« March 24, 2003 | Main | March 26, 2003 »
March 25, 2003
Conference Wrap-Up
The conference wrapped-up with Tom Siebel and Governor Leavitt making a pitch for Utah as a place for high-tech build-out. What does this have to do with digital identity? its a message from the sponsor. Someone has to pay the bills. :-)
The panel I was on went well. I was the sole "customer" type there. Everyone else on the panel was selling something. I was the one who'd been in the position of buying. The conversation also turned to the role of government in the digital identity process and, as you know, I've had some thoughts in this area.
Here are some photos from the post-conference reception:
|
|
| Rod Linton introduces Gov. Leavitt and Tom Siebel | Natalie Gochner, Gov. Leavitt's Press Secretary |
|
|
| Gov. Leavitt presents a picture to Tom Siebel | Val Oveson, Utah's CIO talks to Winston Bumpus |
After the reception, Evelyn had five people at tables hosting small discussion groups on digital identity issues. Evelyn is good at creative interaction and this was probably a nice element of the conference, but I was beat, so I called it a night.
09:28 PM | Recommend This | Print This
Kevin O'Neil: Framework and Approach for Protecting Digital Identity
Kevin O'Neil, the Executive Director of the International Security, Trust, and Privacy Alliance and CEO of CYVA Research is speaking on "Framework and Approach for Protecting Digital Identity." The ITPSA is an alliance of companies like IBM, Motorola, and others who are creating "policy configurable" frameworks for security and privacy. The
framework consists of services and capabilities that a security/privacy product must have. Interesting that many of these folks are also involved in Liberty Alliance. I get the impression as he talks that he views ISTPA as complementary to Liberty. Ah, he just said it: ISTPA is an affiliate member. His talk was very interesting, but mostly filled with scenarios rather than concepts, so it was difficult to blog.
05:43 PM | Recommend This | Print This
Bill Smith: Digital Identity in a Networked World
Bill Smith, who is the Director of Liberty Alliance Technology at Sun and the Secretary of the Liberty Alliance organization, is speaking on "Digital Identity in a Networked World." Bill starts off by posing a scenario where your car tells you that a gas station with the brand of gas you like to buy is coming up on the right, its $0.10 less than average and you have a quarter of a tank left. Sounds like a great application for OnStar. He poses another scenario where the same car gets in a accident with you driving and the arriving EMTs get medical information about you before they get there. Two scenarios, different identity requirements. Moreover, there are multiple service providers in each case that need to federate to use that identity.
Bill gives three components of identity: physical (height, weight, gender, etc.), experiential (education, travel, dining, purchases, drug use, etc.), and preferential (food, clothing, religion, etc.). These traits attributes, and preferences can be used to tailor service, but only if they're available from the many places that they're stored. Bill makes the point that this really works: Amazon makes recommendations that people use. I wonder if Amazon has released any data on the percentage of recommendations that are converted into sales.
Liberty uses the term "network identity" to describe using federation to link digital identity islands. This provides a single logical identity while preserving and enhancing existing trust relationships. Liberty is establishing an open standard for federated network identity. Their objectives:
- Interoperability -- no digital islands
- Privacy -- let users control their information
- Ubiquitous adoption -- create one standard
05:05 PM | Recommend This | Print This
Winston Bumpus: The Evolution of Digital Identity in a Web Service World
Winston Bumpus, the Director of Open Technology and Standards for Novell is speaking on "The Evolution of Digital Identity in a Web Service World." Winston says there are three reasons to do something: it will save you money, it will make you money, or the government requires it Obvious, maybe, but nicely said. His point is that government requirement are one of the biggest drivers toward standardization.
Not surprisingly, given Novell's history, Winston talks about identity as a representation of an entity, including, people, data, systems, locations, and so on. Directories manage these identities. The value of a directory is measured by the number of relationships it manages and the new applications that result.
Identity in web services needs to be
- consumable by any service
- consumable over any protocol
- expandable to include different types of data
Web services are driving integrated deployments using meta-directories using a federated approach. Federation not only affects location of the identity principal, but also where the data resides (virtual directories).
Winston believes that XML will replace LDAP in the next 3 to 4 years and views LDAP as a legacy standard. Since LDAP based directories are hierarchical, XML is a great fit and it would simplify the integration burden for directories since almost everything is going to have and XML parser built in and this makes getting XML-based directory information much easier.
To be effective, directories need to integrate and understand business policies so that directories can manage themselves and provide support to the applications that are built against them. Thye must also allow data to be integrated from many different data sources using built-in meta-directory capabilities.
04:12 PM | Recommend This | Print This
Phil Becker on Identity -- Why Now?
Phil Becker is the Editor-in-Chief of Digital ID World, which I have contributed to before. Phil is also the organizer of the Digital ID World conference. The title of his presentation is "Why Digital Identity and Why Now?"
Phil makes the point that while Hollywood frequently gets technical details wrong (or purposefully distorts them for entertainment value), they are very good at identifying trends. He has a great presentation using audio clips from movies starting with "2001: A Space Oddesy" that he uses to track societies perspective on computers from mainframes to PC's to hackers. His point is that this history has led to a situation where we commonly have used location as an implicit proxy for identity. PCs exposed some of these problems, but the qualifications and skills necessary for using early PCs allowed these problems to be ignored. The rise of the Internet and networked computing and the improvements in ease of use has changed all of that. Witness: script kiddies. Universal networking drives information towards the public domain through loss of access control. The only effective response to this is to architect applications and data around identity.
Security issues are often the drivers of digital identity. Firewalls and VPNs are the last stand of virtual location based on physical security. Identity infrastructure and security are intertwined. Most security problems, other than those that result from software bugs, are a symptom of incorret or missing identity structures.
Privacy is an interesting problem because its about enforcing a negative. Privacy is about what you agree not to do with data. To be effective, privacy must be created structurally, not with policy.
Phil sents for the following deployment path for digital identity:
- Intra-enterprise identity management. Utah did this with their master directory project. Many other large organizations are working on this as well. Phil claims that large organizations spend $450-$750 per employee per year on password resets. Just automating this is a huge win. Moreover, you gain security though identity life-cycle management (create, modify, and remove identities). Phil says 15% of IDs and passwords in a large organization are for people who haven't worked there for more than 3 years. This would be a wonder audit at the State.
- Inter-enterprise identity managenment. This allows user customized business to employee portals (this is inter-enterprise bacause almost no one does employee management like 401K, helath insurance etc. themselves). It also allows secure, managable B2B integration and enables web services. For inter-enterprise identity management to work, we must develop federated identity systems.
- Consumer identity management. Phil believes this will grow organically from the tools and techniques built for inter-enterprise identity management and be driven by key applications.
03:41 PM | Recommend This | Print This
Digital Identity Summit: Mark Sunday
This afternoon's event is the Digital identity Summit. Evelyn Rodriguez of the Koru Group is the organizer of the event. Evelyn is trying to use identity to tie together web services, CRM, and network security and today's speakers will be talking on those subjects.
The first speaker today is Mark Sunday, the CIO for Siebel Systems. Siebel recently moved their entire production operation from California to Utah. They run in two redundant data centers. Mark's first comments are a bow to the idea that digital identity is important in a service-oriented economy. Unless we're willing to establish a digital identity, there's little chance that we can get most of the services we want. We do this everyday, of course, when we create accounts on web sites that require a sign-up. What we don't have is a convenient and secure way to aggregate and manage those multiple identities.
CRM is an integrated approach to identifying, acquiring, growing, and retaining customers. This includes sales, marketing, and service. Digital identity is crucial in this environment because customers jump back and forth between sales channels and expect continuity in service regardless of the channel they use to engage the company. CRM systems, at their heart, are really big databases of customer profiles---their digital identity with respect to that company. This corresponds to Andre Durand's second level of digital identity.
Siebel systems calls this big database of customer profiles, the Universal Customer Master. When customers have multiple identities in an organization (identity silos) not only does customer satisfaction decrease, but companies also leave significant revenue on the table. Mark is using the HP/Compaq merger as an example. Clearly one of the reasons for the merger was so that both organizations can leverage the customers of the other, but without some significant IT investments, that can't happen. Siebel is working with HP, using Siebel's Universal Application Network product to integrate a Universal Customer Master with HP's SAP ERP system, Siebel, and other legacy systems.
One of the things I like about Siebel is that they drink there own kool-aid. Siebel is moving thier own operations to be 100% web-based to increase the access for their "nomadic" workforce. This allows salespeople from Siebel to access their customer data from any web browser, cell phone, or PDA while they're away from the office.
03:25 PM | Recommend This | Print This
Venture Capital Conference
The web services summit doesn't begin until this afternoon. This morning's event is a venture capital conference hosted by Cadence and the State of Utah. The idea is to showcase Utah companies in front of some valley VCs. Cadence has a recent Utah presence in Sandy. There are about 90 Cadence employees in Utah right now and that number is expected to grow to 200 within 18 months. Ray Bingham, the CEO of Cadence has Utah roots. He was born in Heber UT and graduated from Weber State University. Even so, Ray maintains that Utah competed on its own merits and beat out over 100 other sites.
|
|
|
| Mike Leavitt | Ray Bingham | Brad Bertoch |
The keynote is being given by Governor Leavitt. Governor Leavitt knows about convening power and he uses it well in events like this. The Governor's message is the familiar one: Utah has a workforce is growing at twice the national average, the workforce is well educated, there are outstanding recreational opportunities (quality of life) and Utah is 1.5 hours from Silicon Valley. He characterizes Utah as an "emerging place" with a strong technical heritage. The Governor outlines an important ambition: improving access to capital. He's signed HB 240, creating a fund of funds and believes that will help.
Brad Bertoch, President of the Wayne Brown Institute, a VC accelerator, is the master of ceremonies for the morning. This is a familiar role since Wayne Brown does this sort of thing at their conferences. The program will be an roll call of ten Utah high-tech companies making short, ten -minute pitches.
First up is Tomax Corporation, a provider of web-based solution for retail operations at retail.net. Eric Olafson is the President and CEO. Their customers include Gateway, TJ Maxx, Ultimate Electronics, Safeway, and others. The company is privately held and profitable. The message is really an IT message: retail operations are collections of isolated technologies that keep retail operations from gathering the information they need to drive their business. They are targeted at businesses over $1M in revenue. There are over 2 million business in the US that are smaller than that.
The next company is NxLight Inc. I've mentioned them before. Brent israelson is the President and CEO. NxLight is making web services real in the sense that they're creating real solutions for companies to use them in places the require significant security, and identity management, Their primary customers right now are insurance companies and financial services companies. The average insurance policy costs $400 to issue and takes 45 days. The error rate for this process is 35%. The are significant regulatory requirements. Using an electronic solution decreases policy issuance time by up to 99%, but it requires signed documents in compliance with privacy regulations. The solution is based on a self-contained XML packet that encapsulates the transaction including workflow, audits, authentication and privacy controls, and security. One thing missing from the presentation was a mention of Web Services standards. Maybe they're there and they just didn't think this audience would care.
The third company is NextPage. Darren Lee is the President and CEO. NextPage bills themselves as a "teamwork" company, but their solution is aimed at document management (not surprising since their roots are Folio). Their software help manage documents so that questions like Who has the latest version of this document? What work tasks and business processes relate to ti? Where is it being used and by whom? If I delete it once is it removed fro other hard drives as well? These are important questions for CIOs. I'm not sure that NextPage is getting that message across in a way that resonates with CIOs. They have a new product that they're getting ready to launch---maybe that will connect better.
|
|
|
| Eric Olafson | Brent Israelson | Jeff Smith |
Next up is Cerberian, an Internet filtering solution for homes, businesses, and schools. The President and CEO is Jeff Smith. Cerberian doesn't sell directly, but works through 21 OEM partners including SonicWall, Computer Associates, Broadcom, Zone Labs, and Belkin. Cerberian is a hosted solution. They host the database and filtering servers and thin client enables the blocking.
The fifth company is netdocuments. The President and CEO is Ken Duncan. The company sells solutions to law firms like Dorsey and Whitney, real estate companies like Kelty Trust, and financial services companies. ScanSoft integrates netdocuments software in the their scanning products. One of their markets is litigation support; they are an outsourced provider of document management for trial work. I haven't heard enough to tell me how they would contrast themselves with NextPage.
The next company is MyFamily.com. Tom Stockham is the President and CEO. MyFamily.com is one of the largest subscription business on the net. Family history is big on the Internet and MyFamily.com takes advantage of that. MyFamily.com has 30 million registered users and over 900,000 people pay a monthly subscription. This leads to real revenue growth. Subscription revenue is nearly doubling year over year. I wonder if their is a significant blogging presence in family history? If seems like a natural for genealogists to narrate their work to form communities in ways that you can't with just news groups or message boards.
|
|
|
| Ken Duncan | Tom Stockham | Jim Kuo |
The seventh company is MediConnect. The President and CEO is Michael Colemere. MediConnect is a medical record retrieval firm that does work for insurance and legal companies. These companies pay over $6 billion per year to retrieve and maintain medical records. MediConnect essentially acts as an agent for these companies. They have a call center that will call a doctors office, retrieve the information, scan it and deliver it electronically to the requester. Their competitors are using fax machines to do the same thing.
BioMicro Systems is an inventor of microfluidic biochip technologies that can be used in research tools, diagnostic devices, and consumer products. James Kuo is the President and CEO. BioMicro's product automates the sequencing preparation steps in genetics work, reducing the manual tasks from 11 to 4. They have been used by Myriad Genetics where they reduced reagents costs by $6M/year. They create the chips using an excimer laser to cut microfluid channels and wells into a doped plastic. The process and resulting product are protected by over 16 patents.
Salus Therapeutics has technologies for discovering, developing, and delivering of nucleic acid-based medicines. Dr. Richard Koehn is the President and CEO. Their technology, chemistry based, allows these genetic therapies to be directed at specific genes. The presentation has quickly dropped into a level of biochemistry and genetics that my high-school biology is not equipped me for. I wonder how everyone else in the room is doing.
Last up is GenData, a non-proofit organization that was created by the State incorporation with the University of Utah and Huntsman Cancer Institute to exploit the genetic data and records available in some very large, extensive and well-documented families in Utah. Michael Paul is the Chief Operating Officer. At its heart, GenData is a marriage between biotech and IT in that they're mostly about managing data. You might wonder why a non-profit is The English Bio-Bank is a similar effort in Britain. GenData combines family histories, clinical data, and genetic data to provide a set of data for genetic research.
|
|
|
| Richard Koehn | Michael Paul | Darren Lee |
Overall, this morning was a great event and showed off some great Utah high-tech companies in a very good light.
09:53 AM | Recommend This | Print This
Washington Technology Mention
My blog got a brief mention in this weeks Washington Technology magazine. The follow-up paragraph promotes blogging as a way for "agency experts" to organize and publish information. I'm not aware of any bloggers who work for the Federal government and blog about their work on a regular basis. Anyone else know?