Welcome!

Government Cloud Authors: Elizabeth White, Liz McMillan, Gopala Krishna Behara, Raju Myadam, Kevin Jackson

Related Topics: @CloudExpo, Agile Computing, Government Cloud

@CloudExpo: Blog Feed Post

Building Canada’s Cloud Identity Ecosystem

These various developments will enable all kinds of opportunities for service providers

With the government promising delivery of the long-awaited Digital Economy strategy by the year end, this prompts a review of what role the Cloud industry can play in this strategy.

This then further encourages us to identify what particular segments of the Cloud Computing industry we might specialize in, with a view to concentrating in areas where Canada has strength so that start-up ventures can be better focused towards niche opportunities.

Best practices – Cloud Privacy By Design

At the top of my list is the best practice known as ‘Cloud Privacy-By-Design‘, developed by the Privacy Commissioner of Ontario.

This is such a hot topic. As Andrea talks about in this earlier blog the mention of Cloud Computing is usually quickly followed by concerns about the USA`s Patriot Act. Fears are that as soon as you upload your data to the Cloud the American Government will be free to access and spy on it.

Therefore as the name suggests Cloud Privacy-By-Design offers a best practice framework to enable private as well as public sector organizations to safely use Cloud services with these concerns in mind.

Given how few have yet to actually make this move it`s therefore going to be a huge global growth area for new consulting skills, and it demonstrates how the Government can play a role in creating these best practice assets as a means of stimulating and supporting economic growth this way.

The team at the OPC office kindly sent me a number of new updates to these best practice materials:

  • International Working Group on Data Protection in Telecommunications (IWGDPT) April 2012: Working Paper on Cloud Computing – PDF file
  • EC Article 29 Working Party July 2012: Opinion of the European Commission Article 29 WP on cloud computing – attached – PDF file
  • Office of the Information and Privacy Commissioner of British Columbia: Cloud Computing Guidelines for Public Bodies – PDF file


The Cloud Identity Ecosystem – Framework for ‘Personal Clouds’

The sheer mammoth scale of this market opportunity is expanded even further when we consider the broader development of what the USA Government has defined as the ‘Identity Ecosystem‘.

This could also be thought of as the ‘Privacy Web’, as this ecosystem is fundamentally a set of controls to be distributed throughout the many different systems where Identity related data about you is stored.

So far we have mainly approached the Cloud in terms of it being an environment to host and run virtualized applications, but as the above concerns highlight we also think of it as a universal data network too.

This ecosystem is explained in this report from the World Economic Forum – Personal Data : The Emergence of a New Asset Class (40-page PDF), and where this overlaps with Cloud Computing it’s called ‘Personal Clouds’.

This refers to the ‘Personal Data Stores’ of information we store about ourselves with different online providers, from email through to social networks and photo stores. As well as the Cloud storing the files and data, there will also be protocols and standards for linking these ‘fragments’ together into one holistic digital persona.

Venture Acceleration

This expertise and focus helps us to more effectively fast-track new start-ups. These requirements and best practices set the context for the new technology that is needed.

For example vendors like Perspecsys provide on-premise devices that encrypts information before uploading it to Cloud services like Salesforce.com. The Ontario Privacy Commissioner describes:

PerspecSys’ cloud solution advances the essential principles of Privacy by Design -privacy by default, end-to-end security, and strong accountability- by enabling enterprises to automatically encrypt (decrypt) data locally and on-the-fly when using third-party cloud service applications, with no loss of functionality. Maintaining control over encryption and decryption processes is an excellent approach to safeguarding personal data, regardless of where the data resides. – Ann Cavoukian, Ph.D. Information and Privacy Commissioner of Ontario, Canada

The value of this technology is immediately apparent to the industry giants like Salesforce.com, who have already bought up a similar vendor to enable their Data Residency Option service.

Open standards are also key to this acceleration. This ecosystem will take many years to fully evolve and includes core building blocks such as OAuth which enables “Social Sign-on”, a means of joining up web sites via usernames and passwords, that vendors like Janrain cater for.

It then extends from here right through to a sophisticated ‘dataweb’ where these foundations facilitiate sharing of all kinds of personal data. Frameworks for enabling and managing this data flow include the Kantara Initiative UMA program, and the OASIS XDI protocol, which provide the mechanisms for sharing the Privacy controls.

As explained in this research, and this Open Identity Exchange presentation, Kantara and UMA builds on core Identity building blocks like OpenID Connect to facilitate Identity-enabled secure data sharing between remote systems, facilitating the Personal Identity Ecosystem.

This presentation explains these core mechanics, and this one maps it to Government Privacy policies.

We’re continuing the process of developing a new Kantara Initiative working group, which will build a program called ‘Kantara Cloud Identity and Security best practices’.

Conclusion

These various developments will enable all kinds of opportunities for service providers, ranging from simply managing the authentication process as a service, like Verizon, through to “data as a service”, where banks, utilities and other key organizations provide data for online real-time web services.

As well as general purpose file sharing this Personal Cloud ecosystem will evolve to cater for various industry-specific functions, like a ‘Personal Cloud EMR’ – Electronic Medical Record.

This is what players like ZenVault can offer. ZenVault is a downloadable app that allows you to personally hold and control your own EMR, and provide it to doctors as and when needed. Personal Cloud services, in combination with dataweb control mechanisms, will make the ideal combination possible – Very easy sharing of information between patients, GPs and other key process stakeholders, but in an entirely secure and controlled manner.

In combination these provide the foundations for a plethora of new ventures, and we will help entrepreneurs launch and fast-track these businesses.

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...