Digital Identity Interoperability and eInnovation

This paper, one of three case studies in a transatlantic research project exploring the connection between Information and Communication Technology interoperability and eInnovation, considers the current state and possible evolution of Digital Identity. While consumers would undoubtedly reap convenience benefits from an ubiquitous single sign-on (SSO) technology, the potential for privacy and security issues makes Digital ID a complex issue. The user-centric, federated, and centralized models of Digital ID each have their advantages and drawbacks. While a few companies have previously attempted to establish a single Digital ID standard that they would control, the failure of those efforts has led to a situation where most players in the industry seem to see interoperability as essential to build up the market in the face of frequent ambivalence from consumers, e-commerce merchants, and other potential users. Broadly, Digital ID could enable a wide range of new Web-based applications, increasing consumers' flexibility and reducing transactions costs. However, having Digital ID be too ubiquitous could threaten the continued viability of anonymous speech in some contexts. It could also lead to more entities having greater access to personal data of consumers, raising the stakes of potential data breaches. The paper concludes that the route to interoperability most likely to lead to innovation would include continued collaboration among industry players to settle on one or a few consolidated efforts. Except in special areas, governments can best play a peripheral role, encouraging coordination through soft regulatory approaches like bringing stakeholders together and using their market power as major data holders and users. If privacy and security issues are addressed (and current stakeholders seem acutely aware of them), Digital ID interoperability has the potential to be extremely generative, creating new markets and enabling interoperability among other applications and services. If, however, coordination breaks down among market leaders and rival technologies emerge, it seems likely that user adoption will remain low and the benefits will be limited

Harnessing Openness to Improve Research, Teaching and Learning in Higher Education

Colleges and universities should embrace the concept of increased openness in the use and sharing of information to improve higher education. That is the core recommendation of this report. The report was produced by CED's Digital Connections Council (DCC), a group of information technology experts that advises CED's business leaders on cutting-edge technologies

Tutorial: Identity Management Systems and Secured Access Control

Identity Management has been a serious problem since the establishment of the Internet. Yet little progress has been made toward an acceptable solution. Early Identity Management Systems (IdMS) were designed to control access to resources and match capabilities with people in well-defined situations, Today’s computing environment involves a variety of user and machine centric forms of digital identities and fuzzy organizational boundaries. With the advent of inter-organizational systems, social networks, e-commerce, m-commerce, service oriented computing, and automated agents, the characteristics of IdMS face a large number of technical and social challenges. The first part of the tutorial describes the history and conceptualization of IdMS, current trends and proposed paradigms, identity lifecycle, implementation challenges and social issues. The second part addresses standards, industry initia-tives, and vendor solutions. We conclude that there is disconnect between the need for a universal, seamless, trans-parent IdMS and current proposed standards and vendor solutions

Digital Rights Management and Consumer Acceptability: A Multi-Disciplinary Discussion of Consumer Concerns and Expectations

The INDICARE project – the Informed Dialogue about Consumer Acceptability of DRM Solutions in Europe – has been set up to raise awareness about consumer and user issues of Digital Rights Management (DRM) solutions. One of the main goals of the INDICARE project is to contribute to the consensus-building among multiple players with heterogeneous interests in the digital environment. To promote this process and to contribute to the creation of a common level of understanding is the aim of the present report. It provides an overview of consumer concerns and expectations regarding DRMs, and discusses the findings from a social, legal, technical and business perspective. A general overview of the existing EC initiatives shows that questions of consumer acceptability of DRM have only recently begun to draw wider attention. A review of the relevant statements, studies and reports confirms that awareness of consumer concerns is still at a low level. Five major categories of concerns have been distinguished so far: (1) fair conditions of use and access to digital content, (2) privacy, (3) interoperability, (4) transparency and (5) various aspects of consumer friendliness. From the legal point of view, many of the identified issues go beyond the scope of copyright law, i.e. the field of law where DRM was traditionally discussed. Often they are a matter of general or sector-specific consumer protection law. Furthermore, it is still unclear to what extent technology and an appropriate design of technical solutions can provide an answer to some of the concerns of consumers. One goal of the technical chapter was exactly to highlight some of these technical possibilities. Finally, it is shown that consumer acceptability of DRM is important for the economic success of different business models based on DRM. Fair and responsive DRM design can be a profitable strategy, however DRM-free alternatives do exist too.Digital Rights Management; consumers; Intellectual property; business models

A framework for promoting interoperability in a global electronic market-space

The primary contributions to the area of electronic business integration, propounded by this thesis, are (in no particular order):  A novel examination of global Business-to-Business (B2B) interoperability in terms of a "multiplicity paradox" and of a "global electronic market-space" from a Complex Systems Science perspective.  A framework for an, integrated, global electronic market-space, which is based on a hierarchical, incremental, minimalist-business-pattern approach. A Web Services-SOA forms the basis of application-to-application integration within the framework. The framework is founded in a comprehensive study of existing technologies, standards and models for secure interoperability and the SOA paradigm. The Complex Systems Science concepts of "predictable structure" and "structural complexity" are used consistently throughout the progressive formulation of the framework.  A model for a global message handler (including a standards-based message-format) which obviates the common problems implicit in standard SOAP-RPC. It is formulated around the "standardized, common, abstract application interface" critical success factor, deduced from examining existing models. The model can be used in any collaboration context.  An open standards-based security model for the global message handler. Conceptually, the framework comprises the following:  An interoperable standardized message format: a standardized SOAP-envelope with standardized attachments (8-bit binary MIME-serialized XOP packages).  An interoperable standardized message-delivery infrastructure encompassing an RPC-invoked message-handler - a Web service, operating in synchronous and/or asynchronous mode, which relays attachments to service endpoints.  A business information processing infrastructure comprised of: a standardized generic minimalist-business-pattern (simple buying/selling), comprising global pre-specifications for business processes (for example, placing an order), standardized specific atomic business activities (e.g. completing an order-form), a standardized document-set (including, e.g. an order-form) based on standardized metadata (common nomenclature and common semantics used in XSD's, e.g. the order-form), the standardized corresponding choreography for atomic activities (e.g. acknowledgement of receipt of order-form) and service endpoints (based on standardized programming interfaces and virtual methods with customized implementations).Theoretical ComputingPHD (INFORMATION SYSTEMS

Security Framework for the Web of IoT Platforms

Connected devices of IoT platforms are known to produce, process and exchange vast amounts of data, most of it sensitive or personal, that need to be protected. However, achieving minimal data protection requirements such as confidentiality, integrity, availability and non-repudiation in IoT platforms is a non-trivial issue. For one reason, the trillions of interacting devices provide larger attack surfaces. Secondly, high levels of personal and private data sharing in this ubiquitous and heterogeneous environment require more stringent protection. Additionally, whilst interoperability fuels innovation through cross-platform data flow, data ownership is a concern. This calls for categorizing data and providing different levels of access control to users known as global and local scopes. These issues present new and unique security considerations in IoT products and services that need to be addressed to enable wide adoption of the IoT paradigm. This thesis presents a security and privacy framework for the Web of IoT platforms that addresses end-to-end security and privacy needs of the platforms. It categorizes platforms’ resources into different levels of security requirements and provides appropriate access control mechanisms

Appraising the impact and role of platform models and Government as a Platform (GaaP) in UK Government public service reform: towards a Platform Assessment Framework (PAF)

The concept of “Government as a Platform” (GaaP) (O'Reilly, 2009) is coined frequently, but interpreted inconsistently: views of GaaP as being solely about technology and the building of technical components ignore GaaP's radical and disruptive embrace of a new economic and organisational model with the potential to improve the way Government operates – helping resolve the binary political debate about centralised versus localised models of public service delivery. We offer a structured approach to the application of the platforms that underpin GaaP, encompassing not only their technical architecture, but also the other essential aspects of market dynamics and organisational form. Based on a review of information systems platforms literature, we develop a Platform Appraisal Framework (PAF) incorporating the various dimensions that characterise business models based on digital platforms. We propose this PAF as a general contribution to the strategy and audit of platform initiatives and more specifically as an assessment framework to provide consistency of thinking in GaaP initiatives. We demonstrate the utility of our PAF by applying it to UK Government platform initiatives over two distinct periods, 1999–2010 and 2010 to the present day, drawing practical conclusions concerning implementation of platforms within the unique and complex environment of the public sector.Non