this discussion (see the NIST asset spec…Scott sent to the list)
Best Ingo
*From:* dg-idot-bounces@kantarainitiative.org [mailto: dg-idot-bounces@kantarainitiative.org] *On Behalf Of *Mildner, Frank *Sent:* Dienstag, 12. August 2014 17:41 *To:* sshorter@electrosoft-inc.com; dg-idot@kantarainitiative.org *Subject:* Re: [DG-IDoT] Notes from Friday call - ERM
Hi Scott,
Last Friday you introduced some ideas regarding Entity Relationship Modelling the Identities of Things.
Thank you very much – for your presentation. Ingo and me have the ERM issue in our mind for a long time.
I think your ERM is a good starting point – as you show at slide 3 and 6
A missing key indicator in the IoT ID landscape is the information in rhomb !
In an IoT example: a sensor – *belongs, is owned, scales, ……-* something
I think we need rather filled/stuffed/intelligent links between objects, instead of poor SQL links .
I would like to start a discussion in our group about mechanism whereby we can find an object based on the relationship. (rhomb in slide6)
Have a nice day – see you
Mit freundlichen Grüßen / Viele Grüße / Best Regards Frank Mildner
*DEUTSCHE TELEKOM AG* T-Labs (Research & Innovation) Dipl.-Ing. Frank Mildner Deutsche-Telekom-Allee 7, 64295 Darmstadt +4961515834747 (Tel.)
+496151899838 (Fax)
E-Mail: frank.mildner@telekom.de
www.telekom.com
*Erleben, was verbindet.*
*DEUTSCHE TELEKOM AG*Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Timotheus Höttges (Vorsitzender), Reinhard Clemens, Niek Jan van Damme, Thomas Dannenfeldt,
Dr. Thomas Kremer, Claudia Nemat Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn
*Grosse Veränderungen fangen klein an **–** Ressourcen schonen und nicht jede E-Mail drucken.*
*Von:* dg-idot-bounces@kantarainitiative.org [ mailto:dg-idot-bounces@kantarainitiative.org
] *Im Auftrag von *Scott Shorter *Gesendet:* Freitag, 8. August 2014 17:08 *An:* dg-idot@kantarainitiative.org *Betreff:* [DG-IDoT] Notes from today's call My quick action items:
- Here's the link to join the Kantara SDO liaison subcommittee, to participate in the email list and access the review files on the wiki: http://signup.kantarainitiative.org/liaison-sub-committee/
- TSCP workshop: http://tscpworkshop.com/ I think we're participating in the "securing the supply chain" track
My longer term action items:
- Re-visit ITU-T's OID as an namespace model in light of XRI's capabilities
- Review SCAP's Asset Identification standard (and Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE)) as namespace models
- Share Kantara's comments about identity proofing non-person entities from last year's comment process with the list.
Whew. Have a good weekend!
-
Scott
--
==============================================================
*Scott Shorter, Principal Security Engineer* Electrosoft *–* Fueling Customer Success Through Outstanding Value and Trust! *Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 * 1893 Metro Center Drive; Ste 228; Reston, VA 20190 (703) 437-9451 x21 (office); (240) 994-7793 (cell) sshorter@electrosoft-inc.com (Email); http://www.electrosoft-inc.com (Web) ==============================================================
-- ============================================================== *Scott Shorter, Principal Security Engineer* Electrosoft *–* Fueling Customer Success Through Outstanding Value and Trust! *Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 * 1893 Metro Center Drive; Ste 228; Reston, VA 20190 (703) 437-9451 x21 (office); (240) 994-7793 (cell) sshorter@electrosoft-inc.com (Email); http://www.electrosoft-inc.com (Web) ==============================================================
To you point about relationships. The Identity Relationship Management WG
had its first meeting this week. I expect a healthy amount of interactions
between the two WGs.
On Thu, Aug 14, 2014 at 5:53 AM,
Hi ,
Few comments about Scott’s this Venn diagram:
- I like it very much because it shows that Object IDM is not only an extension of user-IdM, it has to be addressed with new approaches
- Currently there are three circles (device, person, organization). Are there more circles possible? I guess… but these three are a good starting point for the moment
- To me these circles are rather bubbles (I don’t know how to draw this ;-)…because the connections e.g. btw. device and person might have different flavors
My mobile phone (incl. its sensors) for example might be a personal device ( I bought it private) or maybe its my personal device but paid by my company infact the relationship btw. me and the personal device then is different
- I think* relationships* play a central role in this discussion (see the NIST asset spec…Scott sent to the list)
Best Ingo
*From:* dg-idot-bounces@kantarainitiative.org [mailto: dg-idot-bounces@kantarainitiative.org] *On Behalf Of *Mildner, Frank *Sent:* Dienstag, 12. August 2014 17:41 *To:* sshorter@electrosoft-inc.com; dg-idot@kantarainitiative.org *Subject:* Re: [DG-IDoT] Notes from Friday call - ERM
Hi Scott,
Last Friday you introduced some ideas regarding Entity Relationship Modelling the Identities of Things.
Thank you very much – for your presentation. Ingo and me have the ERM issue in our mind for a long time.
I think your ERM is a good starting point – as you show at slide 3 and 6
A missing key indicator in the IoT ID landscape is the information in rhomb !
In an IoT example: a sensor – *belongs, is owned, scales, ……-* something
I think we need rather filled/stuffed/intelligent links between objects, instead of poor SQL links .
I would like to start a discussion in our group about mechanism whereby we can find an object based on the relationship. (rhomb in slide6)
Have a nice day – see you
Mit freundlichen Grüßen / Viele Grüße / Best Regards Frank Mildner
*DEUTSCHE TELEKOM AG* T-Labs (Research & Innovation) Dipl.-Ing. Frank Mildner Deutsche-Telekom-Allee 7, 64295 Darmstadt +4961515834747 (Tel.)
+496151899838 (Fax)
E-Mail: frank.mildner@telekom.de
www.telekom.com
*Erleben, was verbindet.*
*DEUTSCHE TELEKOM AG*Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Timotheus Höttges (Vorsitzender), Reinhard Clemens, Niek Jan van Damme, Thomas Dannenfeldt,
Dr. Thomas Kremer, Claudia Nemat Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn
*Grosse Veränderungen fangen klein an **–** Ressourcen schonen und nicht jede E-Mail drucken.*
*Von:* dg-idot-bounces@kantarainitiative.org [ mailto:dg-idot-bounces@kantarainitiative.org
] *Im Auftrag von *Scott Shorter *Gesendet:* Freitag, 8. August 2014 17:08 *An:* dg-idot@kantarainitiative.org *Betreff:* [DG-IDoT] Notes from today's call My quick action items:
- Here's the link to join the Kantara SDO liaison subcommittee, to participate in the email list and access the review files on the wiki: http://signup.kantarainitiative.org/liaison-sub-committee/
- TSCP workshop: http://tscpworkshop.com/ I think we're participating in the "securing the supply chain" track
My longer term action items:
- Re-visit ITU-T's OID as an namespace model in light of XRI's capabilities
- Review SCAP's Asset Identification standard (and Common Platform Enumeration (CPE), Common Vulnerability Enumeration (CVE)) as namespace models
- Share Kantara's comments about identity proofing non-person entities from last year's comment process with the list.
Whew. Have a good weekend!
-
Scott
--
==============================================================
*Scott Shorter, Principal Security Engineer* Electrosoft *–* Fueling Customer Success Through Outstanding Value and Trust! *Woman-Owned, Minority-Owned Small Business | ISO 9001 | CMMI Level 2 * 1893 Metro Center Drive; Ste 228; Reston, VA 20190 (703) 437-9451 x21 (office); (240) 994-7793 (cell) sshorter@electrosoft-inc.com (Email); http://www.electrosoft-inc.com (Web) ==============================================================
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
-- Ian Glazer Senior Director, Identity +1 202 255 3166 @iglazer https://twitter.com/iglazer
Hi Ian,
Of course…are you or anyone of the group in Utrecht?
From: Ian Glazer [mailto:iglazer@salesforce.com]
Sent: Donnerstag, 14. August 2014 15:44
To: Friese, Ingo
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] Notes from Friday call - ERM
To you point about relationships. The Identity Relationship Management WG had its first meeting this week. I expect a healthy amount of interactions between the two WGs.
On Thu, Aug 14, 2014 at 5:53 AM,
I will be in Utrecht, but will need to catch up a little bit on some items in DG-IDoT to be effective.I have been following the list, but not attending calls.CheersColin
From: Ingo.Friese@telekom.de
To: iglazer@salesforce.com
Date: Thu, 14 Aug 2014 16:26:29 +0200
CC: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] Notes from Friday call - ERM
Hi Ian, Of course…are you or anyone of the group in Utrecht? From: Ian Glazer [mailto:iglazer@salesforce.com]
Sent: Donnerstag, 14. August 2014 15:44
To: Friese, Ingo
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] Notes from Friday call - ERM To you point about relationships. The Identity Relationship Management WG had its first meeting this week. I expect a healthy amount of interactions between the two WGs. On Thu, Aug 14, 2014 at 5:53 AM,
participants (5)
-
Colin Wallis
-
Frank.Mildner@telekom.de
-
Ian Glazer
-
Ingo.Friese@telekom.de
-
Scott Shorter