Recently in Information Assurance Category

Will 2012 be the Year that convergence finally happens?

| No Comments | No TrackBacks
| More

The rise of the smart-phone as the global social networking and on-line browsing device of choice has expedited the convergence  of fixed and mobile communications into "ubiquitous broadband" - even in the UK (which went from leader to laggard during the dead-end decade of local loop unbundling). Hence the driving force behind deals which upstage BDUK Broadband policy like that of O2 and Kensington and Westminster  in much that same way that BSkyB upstaged IBA Satellite policy, two decades ago.   

Meanwhile the fragmentation of debate over privacy, surveillance, on-line safety and cyberwarfare continues to complicate the spread of cost-effective information security by design - as opposed to coating that which is inherently insecure with layers of expensive and ineffectual scareware. Will that change as more businesses realise that using the identity chips already embedded in PCs and mobile phones enables identification of the physical device with which they are communicating? The routines are not totally spoof-proof (nothing ever is), but they do enable better, faster, less obtrusive security at lower cost. They also restrict anonymity to those willing to pay for the privilege. I look forward to seeing a converged debate flushing out the hidden agendas of those who wish to see this happen, those who do not, those who wish use all to be uniquely identifiable and those who wish to have multiple on-line personas with different attributes which they can manage separately.  

Do the recent riots make a new business case for Cloud computing

| No Comments | No TrackBacks
| More

In his blog on the impact or otherwise of the recent Cloud outages caused by lightning strikes in Ireland, Cliff Saran points out the small size of one of the best known Cloud operations - selling surplus capacity on a global on-line retail operation. I have blogged before on the amorphous nature of Cloud computing and the way is used to embrace almost anything from a repackaging of the operations that EDS (now part of HP) and IBM have been running for the US Department of Defence for over 40 years to an on-line test environment.

The torching of businesses over the last few days by the rioters who looted them has opened up a new business case for the on-line, off-site, data back-up that is an integral feature of cloud computing. I had thought the torching was to destroy the evidence (including locally stored surveillance video) but it now appears it was also an anarchic revenge on all who had refused them jobs and "respect".

Either way, whether the smoking heap of wreckage was a small business in a city centre, a superstore in a retail park or a national distribution depot for consumer goods, the case for having off-site processing and data storage has suddenly become much stronger. But the vulnerabilities of data centres to power problems and of communications networks to similar disruption (including lightning strikes and cable theft) also need much greater attention.

Hence the importance of the Information Society Alliance (EURIM) work on Shared Infrastructure issues as part of the policy study on Opening Britain for On-line Business.  I am particularly glad that one of the main UK suppliers of Cloud Computing has just volunteered  to help lead the work on the inter-operablity interfaces needed to help support resilient and secure services, with fewer of the vulnerabilities than other parts of the world.   

Rationalising the slew of semi-incompatible Information and Identity Governance proposals

| No Comments | No TrackBacks
| More

Tomorrow I am due to help open the first discussion at the ETICA conference in Brussels on bringing together Ethics, Innovation and Politics. I have been piggy-in-the-middle between politicians and techies for over thirty years and believe Ethics entails accepting responsibility for the consequences of our past actions - not evading responsibility because the unexpected has happened or technology has changed.  My first point will therefore be that not only is technology  neutral but that the implications of most of the supposedly emerging technologies were being discussed over twenty years ago, albeit some of the terminology was different.

From Wild West to Western Front : the evolution of Cybersecurity

| No Comments | No TrackBacks
| More

"The Internet used to be compared to the WIld West, the lawless frontier; now it is more like the Western Front, a massive, unrestricted battlefield. Geopolitics is putting your data in the firing line." So concludes an article by Allan Dyer of Yui Kee Computing in the IMIS Journal. On Thursday, at the ISSA UK Chapter and I heard several presentations on what is currently happening (and what is expected to happen). One summarised a PWC study report. Another summarised the report of an ISSA Advisory Board brainstorming. Until yesterday I would have said they were both excellent. I took part in both the PWC study and the ISSA brainstorming. Then I read Allan's article. It reminded me that we in the West are at the Far End of the world from where the future is being forged. [double entendre intended].

 

Freedom of Information (and Wikileaks) v. Censorship (and Established Power)

| 1 Comment | No TrackBacks
| More

The reaction to the Wikileaks story exposes the heady mixture of self-delusion that passes for debate on freedom of information, transparency of government, re-use of public information, secure data sharing, data protection, information assurance, information security, information risk management and even net neutrality. I am waiting for the rumours that the Wikileaks was assisted by the Chinese, Indian or Isreali governments - or a coalition of all three. It was also an accident waiting to happen, given the US approach to "secure information sharing" after 9/11.

The Semantic Web - Is It Worth It? (A guest blog)

| 4 Comments | No TrackBacks
| More

I have watched attempts to produce automated means of tracking and tracing the provenance of on-line data for well over a decade - as a succession of snake-oil salesmen have tried to persuade naive users and politicians that their mash-up tools will turn an "on-line waste tip of unvalidated government data files" into something more than e-slurry.

I had hoped to have a speaker on progress with the Semantic Web at the recent "Uncovering the truth" workshop on data quality organised by the Information Society Alliance (EURIM) and the Audit Commission because I had long thought it provides part of the "answer". 

However Sean Barker has suggested that it is the little more than latest excuse for not applying traditional data standards: an expensive academic exercise that will led no-where. I therefore asked him to do a "guest blog". I will not comment further and await your comments.

But it wasn't me who asked for my benefit to be paid into Megabank

| No Comments | No TrackBacks
| More

The Government plans for us all to have personal web-access to their on-line services inside four years, as described in the Times today are as "ambitious" and cahllenging as they are overdue. If they are serious about socailly inclusive delivery the first step must be to ensure that the "Digital Gateway Offices" have on-line access that is fit for a sub-postmistress to access on behalf of a queue of frail pensioners. The second is to ensure that all involved (including contractors in the supply and support chains) are vetted and subject to personal liabilities for carelessness and indiscretion, let alone active misconduct, that are at least as strong as for those who run a sub-post-office.

Long live the database state

| No Comments | No TrackBacks
| More
The FIPR Alerts service has just drawn my attention to an excellent article in Prospect headlined; "Long linve the database state: smarter use of public service statistics can save lives as well as money. But anxious civil libertarians want to stop the state sharing our personal records. They must not succeed. " 

Who "owns" your identity and your personal data?

| 1 Comment | No TrackBacks
| More
HMG appears about to admit that federated identity management is inevitable, if only because none of the tribes of Whitehall can agree to use a system controlled by another tribe. Meanwhile 

"It's Ours: why we, not the government, must own our own data" an excellent paper from the Centre for Policy Studies has moved the debate on.   

Good practice or legal practice in Data Guardianship

| No Comments | No TrackBacks
| More
The mild criticism of the new BCS Personal Data Guardianship Code in the Register reveals the practical need for the code. I believe it is good practice to try to collect and record consent, whether or not it is legally required.   

About this Archive

This page is an archive of recent entries in the Information Assurance category.

Identity is the previous category.

Information Security is the next category.

Find recent content on the main index or look in the archives to find all content.

Archives

Recent Comments

 

-- Advertisement --