tag:blogger.com,1999:blog-30724478569835013002024-03-08T06:02:50.509-08:00Identity and Attribute Management - The Digital YouThomas W. Connell II, domestic preparedness and emergency response services expert turned technology evangelist, blogs about your digital, online and virtual identities, identity and attribute management and how their used in the 21st century. Topics include identity security, physical and logical access applications, digital certificates, PKI, attribute management, federated identities, credentialing, FIPS201, HSPD-12; training, licensure and certification management and reciprocity.Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-3072447856983501300.post-24916526255730772432012-10-18T13:00:00.001-07:002012-10-18T13:02:03.896-07:00Open Source Identity Ecosystem: We Have an App for That<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:DontVertAlignCellWithSp/>
<w:DontBreakConstrainedForcedTables/>
<w:DontVertAlignInTxbx/>
<w:Word11KerningPairs/>
<w:CachedColBalance/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><br />
<!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="267">
<w:LsdException Locked="false" Priority="0" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="0" Name="header"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
<br />
<h3 class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
<b style="mso-bidi-font-weight: normal;">Background</b></h3>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
The United States population is one of the most open,
information centric demographics in the world.<span style="mso-spacerun: yes;">
</span>Tens of millions of people voluntarily expose the most intimate details
of their lives through the pervasive world of social networking.<span style="mso-spacerun: yes;"> </span>More than 88% of consumers have made
purchases online spending more than 142 billion dollars in 2010 with a 14%
increase continuing to trend upwards through the 2<sup>nd</sup> quarter of 2011<span style="mso-no-proof: yes;"><span style="mso-spacerun: yes;"> </span><a href="http://www.comscore.com/Press_Events/Press_Releases/2011/8/comScore_Reports_37.5_Billion_in_Q2_2011_U.S._Retail_E-Commerce_Spending" target="_blank">(comScore, Inc., 2011)</a></span>. Within a few
years this trend will represent hundreds of billions of dollars of transactions
conducted with the barest of security protections.<span style="mso-spacerun: yes;"> </span>The bulk of these transactions can be
characterized as the modern equivalent of giving your checking account number,
routing number, and driver’s license information to a 16 year old supermarket
customer service worker in return for a check cashing card.<span style="mso-spacerun: yes;"> </span>A FTC-sponsored survey estimated that the
annual total loss to businesses due to ID theft approached $50 billion with the
total annual cost of identity theft to victims at $5 billion <a href="http://waysandmeans.house.gov/media/pdf/ss/factsfigures.pdf" target="_blank"><span style="mso-no-proof: yes;">(H CMTE on Ways and Means, 2012)</span></a>.<span style="mso-spacerun: yes;"> </span>This means more than a third of annual gross
cyber revenue is lost to business or more likely the losses are passed to the
consumers.<span style="mso-spacerun: yes;"> </span>Yet those same hordes of
consumers who willingly play this financial Russian roulette on a regular basis
are the doppelgänger vocal detractors of government sponsored identity
systems.<span style="mso-spacerun: yes;"> </span>The paradox of an individual
who will surrender his or her credit card, credit history, and identity to a
faceless cyber organization but balk at providing their government-issued
social security numbers to either state or federal government program is
astounding.</div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
The fundamental issue is one of trust - not trusted
identity but trusted government.<span style="mso-spacerun: yes;"> </span>Public
trust is at an all time low according to the Pew Research Center.<span style="mso-spacerun: yes;"> </span>Nearly eighty percent of Americans do not
trust their own government.<span style="mso-spacerun: yes;"> </span>In fact, the
only time since 1975 that government trust broke 50% was in the months
following 9/11<span style="mso-no-proof: yes;"><span style="mso-spacerun: yes;"> </span><a href="http://www.theatlantic.com/business/archive/2010/04/80-percent-of-americans-dont-trust-the-government-heres-why/39148/" target="_blank">(Thompson, 2010)</a></span>.<span style="mso-spacerun: yes;"> </span>To summarize, eighty eight percent of
Americans trust the internet with their identity and their hard earned money
while eighty percent of Americans distrust their government.<span style="mso-spacerun: yes;"> </span>Given this situation, it is not surprising
that government sponsored identity trust models have struggled to get off the
ground unless they are thus elevated by significant amounts of funding.<span style="mso-spacerun: yes;"> </span>The solution to this dilemma may be to turn
the identity / trust dichotomy upside down.<span style="mso-spacerun: yes;">
</span>The US government would be more effective as the behind the scene
partner by allowing a certain level of trust as the relying party and allowing
a measured participation by its own trusted identity systems.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>Building
on this foundation the ever-growing worlds of social networking, application [app]
stores, and the real-time personal gratification that comes from instant access
to information, becomes the propagator of the assured identity. <span style="mso-spacerun: yes;"> </span>In this scenario it is likely that the nation
will trend in the direction of the NSTIC Identity Ecosystem vision.<span style="mso-spacerun: yes;"> </span>This is an alternative delivery mechanism of an
important concept, but one easily digested by the American public.<span style="mso-spacerun: yes;"> </span>It is unlikely the average individual has
ever discussed the President’s Cyberspace Policy Review and very likely they
have never heard of it.<span style="mso-spacerun: yes;"> </span></div>
<h3 class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
<b style="mso-bidi-font-weight: normal;">A two part
concept</b></h3>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
The first part of the concept focuses on the
development of a unique cyber identify infrastructure.<span style="mso-spacerun: yes;"> </span>The infrastructure must include development
of new protocols and policy at multiple trust levels designed around the needs
of relying parties with day to day contact with the “citizenry end user”
mindful of that end user’s privacy requirements. <span style="mso-spacerun: yes;"> </span>Infrastructure development would be preceded
by a survey and public comment phase administered by a stakeholders’ steering
committee supported by a number of institutions of higher education and private
industry.<span style="mso-spacerun: yes;"> </span>By design the infrastructure must
also be flexible, scalable and adaptable.<span style="mso-spacerun: yes;">
</span><span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-hansi-font-family: Calibri;">The infrastructure would account for and allow
use by the existing federal identity programs at the user level.<span style="mso-spacerun: yes;"> </span>In addition, the proposed infrastructure
supports a new and unique cloud based identity program built around the user’s
ability to define dynamically the rules surrounding use and reuse of their
Personal Information (PI) and have those bound to, and travel with the digital
identity.<span class="apple-converted-space"> </span> </span>The
infrastructure must be agnostic to token type yet driven by use case influenced
levels of trust.<span style="mso-spacerun: yes;"> </span>Most importantly, the
final infrastructure would be open source.<span style="mso-spacerun: yes;">
</span>API’s and SDK’s, resulting from the project, would be offered free of
charge allowing for both the well-financed and under-financed to have equal
access to program participation.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>Commercialized this concept would establish an
open source identity ecosystem community that is ultimately self supporting and
free of the strictures of reliance on government funding and the profit driven
pressures of the private sector. This approach allows for maximum
interoperability and cost effectiveness.</div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
The concept of an Identity Ecosystem open source
community supported policy and protocol infrastructure is both unique and
thought provoking in its conception.<span style="mso-spacerun: yes;">
</span>Without an initial financial jumpstart from a forward looking
organization, as well as expert oversight and guidance, it is unlikely such as
concept would ever get off the ground.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
While the establishment of the infrastructure would be
a worthy goal, it is actually the stepping stone to part two of the concept,
which is the outward facing ambassador to the American public.<span style="mso-spacerun: yes;"> </span>Part two is the feeder program for an
Identity Ecosystem App store.<span style="mso-spacerun: yes;"> </span>Academic,
commercial, and governmental partners would identify, at minimum, a single use
case for which the trusted identities, either as a product of the new
infrastructure or those created through existing programs, can be leveraged to
the benefit of their constituency, the average citizen.<span style="mso-spacerun: yes;"> </span>Each partner would use the previously
published API’s and SDK’s to develop an “App” which would be both practically
tested and added to the code base for use by future application
developers.<span style="mso-spacerun: yes;"> </span>Again, in the spirit of the
open source community model, the application will be made available to other
relying parties with similar needs. <span style="mso-spacerun: yes;"> </span>Leveraging
a diverse project team, the solutions could span healthcare, government,
commercial, academic, financial as well as physical and logical access
needs.<span style="mso-spacerun: yes;"> </span>The combination of the two concept
segments would proffer a new ability to offer both users and relying parties
choice in level of trust, affordability, convenience, ease of use, security and
confidence while demonstrating and encouraging unparalleled innovation from a
national or even world wide open source community (which should continue exponential
growth even during the unfunded years).<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
The combination of the two concept segments would
address the issue of commonly accepted technical standards by developing a
baseline “living” standard.<span style="mso-spacerun: yes;"> </span>The standard
would be put to the test through the development of multiple applications
addressing diverse relying party requirements.<span style="mso-spacerun: yes;">
</span><span style="mso-spacerun: yes;"> </span>Interoperability would be
assured by offering a free set of development and compliance testing tools and
peer review of code supported by the community as a whole.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
If the concept was commercialized academic partners, would
examine the liability and economic issues in context, allowing for direct or
indirect influence of the “living” standard during the course of the project</div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
Addressing privacy concerns is paramount so as to be
consistent with addressing the issues identified earlier in this essay.<span style="mso-spacerun: yes;"> </span>One of the primary conceptual methods that
would be examined in this project is to maintain the anonymity of the user by
focusing on the end use attributes or privileges assigned to the non-reputable
identity rather than asserting the individual characteristics of the
person.<span style="mso-spacerun: yes;"> </span>Using the driver’s license as a
simplistic example, it is not necessary to provide address, date of birth,
unique identifier or even name when challenged so long as the identity is
trusted by the querying system and a check can be made against the
privilege.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
Any solution must be capable of integrating the PIV and
PIV-I credentials currently deployed.<span style="mso-spacerun: yes;">
</span>However, rather than focus simply on the expected uses of these strong
authentication credentials, emphasis would be placed on the alternative use of the
credentials by integrating acceptance of the credential by the project
developed software.</div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
<br /></div>
<h3>
Works Cited<span style="color: windowtext; font-size: 11.0pt; font-weight: normal; line-height: 115%; mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin;"></span></h3>
<div class="MsoBibliography" style="margin-left: .5in; text-indent: -.5in;">
<span style="mso-no-proof: yes;">comScore, Inc. (2011, August 8). <i>comScore Reports
$37.5 Billion in Q2 2011 U.S. Retail E-Commerce Spending, Up 14 Percent vs.
Year Ago</i>. Retrieved March 1, 2012, from comScore, Press & Events : http://www.comscore.com/Press_Events/Press_Releases/2011/8/comScore_Reports_37.5_Billion_in_Q2_2011_U.S._Retail_E-Commerce_Spending</span></div>
<div class="MsoBibliography" style="margin-left: .5in; text-indent: -.5in;">
<span style="mso-no-proof: yes;">H CMTE on Ways and Means. (2012, February 29). <i>Committee
on Ways and Means Facts and Figures: Identity Theft.</i> Retrieved March 2,
2012, from Committee on Ways and Means:
http://waysandmeans.house.gov/media/pdf/ss/factsfigures.pdf</span></div>
<div class="MsoBibliography" style="margin-left: .5in; text-indent: -.5in;">
<span style="mso-no-proof: yes;">Thompson, D. (2010, Aril 19). <i>80 Percent of
Americans Don't Trust the Government. Here's Why.</i> Retrieved March 1, 2012,
from The Atlantic Business Archive:
http://www.theatlantic.com/business/archive/2010/04/80-percent-of-americans-dont-trust-the-government-heres-why/39148/</span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
<br /></div>
Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-2922914853000727692012-08-27T10:29:00.001-07:002012-08-27T10:29:17.687-07:00Pencils to Processors<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:RelyOnVML/>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:DontVertAlignCellWithSp/>
<w:DontBreakConstrainedForcedTables/>
<w:DontVertAlignInTxbx/>
<w:Word11KerningPairs/>
<w:CachedColBalance/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="267">
<w:LsdException Locked="false" Priority="0" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:12.0pt;
mso-para-margin-left:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
<br />
<div class="WordSection1">
<h2 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><i>Data Collection at
Crime Scene</i></b></h2>
</div>
<b style="mso-bidi-font-weight: normal;"><i><span style="font-family: "Calibri","sans-serif"; font-size: 11.0pt; mso-ansi-language: EN-US; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin;">
</span></i></b>
<h2 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">Part Two “The Future is Here”</span></b></h2>
<h3 class="MsoNormal" style="text-align: justify;">
<br /></h3>
<h4 class="MsoNormal" style="text-align: justify;">
<span style="font-size: large;"><b><span>The Future</span></b></span></h4>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:DontVertAlignCellWithSp/>
<w:DontBreakConstrainedForcedTables/>
<w:DontVertAlignInTxbx/>
<w:Word11KerningPairs/>
<w:CachedColBalance/>
</w:Compatibility>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="267">
<w:LsdException Locked="false" Priority="0" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:12.0pt;
mso-para-margin-left:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
</div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif;">
<span style="font-size: large;"><span>The basics of crime
scene investigation in the field of law enforcement have remained largely unchanged
over the years. There will never be a replacement for the experience and
knowledge of a savvy investigator and his/her observational and intuitive skills.
What has changed in the field of investigation is the advent of different kinds
of evidence collected, and the methodology for documenting and preserving it. <span>(Schecter, 2011) </span></span> </span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif;">
<span style="font-size: large;">Advanced Response Concepts Corp has developed and deployed a
tablet based solution to assist investigators in electronically documenting
evidence found in the field.<span> </span>The
solution known as Condor™ facilitates the identification, labeling, and
tracking of evidence while keeping precise attendance records at the
scene.<span> </span>Designed with interoperability
with the U.S. Department of Justice NIEM (National Information Exchange Model)
compliance system in mind Condor™ is the logical extension of the simplicity
and efficacy of paper‐based notes and forms. Advanced Response Concepts has
developed a twenty first century alternative allowing users to apply the same
intuitive skills. Condor™ is specifically designed to enhance and augment an
investigator or crime scene technician’s skill set, by creating an intuitive,
user‐friendly process and workflow to improve the field based collection of
data required to properly document and investigate a crime scene.</span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span></span></span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>CONDOR ™ supports this process through the use
of tablet data collection devices, used to enter all of the information and
facts typically gathered through the observation and interview process, and
typically managed on paper while in the field. The user enters relevant event
data into the system where it is recorded, aggregated, and able to be used to
produce detailed agency‐configurable reports to completely document
investigative activities, including the collection and tracking of physical
evidence artifacts.<span> </span>CONDOR ™ is intended
to address a number of identified needs in the forensic and law enforcement
communities, including several of those identified recently in the
comprehensive report published by the National Academy of Sciences; <span> </span>Strengthening Forensic Science in the United
States, A Path Forward.<span><span> </span>(Committee on
Identifying the Needs of the Forensic Sciences Community, National Research
Council, 2009)</span><span> </span>These issues include: improving and
strengthening the chain of custody, better field documentation, improved scene
management and access control all of which are specifically targeted by CONDOR
™.</span></span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>CONDOR ™ is a scalable and robust combination
of task specific hardware and software that is designed from the user up.<span> </span>This approach has allowed our development
team and subject matter experts (criminal investigative practitioners) to focus
on creating a tool that fits the user and requires minimal changes to their
operational process or existing work flow.<span>
</span>This user centric focus is the key to creating a tool that “fits” the
end user to the greatest extent possible, eliminating the frustrations of trying
to adapt to new technologies while still maintaining a consistent, technically
correct and systematic approach to processing a crime scene.</span></span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>The system consists of multiple options for
tablet devices used to gather, collect, record and manage information. CONDOR ™
is not bound to any specific type of hardware for user input, allowing for
continued migration to newer handheld technologies as they emerge offering
greater flexibility to field users.</span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h4 class="MsoNormal" style="text-align: justify;">
<span style="font-size: large;"><b><span>Conclusion </span></b></span></h4>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>When the phrase “Use tablet computers to
record crime scene information” is entered into a Google search engine the top
five responses say a lot about the future of enterprise computing at crime
scenes.<span> </span>Result one and three focus on
the article quoted in this paper referencing iPad purchases in Tennessee.<span> </span>The number two result is a news article
highlighting Advanced Response Concepts Condor System being deployed in
Delaware.<span> </span>The fourth is a website for
rugged computing solutions.<span> </span>What is
interesting is that as you work your way down the list the links all begin to
point overseas, to academic institutions, solutions in place, and ground
breaking strides forward in the use of technology.<span> </span>Why is US Law Enforcement failing to keep up
with the times or the rest of the world in this area?</span></span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>A study conducted in Great Britain by the
University of Birmingham found in a side by side comparison, no discernible
difference in content or quailty between reports handwritten at the crime scene
and those generated using tablet computers.<span>
</span>They did find a significant time savings and noted users found using
tablets to be easier to work with.<span>
</span>Tablet technology in the crime scene environment is a force multiplier. </span></span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>Computers at the scene of a crime allow for
instant capture of sound, video, and still images.<span> </span>They allow for voice to text conversion and
handwriting recognition.<span> </span>Information
captured can be forwarded in real time to colleagues on the street and fusion
centers.<span> </span>American Law enforcement has
embraced technology in offensive and defensive weaponry, surveillance tools,
records and laboratory management systems, everywhere it seems but where it all
starts, at the scene of the crime.<span> </span>Every
officer on the street is seeing increasing caseloads and longer waits for court
dates. In an era of ever increasing budget shortfalls and staffing cuts it
would seem as though the force multiplier capability of crime scene computing
is a tool whose time has come.<span> </span></span></span></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="font-family: Times,"Times New Roman",serif; text-align: justify;">
<span style="font-size: large;"><span>In the immortal words of Sgt Joe Friday: <span> </span>“This is the city. Every 24 hours a little bit
of everything happens. Two million people make a lot of history in one day.
They write it all down and file it away. Some of it's important, some of it
isn't. Business, industry, government - you buy a three-cent stamp or an oil
well - they keep records of it. Progress, money, success... and failure. A
complete history of every day; some of it's public, some personal. <u>It's all
written down</u>. In my job we catalog trouble. I'm a cop.</span></span></div>
<h4 style="text-align: justify;">
</h4>
<h4 style="text-align: justify;">
Works Cited<span style="color: windowtext; font-size: 11.0pt; font-weight: normal; line-height: 115%; mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin;"></span></h4>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Byrd, M. (2010-2012). <i>Written Documentation at a
Crime Scene.</i> Retrieved May 7, 2012, from Crime Scene Investigator Network:
<a href="http://www.crime-scene-investigator.net/document.html" target="_blank"> http://www.crime-scene-investigator.net/document.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Carrier, B., & Spafford, E. H. (2003). <i>Getting Physical with the
Digital Investigation Process.</i> Purdue University, Center for Education and
Research in Information Assurance and Security – CERIAS. Utica: International
Journal of Digital Evidence.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Committee on Identifying the Needs of the Forensic Sciences Community,
National Research Council. (2009). <i>Strengthening Forensic Science in the
United States, A Path Forward.</i> National Academy of Sciences, National
Institute of Justice. Washington DC: National Academies Press.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Daigneau, E. (2011, March). <i>Tablets: Government's Newest Tool</i>.
(E-Republic) Retrieved May 7, 2012, from Governing the States and Localities:
<a href="http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html" target="_blank"> http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Katims, L. (2011, January 12). <i>IPads Helping Tenn. Police Fight Crimes
on the Go </i>. Retrieved May 7, 2012, from Government Technology Magizine:
<a href="http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html">http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Lee, H. C., Palmbach, T., & Miller, M. T. (2001). <i>Henry Lee's
Crime Scene Handbook.</i> San Diego, California: Elsevier Academic Press.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Mechling, J. (2011, March 9). <i>Will the iPad, and competing tablet
computers, help us manage information overload or add to the distractions?</i>
(e-Republic) Retrieved May 7, 2012, from Governing the States and Localities:
<a href="http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html">http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Schecter, P. (2011). <i>Crime Scene Management, Evidence Tracking System
Overview and Summary.</i> Fairfax VA: Advanced Response Concepts Corporation.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Sung, T. (1248, 1981). <i>The Washing Away of Wrongs: Forensic Medicine
in Thirteenth-Century China (Science, Medicine, and Technology in East Asia)</i>
(1981 ed.). (B. McKnight, Ed., & B. McKnight, Trans.) Center for Chinease
Studies.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Taylor, S. (2012). <i>The History of Crime Scene Investigation</i>.
Retrieved May 7, 2012, from E-How:
<a href="http://www.ehow.com/about_5371617_history-crime-scene-investigation.html">http://www.ehow.com/about_5371617_history-crime-scene-investigation.html</a></span></div>
Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-85653745987751492722012-08-21T12:02:00.000-07:002012-08-21T12:02:19.269-07:00Pencils to Processors, Part 1
<br />
<div class="WordSection1">
<div class="MsoNormal">
<br /></div>
<h2 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><i>Data Collection at
Crime Scenes</i></b></h2>
</div>
<b style="mso-bidi-font-weight: normal;"><i><span style="font-family: "Calibri","sans-serif"; font-size: 11.0pt; mso-ansi-language: EN-US; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin;">
</span></i></b>
<h2 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">Part One “Living in the Past”</b></h2>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"> </b></h4>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">Introduction</b></h4>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: "Times New Roman";">“Crime scene
investigation, or forensic science, involves the group effort of a team of
professionals who study the scene of a crime. It takes many individuals who
apply a wide range of specific sciences upon every aspect of the scene to
complete this investigation. Investigators collect and study evidence such as
fingerprints, biologicals like body fluids or skin cells, and ballistics
(trajectory dynamics). The earliest forms of forensic science date back to
prehistoric times." <span style="color: black;"></span></span></div>
</blockquote>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: "Times New Roman";">Modern crime
scene investigation advanced rapidly through the late 1900s and the early
2000s. Using the solid foundation developed over thousands of years of forensic
investigation, modern forensics built upon these technologies and expanded
their application to include computer forensics, DNA forensics, entomological
(insect) forensics and enhanced biological studies”. <span style="mso-no-proof: yes;">(Taylor, 2012)</span></span></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<br /></div>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">The Mission Space</span></b></h4>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">A crime will more
often than not consist of multiple crime scenes.<span style="mso-spacerun: yes;"> </span>Consider that an act of domestic violence can
start outside of a residence and move to a room or rooms within the residence.
Though the “scenes” themselves are contiguous, they can be and often are
treated individually.<span style="mso-spacerun: yes;"> </span>The more cliché
example of a bank robbery could be even more complex.<span style="mso-spacerun: yes;"> </span>The February 1997 North Hollywood shootout
was an armed confrontation between two heavily armed bank robbers and officers
of the Los Angeles Police Department (LAPD) in the North Hollywood district of
Los Angeles.<span style="mso-spacerun: yes;"> </span>This crime could be
described as being multiple scenes over a six block area to include the bank’s
ATM lobby, teller and vault areas, the initial LAPD response at Laurel Canyon,
the getaway vehicle, the scene of the Phillips suicide, and many others.<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">A crime scene can
be defined from macroscopic and microscopic points of view.<span style="mso-spacerun: yes;"> </span>The macroscopic view focuses on crime scenes
within a crime scene in the manner of previously mentioned examples. <span style="mso-spacerun: yes;"> </span>The microscopic view culminates in the
aggregation of individual physical elements relating the crime. <span style="mso-spacerun: yes;"> </span>Every case investigated can contain multiple
macro and microscopic scenes.<span style="mso-spacerun: yes;"> </span>The
interrelations between these definitions must all be considered as each has the
potential to yield information critical to the investigation and eventual
prosecutorial effort.<span style="mso-spacerun: yes;"> </span>(Lee, Palmbach, &
Miller, 2001)</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">The Challenge</span></b></h4>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">When looking at
the construct of a crime scene the one universal constant is its
complexity.<span style="mso-spacerun: yes;"> </span>So why is the primary methodology
of crime scene investigation still reliant on the pencil and yellow legal pad
as the tool of choice?<span style="mso-spacerun: yes;"> </span>Every law
enforcement agency has a formal procedure for the method by which written
documentation is recorded and used.<span style="mso-spacerun: yes;"> </span>The
primary goal of this exercise is the accurate recording of the information with
an eye on the future information sharing requirements of the case and/or future
potentially related cases.<span style="mso-spacerun: yes;"> </span>The Miami
Dade Police Department Crime Scene Investigations unit uses a narrative section
divided into five categories.<span style="mso-spacerun: yes;"> </span>These
categories are summary, scene, processing, and evidence collected, and pending.<span style="mso-spacerun: yes;"> </span>Miami Dade Investigator Mike Byrd relates a
recent request illustrating the importance of complete, detailed, and accurate
recording of investigative information: </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-spacerun: yes;"> </span>“Recently I was asked to give an opinion on
the crime scene portion of a cold case investigation which had occurred more
than 20 years earlier. I agreed to take a look at everything to give my
interpretation of the crime scene from the work product. So the reports and
pictures were ordered from the original files.</span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">When the items
came in the mail the report consisted of a one page, one paragraph narrative.
The scene photographs consisted of several overall prospective of a wooded
area. I could be of no assistance to my fellow colleague. But the experience
best illustrates how important it is to properly use the tools at hand. We are
brought in to assist in the beginning stages of an investigation when very
limited information is known. We should realize that our work product may need to
be viewed extensively by someone years from now for interpretation.” <span style="mso-spacerun: yes;"> </span><a href="http://www.crime-scene-investigator.net/document.html" target="_blank">(Byrd, 2010-2012)</a>.</span></div>
</blockquote>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">Why we still
relay on century old tools to support investigations with twenty first century
expectations with regard to accuracy, detail, and recall is indicative of a
traditional institution still clinging to the familiarity and perceived
reliability of past methods while still operating in a contemporary society. So
why is this attitude prevalent?<span style="mso-spacerun: yes;"> </span>One
could argue that these are time honored traditions with a proven track
record.<span style="mso-spacerun: yes;"> </span>Modern forensics goes back
centuries.<span style="mso-spacerun: yes;"> </span>Generally speaking the first
modern forensic science publication detailing an investigative technique is
attributed to by Tz'u Sung.<span style="mso-spacerun: yes;"> </span>His
thirteenth century text, “Hsi Duan Yu” (the Washing Away of Wrong) was written
in 1248 AD. It detailed a process of distinguishing drowning from strangulation,
portions of which are still used today. (Sung,
1248, 1981)<span style="mso-spacerun: yes;"> </span>It has been the introduction of digital forensics,
digital still and video, and the leap forward in DNA evidence thanks to the
Polymerase Chain Reaction (PCR) technology invented by Nobel prize winner Kary
Mullis that has become the tip of the investigative spear.</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">Current Choices?</span></b></h4>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">The use of
computers in crime scene analysis and forensic investigation has been a growing
phenomenon over the last twenty years.<span style="mso-spacerun: yes;">
</span>However the use of computers at a crime scene is not as widespread as
you may come to expect in this day and age.<span style="mso-spacerun: yes;">
</span>Crime scene utilization of a tool most Americans accept as commonplace
is largely restricted to the gathering and processing of digital evidence, the
area some investigators refer to as the “crime scene within the crime
scene”.<span style="mso-spacerun: yes;"> </span>This additional dimension, if
you will, is focused on the information that can be gleaned from a computer
when it is treated as evidence.<span style="mso-spacerun: yes;"> </span>A
computer itself is, typically, only one piece of physical evidence, but it can
be processed to identify thousands of pieces of digital evidence and each piece
of digital evidence can be analyzed to identify ownership, location, and
timing. (Carrier &
Spafford, 2003)<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">With increasing
expectations with regard to documentation what are the options?<span style="mso-spacerun: yes;"> </span>Law enforcement departments in two Tennessee
counties have turned to the Apple® iPad®.<span style="mso-spacerun: yes;">
</span>The Jefferson County Police Department recently purchased 19 Apple
iPads, one for each officer, with a grant from the U.S. Department of Homeland
Security. <span style="mso-spacerun: yes;"> </span>In adjacent Knox County,
Sheriff’s Office Major Crimes and Family Crisis units recently began using the
tablet computers, and detectives have enjoyed the mobility the iPads give them.<span style="mso-spacerun: yes;"> </span>Functionality inherent in the popular devices
proved to be the selling points.<span style="mso-spacerun: yes;">
</span>Applications, known as “Apps” from the Apple® store allow officers to
leverage the touch screen to draw sketches.<span style="mso-spacerun: yes;">
</span>Built in microphones facilitate recording testimony at crime scenes
while WiFi and CDMA allow officers to send reports, share information with
colleagues and investigate background information without calling dispatch.<span style="mso-spacerun: yes;"> </span><a href="http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html" target="_blank">(Katims, 2011)</a></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">The iPad is an
impressive device.<span style="mso-spacerun: yes;"> </span>In 2010 the New York
Times proclaimed that 2010 would be the “Year of the Tablet.” <a href="http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html" target="_blank">(Daigneau, 2011)</a><span style="mso-spacerun: yes;"> </span>In retrospect Apple dominated the market
forcing the competition to delay or table forecasted launches in a scramble to
produce competitively priced and feature rich challengers.<span style="mso-spacerun: yes;"> </span>“[iPads] could critically accelerate and
improve our utilization of digital information, and through that, the
performance of government. Thus, they possess great strategic potential, but
they could also serve as a risky distraction”.<span style="mso-spacerun: yes;"> </span><a href="http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html" target="_blank">(Mechling, 2011)</a><span style="mso-spacerun: yes;"> </span>But the iPad is not without its drawbacks, as
web columnist Jerry Mechling alludes to in the afore mentioned quote.<span style="mso-spacerun: yes;"> </span>Apple® maintains strict control over
application development, licensing and deployment.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>The
device was created to allow an individual unlimited access to information but
does so in a completely closed system.<span style="mso-spacerun: yes;"> </span>Security
tools built into the device are not without their vulnerabilities.<span style="mso-spacerun: yes;"> </span>The fact that the Apple® “Jailbreak”
community often has security patches published on the web before Apple® does is
indicative of the weaknesses in the Apple® armor. The simplicity of the iPad
masks its transformational power.<span style="mso-spacerun: yes;">
</span>Navigating with your fingers rather than a keyboard marks a fundamental
change in user interfaces.<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: 12.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">Despite its
success the iPad® is not the only game in town.<span style="mso-spacerun: yes;"> </span>In the two years the iPad® has been on the
street a plethora of manufactures have entered the market with strongly
competitive devices and operating systems.<span style="mso-spacerun: yes;">
</span>Enter the other industry behemoth Microsoft.<span style="mso-spacerun: yes;"> </span>In late 2012 Microsoft® will release Windows
8 with an accompanying tablet PC version. Partnered with Nvidia®, supplying the
Tegra 3™ chip to be used with ARM based hardware, Microsoft will move to level
the playing field currently dominated by Apple® and protagonist Android®.<span style="mso-spacerun: yes;"> </span>Although this does not herald a coming
competitive nirvana it does open the door to adaptation of software solutions
known to the public safety community as well as allowing the open source
community its opportunity to make a mark.<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
</div>
<h3 style="text-align: justify;">
Works Cited - Parts One and Two<span style="color: windowtext; font-size: 11.0pt; font-weight: normal; line-height: 115%; mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin;"></span></h3>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Byrd, M. (2010-2012). <i>Written Documentation at a
Crime Scene.</i> Retrieved May 7, 2012, from Crime Scene Investigator Network:
<a href="http://www.blogger.com/%20http://www.crime-scene-investigator.net/document.html" target="_blank"> http://www.crime-scene-investigator.net/document.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Carrier, B., & Spafford, E. H. (2003). <i>Getting Physical with the
Digital Investigation Process.</i> Purdue University, Center for Education and
Research in Information Assurance and Security – CERIAS. Utica: International
Journal of Digital Evidence.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Committee on Identifying the Needs of the Forensic Sciences Community,
National Research Council. (2009). <i>Strengthening Forensic Science in the
United States, A Path Forward.</i> National Academy of Sciences, National
Institute of Justice. Washington DC: National Academies Press.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Daigneau, E. (2011, March). <i>Tablets: Government's Newest Tool</i>.
(E-Republic) Retrieved May 7, 2012, from Governing the States and Localities: <a href="http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html">http://www.governing.com/topics/technology/Tablets-Governments-Newest-Tool.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Katims, L. (2011, January 12). <i>IPads Helping Tenn. Police Fight Crimes
on the Go </i>. Retrieved May 7, 2012, from Government Technology Magizine:
<a href="http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html" target="_blank">http://www.govtech.com/featured/IPads-Helping-Tenn-Police-Fight-Crimes-on-the-Go.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Lee, H. C., Palmbach, T., & Miller, M. T. (2001). <i>Henry Lee's
Crime Scene Handbook.</i> San Diego, California: Elsevier Academic Press.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Mechling, J. (2011, March 9). <i>Will the iPad, and competing tablet
computers, help us manage information overload or add to the distractions?</i>
(e-Republic) Retrieved May 7, 2012, from Governing the States and Localities:
<a href="http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html">http://www.governing.com/columns/mgmt-insights/iPad-risky-game-changer.html</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Schecter, P. (2011). <i>Crime Scene Management, Evidence Tracking System
Overview and Summary.</i> Fairfax: <a href="http://responseconcepts.com/" target="_blank">Advanced Response Concepts Corporation</a>.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Sung, T. (1248, 1981). <i>The Washing Away of Wrongs: Forensic Medicine
in Thirteenth-Century China (Science, Medicine, and Technology in East Asia)</i>
(1981 ed.). (B. McKnight, Ed., & B. McKnight, Trans.) Center for Chinease
Studies.</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Taylor, S. (2012). <i>The History of Crime Scene Investigation</i>.
Retrieved May 7, 2012, from E-How:
<a href="http://www.ehow.com/about_5371617_history-crime-scene-investigation.html">http://www.ehow.com/about_5371617_history-crime-scene-investigation.html</a></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-20266327560906981172012-08-03T10:41:00.000-07:002012-08-03T10:41:39.883-07:00Possession is nine tenths of the law? Part 2<br />
<h2 align="center" class="MsoNormal" style="text-align: center;">
<i style="mso-bidi-font-style: normal;"><span style="font-family: "Times New Roman","serif"; font-size: 24.0pt; mso-fareast-font-family: "MS Mincho"; mso-no-proof: yes;"></span><span style="font-family: "Times","serif"; font-size: 14.0pt; mso-bidi-font-family: "Times New Roman"; mso-bidi-theme-font: minor-bidi;">Part Two “It’s Mine I Can
Prove It.”<span style="mso-spacerun: yes;"> </span></span></i></h2>
<h3 align="center" class="MsoNormal" style="text-align: center;">
<i style="mso-bidi-font-style: normal;"><span style="font-family: "Times","serif"; font-size: 14.0pt; mso-bidi-font-family: "Times New Roman"; mso-bidi-theme-font: minor-bidi;">Why PKI should be used to
address the digital rights management question </span></i></h3>
<div align="center" class="MsoNormal" style="text-align: center;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
The second half of this essay
looks at how various media providers use DRM and the limitations of the current
solutions. <span style="mso-spacerun: yes;"> </span>PKI is presented as an
alternative. I hope you enjoy the paper and encourage you to comment.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">Digital Rights Management</b></h4>
<div class="MsoNormal" style="text-align: justify;">
Accepting the fact that you are
really not buying anything tangible, a digital content provider like Apple® is
not necessarily out to get you.<span style="mso-spacerun: yes;"> </span>The
“Terms and Conditions [for] ITunes store, Mac App Store, App Store and
iBookstore” allow for content sharing on up to ten devices five of which may be
a I Tunes authorized computers.<span style="mso-spacerun: yes;"> </span>It
allows burning to CD your full playlist up to seven times.<span style="mso-spacerun: yes;"> </span>For a fee you can get additional cloud
services that make accessing your <i style="mso-bidi-font-style: normal;">purchased<b style="mso-bidi-font-weight: normal;"> </b></i>content even easier.<span style="mso-spacerun: yes;"> </span>On the flip side Apple® reserves the right to
change the usage rules at any time.<span style="mso-spacerun: yes;"> </span>The
Apple® business model is not about making money with the content it is about
making money on the hardware.<span style="mso-spacerun: yes;"> </span>This is
not the typical hardware /software paradigm.<span style="mso-spacerun: yes;">
</span>With the majority of companies that deal in both hardware and software
the real profit is in the software and ultimately the accompanying service and
support plans.<span style="mso-spacerun: yes;"> </span>Apples approach is not
unique but is atypical in the software community though it seems to be part of
a consensus in the digital content management community.<span style="mso-spacerun: yes;"> </span>"The iPod makes money. The iTunes Music
Store doesn't," said Apple Senior Vice President Phil Schiller.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>"It's
maybe a feature your platform should offer, but it's not like you're going to
make some (big) markup," Microsoft Chairman Bill Gates said at the
company's July [2003] analysts' meeting in response to questions about a
proposed online music store.<span style="mso-no-proof: yes;">(Fried, 2003)</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
You have a certain amount of
freedom in using and managing the content you purchase/lease from Apple ® although
you are limited to using Apple® hardware, or apple software on non Apple®
hardware like PC’s and Laptops.<span style="mso-spacerun: yes;"> </span>The
Apple® formats are proprietary as is the security mechanism they use to ensure
compliance with their policies. This is the difference between the
underperforming subscription models like Napster, Rhapsody, and Pressplay, and
the Apple a la carte model which has been copied by most of the major players
in the industry today.<span style="mso-spacerun: yes;"> </span>Security is
enforced using Digital Rights Management (DRM) Digital rights management.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
<span style="mso-spacerun: yes;"> </span>“DRM is a class of access control technologies
that are used by hardware manufacturers, publishers, copyright holders and
individuals with the intent to limit the use of digital content and devices
after sale. DRM is any technology that inhibits uses of digital content that
are not desired or intended by the content provider. DRM also includes specific
instances of digital works or devices. Companies such as Amazon, AT&T, AOL,
Apple Inc., BBC, Microsoft, Electronic Arts and Sony use digital rights
management.” <span style="mso-no-proof: yes;">(Wikipedia, 2012)</span><span style="mso-spacerun: yes;"> </span></div>
</blockquote>
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
DRM has its detractors who often
predict gloom and doom scenarios.<span style="mso-spacerun: yes;"> </span>These
scenarios often focus on a complete loss of your digital media should the DRM
standard change in the future or the original service provider go out of
business.<span style="mso-spacerun: yes;"> </span>Although it does not seem
likely that the world will be without the I Store™, Kindle™ store, or any of
the other megalithic providers anytime soon the point is valid. <span style="mso-spacerun: yes;"></span>Additional charges are that DRM stifles
innovation and competition but perhaps the most disconcerting charge it that
DRM goes beyond the constraints required by current copyright law which could
be a slippery slope indeed.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Apple has its own proprietary
version of DRM known as FairPlay which is in turn only supported by Apple ®
products.<span style="mso-spacerun: yes;"> </span>This is no surprise if the
afore mentioned quote by Apple Senior Vice President Phil Schiller is representative
of Apples long term business model.<span style="mso-spacerun: yes;">
</span>Apple, like other digital content providers, does have a loyal following
but the question needs to be asked; are we heading for a single source world in
which you must pick your provider and be satisfied with the available
offerings.<span style="mso-spacerun: yes;"> </span>What happens when your
favorite author’s publisher or recording artist’s studio will not sign a
contract with your provider?<span style="mso-spacerun: yes;"> </span>Do you buy
a new device every time you seek to increase the variety of your library?<span style="mso-spacerun: yes;"> </span>To be fair to Apple® although they continue
to use DRM in other media they removed FairPlay and any sort of DRM from the music
tracks bought in the iTunes music library in 2009.<span style="mso-no-proof: yes;"><span style="mso-spacerun: yes;"> </span>(Apple Inc,
2012)</span><span style="mso-spacerun: yes;"> </span>Apple does continue to digitally watermark its
music tracks offering an excellent segue into DRM alternatives.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
The pivotal issue of the digital
media conundrum is the establishment of ownership and the ability to trace that
ownership.<span style="mso-spacerun: yes;"> </span>There are those who do not
believe that any sort of identifier that would allow for tracing of ownership
is in any way necessary or justified.<span style="mso-spacerun: yes;">
</span>Perhaps there are merits to specific arguments in that regard however a system
without ownership principles will simply result in the eventual extinction of
the art form.<span style="mso-spacerun: yes;"> </span>Individuals cannot be
allowed unfettered access to works without compensation to the originator or
allowed the ability to, without limitation, reproduce and distribute said
material.<span style="mso-spacerun: yes;"> </span>It is obvious that DRM is not
the solution of the future.<span style="mso-spacerun: yes;"> </span>Apple uses
digital watermarking, the process by which code is buried in an underlying
carrier signal allowing for the verification of the signals ownership or
authenticity.<span style="mso-spacerun: yes;"> </span>This technology has been
used to track down the source of pirated movies.<span style="mso-spacerun: yes;"> </span>Unlike the Metadata like that placed in
websites to improve visibility to search engines, Digital watermarking does not
change the size of the file.<span style="mso-spacerun: yes;"> </span>One would
think that this is an effective solution until the realization that digital watermarking
is proprietary, and not standards driven, comes to light. A digital watermark
also cannot be easily altered or added to without sacrificing some of the
quality of the original file.<span style="mso-spacerun: yes;"> </span>With this
limitation it becomes problematic at best to transfer ownership of the media.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h4 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="mso-spacerun: yes;"> </span>DRM Alternatives</b></h4>
<div class="MsoNormal" style="text-align: justify;">
Other methods for establishing
ownership of digital media are in use.<span style="mso-spacerun: yes;"> </span>For
example, Palm Digital Media, now known as E-reader, links the credit card
information of the purchaser to the e-book copy in order to discourage
distribution of the books. <span style="mso-no-proof: yes;">(Noring, 2004)</span><span style="mso-spacerun: yes;"> </span>The big disadvantage is the risk to
Personally Identifiable Information (PII).<span style="mso-spacerun: yes;">
</span>The thought of using credit card information to indicate ownership of a
piece of digital media is scary at best.<span style="mso-spacerun: yes;">
</span><span style="mso-spacerun: yes;"> </span>So what is the solution?<span style="mso-spacerun: yes;"> </span>One proposition is that establishing
ownership of digital media, securing a multibillion dollar industry and
preventing hundreds of millions of dollars in fraud in the US alone, is a great
argument for furthering individual digital identities in the US; enter PKI and
Digital Certificates. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Public key infrastructure (PKI)
enables users of a basically unsecure public network such as the Internet to
securely and privately exchange data and money through the use of a public and
a private cryptographic key pair that is obtained and shared through a trusted
authority. The public key infrastructure provides for a digital certificate
that can identify an individual or an organization and directory services that
can store and, when necessary, revoke the certificates. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
In cryptography,
a public key “certificate” (or identity certificate) is an electronic document
which incorporates a digital signature to bind together a public key with an
identity - information such as the name of a person or an organization, their
address, and so forth. The certificate can be used to provide very strong
verification that a public key belongs to an individual.</div>
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
In a typical
public key infrastructure (PKI) scheme, the signature will be of a certificate
authority. In a web of trust scheme, the signature is of either the user (a
self-signed certificate) or other users (”endorsements”). In either case, the
signatures on a certificate are attestations by the certificate signer that the
identity information and the public key belong together. <span style="mso-no-proof: yes;">(Operational Research Consultants Inc., 2011)</span></div>
</blockquote>
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
<span style="mso-no-proof: yes;"> </span> </div>
<div class="MsoNormal" style="text-align: justify;">
This would appear to be an
excellent solution for both the producers and consumers of digital media. For
example if I were to buy an e-book and sign both the purchase and the resulting
digital file with a public key certificate it would be the digital equivalent
of signing each and every page of a hardcover novel with my name.<span style="mso-spacerun: yes;"> </span>It does raise some rather childish euphemistic
comparisons but effectively marks that digital media as mine.<span style="mso-spacerun: yes;"> </span>More importantly unlike a five year old
scribbling this book belongs to “Tommy” across the pages a digital signature
can be edited, exchanged, or added to without harming the underlying file. This
allows for the establishment of a chain of ownership and subsequently for the
smooth and traceable exchange of ownership, even one that is temporary.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Detractors point out that the establishment
of a PKI infrastructure is overly burdensome in cost and complexity.<span style="mso-spacerun: yes;"> </span>But this argument does not stand up to the
counter which is economy of scale.<span style="mso-spacerun: yes;"> </span>The
federal government has been using PKI for years for logical access security but
efforts to increase the use of this proven technology outside the federal
government have been hampered by lack of broad scale adoption.<span style="mso-spacerun: yes;"> </span>Consider that Apple has more than two hundred
million devices sold worldwide and Amazon can claim more than six hundred
million users.<span style="mso-spacerun: yes;"> </span>It is not too much of an
exaggeration to state that using those numbers as a starting point would drive
the cost of PKI digital identities into the cost range of the Venti Café Mocha
from Starbucks I purchased on the way to work this morning.<span style="mso-spacerun: yes;"> </span>It was by the way, demonstrably not
ostensibly mine. Possession is nine tenths of the law, just ask my daughter.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 style="text-align: justify;">
Works Cited<span style="color: windowtext; font-size: 11.0pt; font-weight: normal; line-height: 115%; mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin;"></span></h3>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Apple Inc. (2012, January 6). <i>Chanegs Coming to
iTunes Store.</i> Retrieved June 20, 2012, from Apple Press Information:
http://www.apple.com/pr/library/2009/01/06Changes-Coming-to-the-iTunes-Store.html</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Apple Inc. (2012). <i>LICENSED APPLICATION END USER LICENSE AGREEMENT .</i>
Retrieved June 18, 2012, from www.apple.com: <a href="http://www.blogger.com/goog_2051711366">http://www.apple.com/legal/itunes/appstore/dev/stdeula/</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<a href="http://www.apple.com/legal/itunes/appstore/dev/stdeula/" target="_blank"><span style="mso-no-proof: yes;">http://www.apple.com/legal/itunes/appstore/dev/stdeula/</span></a></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Fried, I. (2003, Oct 16). <i>Will Itunes make Apple Shine</i>. Retrieved
June 19, 2012, from CNET: http://news.cnet.com/2100-1041-5092559.html?tag=nl</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Hyde, B. (2001). <i>THE FIRST SALE DOCTRINE AND DIGITAL.</i> Retrieved
june 20, 2012, from Duke Law Scholorship Repository:
<a href="http://www.blogger.com/%20http://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=1017&context=dltr" target="_blank"> http://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=1017&context=dltr</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Kunkel, J. R. (2002). Recent Developments in Shrinkwrap, Clickwrap and
Browsewrap Licenses in the United States. <i>Murdoch University Electronic
Journal of Law</i> <i>, 9</i> (3).</span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Noring, J. (2004). <i>The Perils of DRM Overkill For Large Publishers.</i>
Retrieved June 20, 2012, from Teleread.org:
<a href="http://web.archive.org/web/20080403175200/">http://web.archive.org/web/20080403175200/</a> <a href="http://www.teleread.org/publishersdrm.htm">http://www.teleread.org/publishersdrm.htm</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Operational Research Consultants Inc. (2011). <i>Certificates and
Credentials</i>. Retrieved June 20, 2012, from ORC.Com:
<a href="http://www.blogger.com/%20http://www.orc.com/certificates/" target="_blank"> http://www.orc.com/certificates/</a></span></div>
<div class="MsoBibliography" style="text-align: justify;">
<br /></div>
<div class="MsoBibliography" style="text-align: justify;">
<span style="mso-no-proof: yes;">Wikipedia. (2012, June 15). <i>Digital rights management</i>. Retrieved
June 19, 2012, from Wikipedia, The Free Encyclopedia : <a href="http://en.wikipedia.org/wiki/Digital_rights_management#cite_note-0">http://en.wikipedia.org/wiki/Digital_rights_management#cite_note-0</a></span></div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com1tag:blogger.com,1999:blog-3072447856983501300.post-66399867059605778412012-07-18T07:14:00.000-07:002012-07-18T07:14:23.862-07:00Possession is nine tenths of the law? Part 1<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:DontVertAlignCellWithSp/>
<w:DontBreakConstrainedForcedTables/>
<w:DontVertAlignInTxbx/>
<w:Word11KerningPairs/>
<w:CachedColBalance/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="267">
<w:LsdException Locked="false" Priority="0" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:12.0pt;
mso-para-margin-left:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
<br />
<div class="WordSection1">
<div class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 14.0pt;"></span></b>Posting the Mobile Device Remote Identity Proofing paper in
parts seemed to work pretty well.<span style="mso-spacerun: yes;"> </span>The
paper as a whole received many more views than its two predecessors.<span style="mso-spacerun: yes;"> </span>“Possession” is not as long as “Mobile” but
lends itself to being divided in half.<span style="mso-spacerun: yes;">
</span>The first half will focus on the problem, how to best handle Digital Rights
Management (DRM), along with the associated legal principles.<span style="mso-spacerun: yes;"> </span>Part Two will focus on the current methods of
securing Digital Rights Management and PKI as an alternative.<span style="mso-spacerun: yes;"> </span>I hope you enjoy the paper and encourage you
to comment.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
</div>
<br clear="all" style="mso-break-type: section-break; page-break-before: always;" /><h2 align="center" class="MsoNormal" style="text-align: center;">
<i style="mso-bidi-font-style: normal;"><span style="font-family: "Times","serif"; font-size: 14.0pt; mso-bidi-font-family: "Times New Roman"; mso-bidi-theme-font: minor-bidi;">The Digital Rights Management
Conundrum </span></i></h2>
<h2 align="center" class="MsoNormal" style="text-align: center;">
<i><span style="font-family: "Times","serif"; font-size: 14pt;"> </span></i></h2>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">Background on digital media ownership</b></h3>
<div class="MsoNormal" style="text-align: justify;">
Every so often I run across a
word that I have not heard before or had the occasion to use.<span style="mso-spacerun: yes;"> </span>The latest entry in that category is
Ostensible.<span style="mso-spacerun: yes;"> </span>Ostensible is an adjective
defined by Merriam Webster as: </div>
<blockquote class="tr_bq">
<div class="MsoListParagraphCxSpFirst" style="mso-list: l0 level1 lfo1; text-align: justify; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;">1.<span style="font: 7.0pt "Times New Roman";"> </span></span></span>1:
intended for display : open to view</div>
<div class="MsoListParagraphCxSpLast" style="mso-list: l0 level1 lfo1; text-align: justify; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;"><span style="mso-list: Ignore;">2.<span style="font: 7.0pt "Times New Roman";"> </span></span></span>2:
being such in appearance: plausible rather than demonstrably true or real.</div>
</blockquote>
<div class="MsoNormal" style="text-align: justify;">
I came across this word while
conducting the research for this post.<span style="mso-spacerun: yes;">
</span>It was used in the Wall Street Journal’s Law Blog while paraphrasing a
2010 decision by the Ninth Circuit Court in San Francesco.<span style="mso-spacerun: yes;"> </span>The focus of the plaintiffs and the defendant’s
dispute was money, no surprise.<span style="mso-spacerun: yes;"> </span>The
argument was based on the difference in royalties paid to recording
artists.<span style="mso-spacerun: yes;"> </span>A song that is licensed
typically garners a hefty fifty percent share in revenue for the artist,
conversely a song that is sold brings in far lower royalty.<span style="mso-spacerun: yes;"> </span>The catalyst for the complaint, Apple
I-tunes.<span style="mso-spacerun: yes;"> </span>Time for a reality check; did
you really believe the tens of millions of dollars spent on music, movies,
books, and other publications in the I-Tune store actually resulted in
ownership?<span style="mso-spacerun: yes;"> </span>You may be thinking to
yourself that darn fine print well in fact the opening statement to the iTunes
licensing agreement tells it all. <span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
“The Products
transacted through the Service are licensed, not sold, to You for use only
under the terms of this license, unless a Product is accompanied by a separate
license agreement, in which case the terms of that separate license agreement
will govern, subject to Your prior acceptance of that separate license
agreement. The licensor (“Application Provider”) reserves all rights not
expressly granted to You. The Product that is subject to this license is
referred to in this license as the “Licensed Application.”<span style="mso-no-proof: yes;"><span style="mso-spacerun: yes;"> </span>(Apple Inc.,
2012)</span></div>
</blockquote>
<div class="MsoNormal" style="margin-left: 0.5in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
The fact that the songs were
licensed not sold precipitated the suit against Universal Music Group by
producers affiliated with rapper Eminem.<span style="mso-spacerun: yes;">
</span>Although the decision was not favorable for Universal Music Group it is
also, at least according to them, not precedent setting as it is specific to
one particular contract with a single artist.<span style="mso-spacerun: yes;">
</span>They are obviously appealing the verdict.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
In order to begin to grasp the
issues it is necessary to have a general understanding of the three legal
principles that have become ubiquitous in the digital media debate.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">Copyright</b></h3>
<div class="MsoNormal" style="text-align: justify;">
Merriam Webster defines copyright
as <span class="ssens">the exclusive legal rights to reproduce, publish, sell, or
distribute the matter and form of something (as a literary, musical, or
artistic work).<span style="mso-spacerun: yes;"> </span>A copyright is granted
to the creator of an original expression of work; for example an author or
composer.<span style="mso-spacerun: yes;"> </span>There is more than one type of
copyright, those that are registered and those that are implied. Without
getting into too much detail suffice it to say that an implied copyright is
granted on initial publication of the work and a registered copyright is
granted by the US copyright office after the work is deposited along with
application and fee.<span style="mso-spacerun: yes;"> </span>The deposited work
[sample] becomes the property of the U.S. Library of Congress. </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">First Sale Doctrine</b></h3>
<div class="MsoNormal" style="text-align: justify;">
First sale doctrine as applied to
Copyrights allows the purchaser to sell or give away a particular lawfully made
copy of the copyrighted work without permission once it has been obtained. This
does not infringe the copyright owner's exclusive rights. <span style="font-family: "Arial","sans-serif"; font-size: 10.0pt;">Section 106 of the
1976 Copyright Act grants the owner of a Copyright six exclusive rights:</span>
<span style="font-family: "Arial","sans-serif"; font-size: 10.0pt;">reproduction,
preparation of derivative works, distribution, public performance, public
display, and digital</span> <span style="font-family: "Arial","sans-serif"; font-size: 10.0pt;">transmission
performance.</span><span style="font-family: "Arial","sans-serif"; font-size: 7.0pt;">
<span style="mso-spacerun: yes;"> </span></span><span style="font-family: "Arial","sans-serif"; font-size: 10.0pt;">However, a Copyright owner’s right of
distribution is limited by the First Sale</span> <span style="font-family: "Arial","sans-serif"; font-size: 10.0pt;">Doctrine, as codified in Section 109 of the
Act. Section 109(a) <span style="mso-no-proof: yes;">(Hyde, 2001)</span></span><span style="mso-spacerun: yes;"> </span>First sale doctrine is an exception to the
copy right.<span style="mso-spacerun: yes;"> </span>This exception allows you to
give a book to a friend or even sell it.<span style="mso-spacerun: yes;">
</span>First Sale Doctrine enables libraries to lend books and video stores,
before they started going the way of the dinosaur, to rent video’s.<span style="mso-spacerun: yes;"> </span>First sale doctrine is not without
conditions. In order to receive the afore mentioned privileges ownership must
be established.<span style="mso-spacerun: yes;"> </span>Keep in mind that
ownership is not defined by mere possession which is why you cannot legally
copy a rented video or DVD. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;">Contract</i></b></h3>
<div class="MsoNormal" style="text-align: justify;">
Back in the pre-computer dark
ages access to music, literature, video etc was controlled by copyright
law.<span style="mso-spacerun: yes;"> </span>During the personal computer
enlightenment we were introduced to contract law as we accepted license
agreements during software installation or even through the act of breaking the
security seal.<span style="mso-spacerun: yes;"> </span>The internet introduced
the information revolution and really stood things on end with the <i style="mso-bidi-font-style: normal;">Click Through License </i>also known as a
Click<i style="mso-bidi-font-style: normal;"> Wrap Agreement</i></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
Clickwrap
agreements came into use when software vendors began distributing software by
means other than disks, such as when the software is pre-installed on a
computer for the user, or when the software is downloaded over the Internet.
Upon downloading, installation or first use of the application, a window
containing the terms of the license opens for the user to read. The user is
asked to click either "I agree" or "I do not agree". If the
user does not agree, the process is terminated. The clickwrap agreements often
remove many factual questions whether the user had adequate notice of the
license terms and manifested assent to them. With respect to software
downloads, the clickwrap terms often are displayed at the very start of the
contract formation process, although often the terms are contained in a
scrollable window that requires the user to scroll down to read all of the
terms. This positioning often eliminates U.C.C. Section 2-207 issues regarding
agreement to additional or different terms. <span style="mso-no-proof: yes;">(Kunkel, 2002)</span></div>
</blockquote>
<div class="MsoNormal" style="margin-left: 0.5in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Statistics and Sigma Six expert
Jeff Sauro confirmed a true lack of end user concern with end user license
agreements (EULA).<span style="mso-spacerun: yes;"> </span>Mr. Sauro examined a
couple of thousand log records over e few different consumer software
products.<span style="mso-spacerun: yes;"> </span>He found;</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
<span style="mso-spacerun: yes;"> </span>“The median time users spent on the license
page was only 6 seconds! Generating a confidence interval around this sample
tells us that we can be 95% sure at least 70% of users spend less than 12
seconds on the license page.</div>
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
Assuming it
takes a minimum of two minutes to read the License Agreement (which itself is
fast) we can be 95% confident no more than 8% of users read the License
Agreement in full.”</div>
</blockquote>
<div class="MsoNormal" style="margin-left: 0.5in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
It could be argued that the sheer
volume of these agreements in our everyday lives provided a disincentive in
getting the end user to read them.<span style="mso-spacerun: yes;"> </span>As
digital content providers race to catch up with advances in technology the
agreements compound often resulting in multiple EULA’s and Terms of use
agreements for individual products.<span style="mso-spacerun: yes;">
</span>Consider that the order of a Kindle Fire™ requires that you consent to
ten different agreements with a combined forty eight pages of text (11point
font, standard margins).<span style="mso-spacerun: yes;"> </span>Disincentive or
not click wrap agreements are likely here to stay and current case law is
overwhelmingly in their favor.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Getting back to ostensible, you
are in fact the ostensible “buyer” when it comes to electronic media.<span style="mso-spacerun: yes;"> </span>The major providers are very aware of the propensity
of people to actually read the license agreement before clicking the check box
indicating “I agree”.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>The media providers think of you as a <i style="mso-bidi-font-style: normal;">buyer of a service</i> whereas you may think
of yourself as the <i style="mso-bidi-font-style: normal;">buyer of a product</i>.<span style="mso-spacerun: yes;"> </span>You have no right to resell what you have
purchased, in fact is difficult to lend or share what you have purchased
outside of your family group in your own home and then only when using software
designed to regulate that behavior.<span style="mso-spacerun: yes;"> </span>Even
if the majority of people were to read the license agreements chances are most
would complete the purchase regardless of what the license agreement outlines.<span style="mso-spacerun: yes;"> </span>This is in keeping with today’s instant
gratification society.<span style="mso-spacerun: yes;"> </span></div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-21429140951046341392012-07-02T07:23:00.003-07:002012-07-02T07:23:51.847-07:00Mobile Device Remote Identity Proofing - Part 5 final thoughts<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:RelyOnVML/>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:DontVertAlignCellWithSp/>
<w:DontBreakConstrainedForcedTables/>
<w:DontVertAlignInTxbx/>
<w:Word11KerningPairs/>
<w:CachedColBalance/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="267">
<w:LsdException Locked="false" Priority="0" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:12.0pt;
mso-para-margin-left:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
<br />
<div class="MsoNormal" style="text-align: justify;">
<a href="https://docs.google.com/file/d/0B0grrLiDyW8kVUdYalNRTERkbGc/edit" target="_blank"><span>Download PDF of complete paper </span></a><b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;"><br /></span></b></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b><span> </span></b></h3>
<h3 class="MsoNormal" style="text-align: justify;">
<b><span>X.<span style="mso-spacerun: yes;"> </span>Token activation</span></b></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;">With all of the required elements in
place all that is left is to do is to deal with the physical representation of
the identity.<span style="mso-spacerun: yes;"> </span>The federal government is
currently both the largest issuer and relying party in the trusted identity
ecosystem.<span style="mso-spacerun: yes;"> </span>Programs like the Defense
Departments Common Access Card (CAC), Homeland Securities Transportation Worker
Identification Card (TWIC), and the Federal Standard FIPS 201 Personal Identity
Verification (PIV) credential all have one thing in common.<span style="mso-spacerun: yes;"> </span>They all require a physical token in the form
of a Smart Card.<span style="mso-spacerun: yes;"> </span>A smart card is a
plastic card with an embedded microchip(s) that can be loaded with data which
in turn can be secured with a Public Key Infrastructure (PKI) certificate or
similar technology.<span style="mso-spacerun: yes;"> </span>This brings us full
circle to the ownership issue.<span style="mso-spacerun: yes;"> </span>Having a
physical manifestation of the identity can be perceived as a security liability
issue as the risk of loss of the token is still inherent in the program.
Despite this, current conventions are for token based programs.</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;">It is not currently both technologically
and economically feasible to use the mobile device directly for activation of an
external token.<span style="mso-spacerun: yes;"> </span>The device itself must
fulfill that function.<span style="mso-spacerun: yes;"> </span>This concept
presupposes the phone in a role as a token. <span style="mso-spacerun: yes;"> </span>To truly put identity management in the hands
of John Q Public we must find a new cost effective way to support current IdM
programs by greatly reducing or eliminating the currently accepted hardware
intensive infrastructure required.<span style="mso-spacerun: yes;">
</span>Because a secure connection between the mobile device and the back end
systems, to include the certificate authority (CA), are inherent in the system
architecture, it is not necessary to expound on the activation methodology for
the device as a token scenario.<span style="mso-spacerun: yes;"> </span>For
activation of tokens other than the mobile device, the initial premise to be explored
should be to leverage the “sync with my pc” capabilities of smart phones.<span style="mso-spacerun: yes;"> </span>The synced device will provide application
while using the PC in a limited role for network connection and attachments of
peripherals like smart card readers, USB flash drives and other potential token
variants.</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<span><span class="st"></span></span></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">XI. Policy</b></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
In theory, current technology
supports all of the elements required for identity proofing in a remote or
“mobile” environment, in a cost effective manner.<span style="mso-spacerun: yes;"> </span>Truly widespread implementation will likely
require changes to the currently accepted policy models.<span style="mso-spacerun: yes;"> </span>For example, if the capture of information
supporting a claimant’s identity is no longer the impediment perhaps it is time
to change to change the assurance model to one that is based on the number and
type of witnesses to an the initial claim.<span style="mso-spacerun: yes;">
</span>Using this model the lowest level of assurance would be assigned to an
identity remotely established and witnessed by a non credentialed
individual.<span style="mso-spacerun: yes;"> </span>A moderate level of
assurance would be one based on the “witnessing” of the claim by an individual
possessing a credential at a level being requested or higher.<span style="mso-spacerun: yes;"> </span>A high level of assurance would be based on
the “witnessing” of a specifically designated credentialed authority.<span style="mso-spacerun: yes;"> </span>This would in essence be the modern digital
equivalent of the traditional notary public.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span class="st"></span></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;">With the more difficult issue of
creation of the claimant’s profile being established, the comparatively easy
step of binding the claim to the individual can be addressed.<span style="mso-spacerun: yes;"> </span>There are both established precedents and
regulatory guidance for this step of the process. Basic documentation proving
citizenship for a Passport or eligibility for a Drivers License; I-9
Documentation for purposes of eligibility for employment; the more stringent
PIV-I requirements; or the detailed requirements combining breeder documents,
knowledge based quizzes and background investigations for PIV are well
established.<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;">Once again camera technology and
current application capabilities allow for a document such as a drivers
license, passport, birth certificate, and other forms of identity to be
captured at resolutions allowing for optical character recognition to be used.<span style="mso-spacerun: yes;"> </span>This will speed the process flow and lessen
the data exchange requirements between the mobile registration device and the
processing program.<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;">XII.
Conclusion </span></b></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; text-align: justify;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;">More than 88% of consumers have made purchases online spending
more than 142 billion dollars in 2010 with a 14% increase continuing to trend
upwards through the 2<sup>nd</sup> quarter of 2011<span style="mso-spacerun: yes;"> </span>(comScore, Inc., 2011). Within a few years
this trend will represent hundreds of billions of dollars of transactions
conducted with the barest of security protections.<span style="mso-spacerun: yes;"> </span>The logical prophylactic to a multibillion
dollar fraud epidemic is biometrics. <span style="mso-spacerun: yes;"> </span>Based on physiological or behavior
characteristics biometrics are distinctive and attributable to specific
individuals.<span style="mso-spacerun: yes;"> </span>Unlike the <span style="mso-bidi-font-weight: bold;">ubiquitous</span> pin and password security
that is commonplace in the United States biometrics carries a higher level of
trust in information assurance.</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: "Times New Roman"; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri;">It is evident that cell phone
technology itself is mature enough to handle the requirements of the emerging
need for strong general purpose identity management programs.<span style="mso-spacerun: yes;"> </span>The computer age has ushered in an era where
our identities, and the most intimate and valued attributes associated with
them are immediately accessible on a twenty four seven basis.<span style="mso-spacerun: yes;"> </span>Unfortunately we are still guarding our most
valued possession with the equivalent of an old skeleton key.<span style="mso-spacerun: yes;"> </span>With a little work that single key can open
every door in our virtual house.<span style="mso-spacerun: yes;"> </span>That
house needs to be a vault with a strong identity backed with personal
biometrics the only key.<span style="mso-spacerun: yes;"> </span>Regardless of
the threats, and the validity of the solutions, the one obstacle that
technology cannot overcome is the mindset of the American individual.</span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3>
Works Cited – Complete Paper<span style="color: windowtext; font-size: 11.0pt; font-weight: normal; line-height: 115%; mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin;"></span></h3>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">About.com. (2012). The Histories of Polybius
published in Vol. III of the Loeb Classical Library edition. In Polybius, <i>The
Roman Military System.</i> New York City, United States of America: New York
Times Company.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Ashbourn, J. (2000).
Biometrics: advanced identity verification. In J. Ashbourn, <i>Biometrics:
advanced identity verification</i> (pp. 4-7). London, United Kingdom:
Springer-Veriag.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Bronstein, A. M.,
Bronstein, M. M., & Kimmel, R. (2004). <i>Three-Dimensional Face
Recognition.</i> Technion, Israel Institute of Technology, Department of
Computer Science. Kluwer Academic Publishers.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Clausen, S., &
Christie, N. W. (2005). <i>Live Finger Detection.</i> IDEX ASA. Fornebu,
Norway: IDEX ASA.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span>comScore, Inc. (2011,
August 8). <i>comScore Reports $37.5 Billion in Q2 2011 U.S. Retail E-Commerce
Spending, Up 14 Percent vs. Year Ago</i>. Retrieved March 1, 2012, from
comScore, Press & Events : <a href="http://www.comscore.com/Press_Events/Press_Releases/2011/8/comScore_Reports_37.5_Billion_in_Q2_2011_U.S._Retail_E-Commerce_Spending">http://www.comscore.com/Press_Events/Press_Releases/2011/8/comScore_Reports_37.5_Billion_in_Q2_2011_U.S._Retail_E-Commerce_Spending</a></span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Creamer, D. (2006). <i>Understanding
Resolution and the meaning of DPI, PPI, SPI, & LPI.</i> Retrieved May 30,
2012, from http://www.ideastraining.com: </span></div>
<div class="MsoBibliography">
<a href="http://www.ideastraining.com/PDFs/UnderstandingResolution.pdf"><span>http://www.ideastraining.com/PDFs/UnderstandingResolution.pdf</span></a></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">(1966). In G. Deleuze,
<i>Bergsonism</i> (H. Tomlinson, & B. Habberjam, Trans.). New York, New
York: Zone Publishing Inc.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">FBI Biometric COE.
(2010, April 27). <i>FBI Biometric Specifications FAQ</i>. Retrieved May 31,
2012, from FBI Biometric Center of Excellence:
<a href="https://www.fbibiospecs.org/iafis_FAQ.html" target="_blank">https://www.fbibiospecs.org/iafis_FAQ.html</a></span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Foresman, C. (2012,
March 2). <i>Innovation or hype? Ars examines Nokia's 41 megapixel smartphone camera</i>.
Retrieved March 5, 2012, from arc technica:
<a href="http://arstechnica.com/gadgets/news/2012/03/innovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camerainnovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camera.ars?clicked=related_right" target="_blank"> http://arstechnica.com/gadgets/news/2012/03/innovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camerainnovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camera.ars?clicked=related_right</a></span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Indovina, M., Hicklin,
R. A., & Kiebuzinski, G. I. (2011). <i>Evaluation of Latent Fingerprint
Technologies: Extended Feature Sets [Evaluation #1].</i> U.S. Department of
Commerce, National Institute of Science and Tecnhology. Washington D.C.: US
Government Printing Office.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Jain, A. K., Flynn,
P., & Ross, A. A. (2008). <i>Handbook of Biometrics.</i> New York, NY,
USA: Springer Publishing Company.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Jain, A., Hong, L.,
& Pankanti, S. (2000, February). BIOMETRIC IDENTIFICATION. (W. Sipser,
Ed.) <i>COMMUNICATIONS OF THE ACM</i> <i>, 43</i>, pp. p. 91-98.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Javelin Strategy &
Research. (2012, February). <i>ITAC Research and Statistics.</i> Retrieved
June 5, 2012, from ITAC:
<a href="http://www.identitytheftassistance.org/pageview.php?cateid=47" target="_blank">http://www.identitytheftassistance.org/pageview.php?cateid=47</a></span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Lee, S., Lee, C.,
& Kim, J. (2008). <i>Image Preprocessing of Fingerprint Images.</i>
Biometrics Engineering Research Center at Yonsei University., Korea Science
and Engineering Foundation, Seoul, Korea.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">NIST. (2003, February
11). <i>Both Fingerprints, Facial Recognition Needed to Protect U.S. Borders.</i>
Retrieved March 5, 2012, from NIST; Public and Business Affairs:
<a href="http://www.nist.gov/public_affairs/releases/n03-01.cfm" target="_blank"> http://www.nist.gov/public_affairs/releases/n03-01.cfm</a></span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Ortega-Garcia, J.,
Bigun, J., & Reynold, D. (2004). Authentication Gets Personal with
Biometrics; Increasing security in DRM systems through biometric authentication.
<i>IEEE Signal Processing Magazine</i> <i>, 1053-5888</i> (04).</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Schmandt-Besserat, D.
(1977, June). The Earliest Precursor of Writing. <i>Scientific American</i> <i>,
238</i> (June), pp. 50-58.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Sinha, P., Balas, B.,
Ostrovsky, Y., & Russell, R. (2006). Face Recognition by Humans: Nineteen
Results All ComputerVision Researchers Should Know About. <i>Proceedings of
the IEEE</i> <i>, 94</i> (11), 1957.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<span style="mso-no-proof: yes;">Wing, B. (2011). <i>Data
Format for the Interchange of Fingerprint, Facial & Other Biometric
Information.</i> US Department of Commerce, National Institute of Science and
Technology. Gaithersburg: US Government Printing Office.</span></div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com1tag:blogger.com,1999:blog-3072447856983501300.post-84709204492300571072012-06-28T12:41:00.000-07:002012-07-02T07:07:07.712-07:00Mobile Device Remote Identity Proofing Part 4 – Best of the Biometrics<a href="https://docs.google.com/file/d/0B0grrLiDyW8kVUdYalNRTERkbGc/edit" target="_blank">Download PDF of complete paper</a><br />
<br />
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">VII. Fingerprints</b></h3>
<h3 class="MsoNormal" style="text-align: justify;">
<b> </b></h3>
<div class="MsoNormal" style="text-align: justify;">
There are two national
fingerprint specifications; the FBI's Integrated Automated Fingerprint
Identification System (IAFIS) Image Quality Specifications (IQS) Appendix F and
NIST’s PIV-07 1006. <i><span style="font-family: "Calibri","sans-serif";">Appendix F</span></i> has stringent image
quality conditions, focusing on the human fingerprint comparison and
facilitating large scale machine many-to-many matching operation. (FBI Biometric
COE, 2010) Our focus however will be based on the <i><span style="font-family: "Calibri","sans-serif";">PIV-071006</span></i> standard, a lower-level
standard designed to support one-to-one fingerprint verification. The class resolution requirements for
fingerprint capture and use for Personal Identity Verification (PIV) at
Fingerprint Application Profile (FAP) level ten or above are 500 PPI with a
maximum tolerance variation of ± 2%.
Class resolution refers to the resolution required for acquisition or
imaging related use. (Wing, 2011)</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Most of the complexity related to
resolution pertains to the friction ridges of the fingerprint. A friction ridge is a raised section of the
epidermis of the skin. A fingerprint is a trace image of the ridges in a human
hand or foot to include the fingers and toes.
Traditionally fingerprints were <i style="mso-bidi-font-style: normal;">captured
</i>by rolling the pad above the last joint of the finger and thumbs on an ink
pad and then rolling the inked pad onto a piece of smooth card stock. Impressions of fingerprints are left behind
on various surfaces when the natural secretions of the body, or cosmetic oils
and body lotions, gathered on the ridges are left behind when in deliberate or
accidental contact with any smooth surface. These are referred to as latent
prints. While not always immediately
visible these impressions could be <i style="mso-bidi-font-style: normal;">lifted
</i>by dusting the print with specialized powders or exposing the print to chemicals
like silver nitrate or cyanoacrylate ester
and capturing the image by pressing it to a specialized paper or plastic
media. The latent print could then be compared to the inked print with a reasonable
chance for a match determined by an experienced examiner in <span class="st">dermatoglyphics. Although effective this method precludes its
use in identity management based on the sheer volume of prints and comparisons
required. In other words it is not practically
scalable. What is needed is a means of
digitally capturing the fingerprint and storing the resulting record. Live Scan is the most widely used method of
accomplishing this. A live scan involves
pressing or rolling a finger onto a specially coated piece of glass or platen
and then imaging the fingerprint using </span>optical, ultrasonic, capacitive
or thermal imaging to capture the ridges of the finger and the valleys between
them. Optical imaging is in essence a
specialized form of digital photography. The major difference between a digital
camera and an optical imager for capturing fingerprints is the presence of a
light-emitting phosphor layer which illuminates the surface of the finger
increasing the quality of the resulting image. </div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; mso-layout-grid-align: none; text-align: justify; text-autospace: none;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: justify;">
There are challenging problems when
developing fingerprint recognition systems that use a mobile camera. First, the
contrast between the ridges and the valleys in images obtained with a mobile
camera is low. Second, because the depth
of field of the camera is small, some parts of the fingerprint regions are in
focus but some parts are out of focus. Third, the backgrounds, or non-finger
regions, in mobile camera images are very erratic depending on how the image
captures place and time. (Lee, Lee, & Kim, 2008) So is there an insurmountable
challenge with using a smart phone camera to capture a fingerprint? <span class="st">Image quality is determined by
light quality, lens quality and type, and shutter speed. Smart phones do not fully address each of
these important elements trading size and ease of use for function. </span>Because of this you will get a better
picture from a low end Digital Single Lens Reflex (DSLR) camera than you will
from a high end smart phone camera.
Shutter speed is not an applicable issue with fingerprint capture but
light and lens quality and type are. </div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; mso-layout-grid-align: none; text-align: justify; text-autospace: none;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; mso-layout-grid-align: none; text-align: justify; text-autospace: none;">
An additional challenge
is the probability that one can spoof or fool an optical camera with an image
or impression of a fingerprint. This is
resolved within the industry by using various live finger detector
technologies. One means of live finger
detection is accomplished “by measuring the unique electrical properties of a
living finger that not only characterize the finger print but measure what is
underneath it. This technology has the capability to process the acquired data,
that is, characterize and classify the results in a way that enables the system
to verify a living finger with a very high degree of confidence.” (Clausen & Christie, 2005) It is unlikely that this type of fraud
prevention technology can be integrated into widely available smart phones in
the near future so the risk of fraudulent fingerprints in a mobile identity
management program will have to be addressed through policy or another more
easily implementable technology enhancement.
Despite the obvious challenges, capture of a useable fingerprint image
with a cell phone camera is not impossible.
The operator must take into account the fixed focal length of the camera
lens and make sure the auto focus is disabled in order to get close enough to
capture an image with prominent ridges. Lighting also remains a challenge. An informal test while this paper was being
written used an I-Phone® 4 both with a flash and without. A distance from the camera of four inches
with no flash in a brightly lit room resulted in the best image with clearly
defined ridges in the left index finger of the test subject. By importing the image into paint.net and
using the color inversion tool an image just as clear to the naked eye as one
caught on a live scan was produced. This
test was by no means scientific but serves as an indicator that it is not a far
stretch to utilize off the shelf cell phone technology. The methodology of the image capture is not necessarily
a limiting factor even taking into account challenges with optics and
lighting. The recognition algorithms
used in the associated databases can counter or resolve some of the
issues. Many fingerprint recognition
algorithms perform well on databases that had been collected with
high-resolution cameras outperforming feature only searches by trained
examiners. (Indovina, Hicklin, & Kiebuzinski, 2011) </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<span class="st"><b style="mso-bidi-font-weight: normal;">VIII. Face</b></span></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Facial recognition is considered
to be the most immediate and transparent biometric modality when it comes to
physical authentication applications. Why
is it that many people are inclined to give up their facial image without
question while the concept of giving up a fingerprint causes them great
discomfort and angst. Facial recognition
is a modality that humans have always depended on to authenticate other
humans. We are in essence hardwired for
facial recognition. Therefore the addition
of facial recognition through or enhanced by technology is an easy one to
accept. “Whether or not faces constitute
a [special] class of visual stimuli has been the subject of much debate for
many years. Since the first demonstrations of the Binversion effect…it has been
suspected that unique cognitive and neural mechanisms may exist for face
processing in the human visual system.” (Sinha, Balas, Ostrovsky, &
Russell, 2006)</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Facial recognition as a
technology is one of the most mature of the biometric modalities. It is also relatively simple from the image
capture standpoint. Capture of a facial
image requires little or no cooperation from the subject making it the
technique of choice for passive applications like those used in airports and
casinos. On the surface it seems as
though all of the issues are algorithm related but as our concept is focused on
a cell phone camera as our capture device this is not really the case. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
We previously discussed the
megapixel issue but megapixel capability has no discernible impact on the
biggest challenges with facial recognition which are image capture and pose
correction. Image capture is a light and
optics issue. One of the biggest
drawbacks to smart phone cameras is the size of the sensor. Camera technology has changed but the basic
principles have applied since the first tin types were produced in the mid 19<sup>th</sup>
century. The sensor is the replacement
to the emulsion based films. The larger
the sensor the more light it can detect resulting in better picture quality. Smart phone cameras have a much smaller
sensor than the traditional 35mm film size and as a result have a smaller angle
of view when used with a lens of the same focal length. This results in an image that is essentially
cropped. In order to adjust for this the
camera must be further back from the subject posing problems related to
lighting and detail. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Facial recognition software analyzes
a number of structural facial elements. Examples
of these distinctive surface features include shape of the eyes and the eye
sockets; the width, length, and structure of the nose; the thickness of the
lips, and the width of the mouth. What
is common about all of these elements is that they are three dimensional. A camera captures images in two dimensions.
The difference between a three dimensional subject and the two dimensional
output of the cameras is handled by the software but pose issues including
expressions, external features, background, and lighting all add variables that
decrease the effectiveness of the algorithms. In the home environment it may be
difficult to deal with lighting and background issues but this is not an
insurmountable challenge. In the same
manner external features such as beards, glasses, jewelry, and piercings can
all pose problems. The author of this
paper has endured lengthy picture sittings in front of DSLR cameras for PIV
credentials. It seems his white goatee
gives the capture software conniptions.
This serves to demonstrate that issues of facial capture are not
necessarily specific to smart phone cameras. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Many of the issues in facial
image capture would be solved if the images could be captured in 3D. Of course this would eliminate the use of
smart phones as a capture device, or would it?
Fujitsu continues to refine a way
for phones that just have one rear camera to shoot three-dimensional videos
with the aid of a special attachment.
The attachment uses mirrors to send two different images to the camera’s
sensor and is smaller than a stick of Chap Stick. In June of 2011 Sprint released the HTC Evo
3D 4G 'Gingerbread' Smartphone. This
phone had two integrated cameras capable of taking 3D pictures. With the potential of standard 3d capture
technology on the horizon it may not be long at all before changes in lighting
and camera angles become irrelevant.
Three dimensional image captures can only serve to enhance the potential
of fingerprint capture as well. Even the
issue of software sensitivity to expressions, one not mitigated by 3D
technology, could soon be eliminated. As
far back as 2004 Technion, the Israel Institute of Technology, a public
research university in Haifa researched using metric geometry to address the
issue of expression sensitivity. The
approach was to use metric geometry isometrics to create an expression
invariant three dimensional face recognition solution. (Bronstein, Bronstein, & Kimmel, 2004)</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">IX.
Why not?</b></h3>
<h3 class="MsoNormal" style="text-align: justify;">
<b> </b></h3>
<div class="MsoNormal" style="text-align: justify;">
There are other biometric signatures
that have both been the focus of research and have seen increased use and
acceptance from the physical and logical access communities. Iris scans, hand geometry, and voice
recognition are no longer the purview of James Bond and Ethan Hunt. Although not practical for this smart phone
centric premise they are worth mentioning and potential near future candidates.
</div>
<div class="MsoNormal" style="text-align: justify;">
Iris scans are based on the stability
of the trabecular meshwork, an area of tissue in the eye located around the
base of the cornea. The patterns are
formed by the elastic connective tissues which gives the iris the appearance of
radial divisions which are unique and often referred to as optical fingerprints.
Iris sampling offers more reference coordinates than any other biometric
resulting in an accuracy potential higher than any other biometric. Iris scans require a high degree of
cooperation from the subject from whom the sample is being acquired. Today specialized capture devices are
required. Despite their complexity these
capture devices are nothing more than still cameras capturing very high quality
images. It is certainly not out of the
realm of possibility that a smart phone camera could one day soon be capable of
the required performance.</div>
<div class="MsoNormal" style="text-align: justify;">
Hand biometrics is a fairly mature
technology that lends itself to applications where the size of the capture
device is not a factor. Current devices
are based on charge-coupled device (CCD) optical scanning and consistently
deliver better quality images than fingerprint scanners. This is largely due to the increased sample
size, your hand being many times larger than a finger pad. Three-dimensional photography may show some
promise as an alternative method of hand biometric image capture in the
future. Current technology remains
expensive and not at all compatible with the proposed smart phone format.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Voice recognition is perhaps the oldest
form of biometric identifier. Not to be confused with speech recognition, which
is the process of translating speech into text, voice recognition is the
process of identifying someone from their voice patterns. It is a phenotype, an observable behavior
influenced by development, often with regional characteristics. Of all of the fields of biometric research,
speech development has seen the most modern day focus with significant research
over the last four decades. Voice
recognition has some uniquely distinct advantages over other biometric
signatures in that it can be combined with pass phrases, knowledge based
verification, or can be used as a passive background tool. Voice recognition is the least invasive and
is easy on the user. With all this it
would seem like speech recognition should be the biometric of choice but has
its disadvantages. Voice recognition programs
take the digital recording and parse it into small recognizable pieces called
phonemes. These phonemes may not be
consistently reproduced as they can be influenced by behavior and health
factors and even background noise. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3>
Works Cited</h3>
<h3>
</h3>
<div class="MsoBibliography">
Bronstein, A. M., Bronstein, M. M., & Kimmel, R.
(2004). <i>Three-Dimensional Face Recognition.</i> Technion, Israel Institute
of Technology, Department of Computer Science. Kluwer Academic Publishers.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Clausen, S., &
Christie, N. W. (2005). <i>Live Finger Detection.</i> IDEX ASA. Fornebu,
Norway: IDEX ASA.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
FBI Biometric COE.
(2010, April 27). <i>FBI Biometric Specifications FAQ</i>. Retrieved May 31,
2012, from FBI Biometric Center of Excellence:<a href="https://www.fbibiospecs.org/iafis_FAQ.html" target="_blank"> https://www.fbibiospecs.org/iafis_FAQ.html</a></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Indovina, M., Hicklin,
R. A., & Kiebuzinski, G. I. (2011). <i>Evaluation of Latent Fingerprint
Technologies: Extended Feature Sets [Evaluation #1].</i> U.S. Department of
Commerce, National Institute of Science and Tecnhology. Washington D.C.: US
Government Printing Office.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Lee, S., Lee, C.,
& Kim, J. (2008). <i>Image Preprocessing of Fingerprint Images.</i>
Biometrics Engineering Research Center at Yonsei University., Korea Science
and Engineering Foundation, Seoul, Korea.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Sinha, P., Balas, B.,
Ostrovsky, Y., & Russell, R. (2006). Face Recognition by Humans: Nineteen
Results All ComputerVision Researchers Should Know About. <i>Proceedings of
the IEEE</i> <i>, 94</i> (11), 1957.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Wing, B. (2011). <i>Data
Format for the Interchange of Fingerprint, Facial & Other Biometric
Information.</i> US Department of Commerce, National Institute of Science and
Technology. Gaithersburg: US Government Printing Office.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-7804026689309017282012-06-25T11:54:00.000-07:002012-07-02T07:00:04.326-07:00Mobile Device Remote Identity Proofing Part 3 - Apples to Oranges<a href="https://docs.google.com/file/d/0B0grrLiDyW8kVUdYalNRTERkbGc/edit" target="_blank">Download PDF of complete paper</a><br />
<br />
<h3 class="MsoNormal" style="text-align: justify;">
<span style="font-size: large;"><b>IV. Apples to Oranges: </b></span></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Can a camera in a smart phone be used
to capture the necessary images, to include those used for biometric
identification, required for the enrollment and subsequent vetting of an
individual in an Identity Management System (IDMS)? Smart phone manufacturers are equipping their
newest products with cameras capable of ten or more megapixels with Nokia’s
latest offering claiming a forty plus megapixel camera! This paper proposes using the camera to
capture all of the required components to establish and vet an identity so it
is important to understand some of the terminology involved. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Contrary to popular belief more
megapixels do not make for a better image. It is important to understand what makes up a
good image and how it is defined within the multiple industries involved. Most
people base image quality on the output / final product, the best example being
print media. So this is where we are
going to start.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Pictures are printed in DPI or
Dots per Inch. For example a newspaper image is printed at 200 to 250 DPI, A
magazine image is 400-600 DPI, yet a billboard is typically 30 dpi. When you print a photo on your desktop
printer the optimal setting is for 250 DPI.
Don’t be fooled by the fact your typical desktop printer is capable of
far greater resolution, typically from 720 to 1440 dpi. The printer may be able
to print very small dots but it can only accurately reproduce colors by
combining a large number of dots to emulate various tints. That is why a 250
dpi image offers perfect output quality on a 1000+ dpi printer. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span class="st">PPI is Pixels per
Inch. PPI is the resolution terminology
used in the Standards promulgated by the American National Standards Institute
(ANSI) and the National Institute for Standards and Technology (NIST). Within the context of this paper PPI is used
to define the resolution of the scanning mechanism used to capture a
fingerprint. PPI is an appropriate term
to describe scanner input and it is the term used by the applicable Federal
standards, but technically, samples per inch (SPI) is more accurate. “For
example, if you scan at 200% at 300 PPI or if you scan at 100% at 600 PPI, the
scanner [sees] the same data. The PPI is
different for each file, but the sampling of the original by the scanner is the
same. Maximum SPI of a given device is
the optical resolution at 100% “(Creamer, 2006) </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
How do dots per inch equate to
pixels? The term pixel is predominantly
used to describe the digital resolution on monitors, televisions, and smart
phones. A pixel is one dot of
information in a digital photograph. Digital photos today are made up of
millions of tiny pixel/dots (Mega = Million).
A digital photo that is made up of 15 megapixels is physically larger
than a digital photo made up of 1.5 megapixels, not clearer or sharper. The notable difference is in file size, not
picture quality. If you print a 250 DPI picture on an 8.5 by 11
piece of paper you will be printing a maximum of 2125 by 2750 pixels. Most
computer screens display at 100 DPI. A
1280 by 1024 resolution on your monitor equates to 1310720<span class="st">
pixels or 1.3 megapixels. This begs the
question, why do you need a ten plus megapixel camera to capture a very high
quality image? The answer is you do
not. </span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="font-family: inherit; text-align: justify;">
<span style="font-size: large;"><span class="st"><b>V. Camera
Technology</b></span></span></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<span style="font-size: small;">With
an explanation of some of the terminology behind us we can explore the use of a
digital camera or variant, for the capture of the necessary data for enrollment
in an identity management system. When
</span>the FIPS 201 standard was first published capturing a facial image of an
individual required, by standard, the use of a three point five megapixel
camera. This level of resolution was at
the top end of the capabilities of digital cameras readily available to the
public at the time. Costs in excess of a
thousand or more dollars a for a camera meeting FIPS requirements were not
uncommon. That same Camera was also
unable to do anything more than capture an individual’s picture. Today native resolutions on smart phone
integrated cameras are commonly five times the historical benchmark. Exponential improvements in the image capture
hardware, firmware and supporting software should also enable these same
devices to not only capture a photo but be multi purposed for barcode reading,
OCR enabled document capture, Fingerprint image capture, and even iris image
capture. 4G and LTE networks now make it
possible for high speed efficient exchange of data with next generation
networks coming on line reinforcing and bolstering the capability. Consistent with Moore’s Law the capability of
cell phones is on the steep end of the climb with exponential growth and
improvements in power, processors, and memory. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
“A digital camera can capture
data based on the mega-pixel ability of its CCD. For example, a 2 megapixel digital camera
shoots at approximately 1600x1200. 1600 pixels times 1200 pixels = 1,920,000
total pixels (rounded up) Usually the
camera images have no resolution assigned to them (although some cameras can do
this) When you open a file into an image
editing program such as Photoshop, a resolution HAS to be assigned to the file. Most programs, including Photoshop, use 72
PPI as a default resolution.<span style="font-family: CMR9; font-size: 9pt;"> (Creamer, 2006)</span><span class="st"></span></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3 class="MsoNormal" style="text-align: justify;">
<span style="font-size: large;"><b>VI. Establishing ownership</b></span></h3>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Biometrics is the science and
technology of measuring and analyzing biological data. Biometric identifiers are the distinctive,
measurable characteristics used to identify individuals. (Jain, Hong, & Pankanti, 2000) The two categories
of biometric identifiers include physiological and behavioral characteristics. (Jain, Flynn, & Ross, 2008) Physiological characteristics are related to
the shape of the body, and include but are not limited to: fingerprint, face
recognition, DNA, palm print, hand geometry, iris recognition (which has
largely replaced retina), and odor/scent.
Behavioral characteristics are related to the behavior of a person,
including but not limited to: typing rhythm, gait, and voice. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
The most common biometric identifiers
currently used in IdM systems are fingerprint and facial recognition. With the current PIV and PIV-I programs a
dual approach in accordance with NIST recommendations (NIST, 2003)is
used. The capture of these biometric
identifiers is easily within the scope of commonly available commercial
technologies incorporated into today’s smart devices. It is the analogous algorithms required for
image analysis and development of minutia for analytical and comparison
purposes that pose the challenge.
Current facial recognition software is more than capable of effectively
using images captured within the common 8-14 megapixel range of the average smart
phone. The technology is rapidly outpacing
the market’s ability to sustain new releases and/or uses as evidenced by
Nokia’s release of a smart phone with a 41 megapixel camera sensor dubbed the
808 PureView (Foresman, 2012) So the specific challenge relates to the
fingerprint.</div>
<br />
<br />
<h1>
<u><span style="font-size: small;">Works Cited</span></u></h1>
<div class="MsoBibliography">
Creamer, D. (2006). <i>Understanding Resolution and
the meaning of DPI, PPI, SPI, & LPI.</i> Retrieved May 30, 2012, from
http://www.ideastraining.com: <a href="http://www.ideastraining.com/PDFs/UnderstandingResolution.pdf">http://www.ideastraining.com/PDFs/UnderstandingResolution.pdf</a></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Foresman, C. (2012,
March 2). <i>Innovation or hype? Ars examines Nokia's 41 megapixel smartphone
camera</i>. Retrieved March 5, 2012, from arc technica:
<a href="http://arstechnica.com/gadgets/news/2012/03/innovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camerainnovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camera.ars?clicked=related_right"> http://arstechnica.com/gadgets/news/2012/03/innovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camerainnovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camera.ars?clicked=related_right</a></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Jain, A. K., Flynn,
P., & Ross, A. A. (2008). <i>Handbook of Biometrics.</i> New York, NY,
USA: Springer Publishing Company.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
Jain, A., Hong, L.,
& Pankanti, S. (2000, February). BIOMETRIC IDENTIFICATION. (W. Sipser,
Ed.) <i>COMMUNICATIONS OF THE ACM</i> <i>, 43</i>, pp. p. 91-98.</div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
NIST. (2003, February
11). <i>Both Fingerprints, Facial Recognition Needed to Protect U.S. Borders.</i>
Retrieved March 5, 2012, from NIST; Public and Business Affairs:
<a href="http://www.nist.gov/public_affairs/releases/n03-01.cfm">http://www.nist.gov/public_affairs/releases/n03-01.cfm</a></div>
<div class="MsoNormal">
<br /></div>
<span style="font-family: CMR9; font-size: 9pt;"></span>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-86036955876729601022012-06-22T08:31:00.000-07:002012-07-02T06:55:09.077-07:00Mobile Device Remote Identity Proofing Part 2 - The requirement for ownership<a href="https://docs.google.com/file/d/0B0grrLiDyW8kVUdYalNRTERkbGc/edit" target="_blank">Download PDF of complete paper</a><br />
<br />
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<b style="mso-bidi-font-weight: normal;">I. Introduction</b></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Although it is unlikely that
development and adoption of a single ubiquitous identity will occur in the next
five years it is reasonable to assume that various manifestations of a
individuals identities are, and will continue to be established at various and
increasing levels of trust and assurance.
The challenge to be faced is to fast track the ecosystems ability to
work at moderate and high levels of assurance.
Historical barriers to widespread use of trusted identities at a high
level of assurance are predominantly based on the high cost and limited
availability of “approved” identity proofing “tools” and the infrastructure
requirements in the security and maintenance of the “representation” of that
identity. This concept paper explorers
the former challenge, the later being a topic that deserves its own
attention. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">II. Origins</b></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Being able to establish and prove an
identity and then use that proof of identity to ones advantage is as old as
humanity itself. It could be argued that
gender, a genotype, as a biometric identifier was first used in the Garden of
Eden when Adam, on being asked if he took fruit from the tree of knowledge,
said “she gave it to me”. The story in
Genesis involves the only two living humans on earth and an omnipotent creator
which makes identification straight forward.
This did not deter Adam from making a clear identification in order to
shift guilt away from him. Traditional
methods of establishing and/or confirming the identity of an unknown person
have relied on secret knowledge or possession of a token of some type. Passwords and pins, the proverbial what you
know, used so commonly today date back to the Roman Empire. The Hellenistic
Greek Historian Polybius chronicled how passwords were used among the Roman
Legions.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin-left: .5in; text-align: justify;">
<i style="mso-bidi-font-style: normal;">The way in which they secure the passing round
of the watchword for the night is as follows: from the tenth maniple of each
class of infantry and cavalry, the maniple which is encamped at the lower end
of the street, a man is chosen who is relieved from guard duty, and he attends
every day at sunset at the tent of the tribune, and receiving from him the
watchword - that is a wooden tablet with the word inscribed on it - takes his
leave, and on returning to his quarters passes on the watchword and tablet
before witnesses to the commander of the next maniple, who in turn passes it to
the one next him. All do the same until it reaches the first maniples, those
encamped near the tents of the tribunes. These latter are obliged to deliver
the tablet to the tribunes before dark. So that if all those issued are
returned, the tribune knows that the watchword has been given to all the
maniples, and has passed through all on its way back to him. If any one of them
is missing, he makes inquiry at once, as he knows by the marks from what
quarter the tablet has not returned, and whoever is responsible for the
stoppage meets with the punishment he merits.
(About.com, 2012)</i></div>
<div class="MsoNormal" style="margin-left: 0.5in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Tokens, what you have, date to the Bronze
Age. “A. Leo Oppenheim of the Oriental
Institute of the University of Chicago reported the existence of a recording
system that made use of counters, or tokens. According to the Nuzi texts, such
tokens were used for accounting purposes; they were spoken of as being deposited,
transferred, and removed.” (Schmandt-Besserat, 1977) </div>
<div class="MsoNormal" style="text-align: justify;">
Today the pin, password, and token are
synonymous with modern society. There
are seemingly endless equipments for passwords from the moment you turn on your
computer through the moment you click on the accept agreement or purchase
icon. Where would you be without your
ATM card, pin, and the ability to access your cash anywhere, at any time,
worldwide? The problem is that the
methodology we are using in modern America has changed little since its
antiquarian origins. We are still only
commonly testing for knowledge or possession, not ownership. Enter Biometrics</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;">III.
The requirement for ownership</b></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Testing for possession or knowledge has
become the standard for commercial identity management. In the 21<sup>st</sup> century most people
have a virtual identity presence, one that resides in the World Wide Web. This is the identity they use to move among
the social networking sites, bank, pay bills, and shop. With the massive increase in the use of the
web has come a corresponding increase in identity theft. “In 2011 identity fraud increased by 13
percent. More than 11.6 million adults
became a victim of identity fraud in the United States, while the dollar amount
stolen held steady”. (Javelin Strategy & Research,
2012) Steps have been taken to strengthen identity
security especially in the financial sector with the addition of images, secret
questions, and a plethora of additional knowledge based steps that are far more
effective at frustrating users than they are at increasing security. Each of these additional security features is
still nothing more than additional knowledge and additional knowledge can
easily be stolen. What is required is
something that is definitively tied to the identity holder, something that
cannot be forged, lost or stolen. That
something is biometrics.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Biometrics, like passwords and
tokens are not a 21<sup>st</sup> or even 20<sup>th</sup> century phenomenon.
Handprints were used for identification purposes nearly four thousand years ago
when Babylonian Kings used an imprint of the hand to prove the authenticity of
certain engravings and works. Babylonia
had an abundance of clay and lack of stone which led to the extensive use of
mudbrick. Ancient Babylonians understood
that no two hands were exactly alike and used this principle as a means of identity
verification. Modern dactylosscopy, the
science of fingerprints was used as early as 1888 when Argentinean police
officer Juan Vucetich published the first treatise on the subject. (Ashbourn, 2000)</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Biometrics can be defined as observable
physical or biochemical characteristics that can typically be placed into two
categories, phenotype and genotype. The
phenotype biometrics category contains the identifiers most commonly used for transactional
identification today. Fingerprints,
iris, facial features, signature patterns, are all phenotype identifiers based
on features or behaviors that are influenced by experiences and physical
development. From the owners perspective
these are often viewed as non-threatening and non intrusive. The Genotype category measures genetically
determined traits such as gender, blood type, and DNA, the collection of which
is generally viewed as very intrusive.
DNA, the ultimate biometric signature, is generally considered the most
intrusive often vilified in popular fiction. In the 1997 film Gattaca DNA determines an
individual’s status in society with each person categorized as a Valid or In-valid.
In the 2012 blockbuster The Hunger Games DNA serves as a signature for children
entering the Reaping, a lottery culminating in a morbid death match. Both of
these examples of pop culture reflect the underlying distrust society has in
the government’s possession of such an intimate identifier. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Biometrics is primarily used in two
modes, each with a different purpose; identification, and verification. The term recognition is a generic one
encompassing the one to one and one too many modes in which biometric systems
operate. Biometric identification is
the process of associating a sample to a set of known signatures. For example, the US Visit program which
checks a presented set of fingerprints [sample] against multiple databases,
containing known signatures. The results
of a one to many searches are usually displayed as a group of the most probable
matches often associated with a probability score as a percentile that
illustrates the degree of match between the sample and the matched group. Biometric verification is the process of
authenticating the sample to the record of a specific user with the results
delivered in binary fashion, yes or no.
Real world examples of this one to one verification include fingerprint
match on card in the PIV program or as a third factor of authentication to an
access control system where what you have and what you know needs to be
validated against ownership. Most
commercial systems operate in verification mode.</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Before identification or verification
can ever occur some type of enrollment process must take place in order to
establish to some level of trust that the biometric signature is owned by a
specific individual. Only then can
varied rights and privileges (attributes) be assigned to that owner and
subsequently secured by means of PKI or similar technology. One of
the primary impediments to broad scale use of biometric signatures is the
expense and inconvenience of enrollment programs. But what if it were as easy as using your mobile
phone in your living room?</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Using a mobile device to establish the
validly of the claim of a specific identity is simple in principle but
problematic in execution. The capture of
the required information can be divided into the following two steps: creation
of a claimant’s profile, and binding a known identity to the claimant. Creation of the profile typically includes
the identification and capture of two data types. The first is biographical /descriptive data,
the second is biometric data. For the
purposes of this paper, we shall refer to these combined datasets as the Individual
Profile or IP. </div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
This concept is based on
leveraging the rapidly increasing level of hardware technology and network
availability incorporated into the worldwide wireless telecommunications system
to provide a mechanism for the validation of claims to a specific identity,
binding that identity to the claimant, and securing the identity for use in an
environment requiring various levels of trust by a wide array of relying
parties. </div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-85594028422599402072012-06-15T13:45:00.000-07:002012-07-02T06:54:32.240-07:00Mobile Device Remote Identity Proofing Part One<a href="https://docs.google.com/file/d/0B0grrLiDyW8kVUdYalNRTERkbGc/edit" target="_blank">Download PDF of Complete Paper</a><br />
<div class="WordSection1">
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
</div>
<h2 class="MsoNormal" style="text-align: left;">
<i style="mso-bidi-font-style: normal;"><span style="font-family: "Times","serif"; font-size: 14pt;">How smart phones could change
the identity management system ecosystem</span></i></h2>
<h4 class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Part One:</b></h4>
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
This concept paper was recently submitted for consideration for an up coming technical conference. After receiving notification that the abstract met with positive peer review I decided that a healthy topical discussion may be in order before I finished up the final version. Rather than posting a lengthy paper in one
shot I decided to break it up into its key components to allow you, the reader,
to digest each section and focus any comments you may have accordingly. This first post is the abstract with which I
hope to whet your appetite. I have a bit of time
before the final paper must be submitted. I rather selfishly hope that any comments you
may make over the next week or so as each section is posted will help in its
refinement.</div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt;">
<br /></div>
</div>
<span style="font-family: "Calibri","sans-serif"; font-size: 11pt;">
</span>
<br />
<h4 class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<u>The Abstract</u></h4>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
Questions regarding an individual’s identity are addressed millions,
if not billions, of times a day.
E-commerce, healthcare, government and financial institutions, among
others, must constantly address the question, “is this person who he/she claims
to be?” Each institution struggles with
results of varied “discrete multiplicities” (Deleuze, 1966) on which they must
base a decision to the relying party’s pivotal question “what rights or
privileges should be granted to this individual?” This paper addresses the persistent
challenges of extending strong identity management from government sponsored
programs for government employees to privacy and security protection programs
for the general population. Among the
proposed concepts is a solution based on leveraging the rapid acceleration in
hardware/smart-phone sophistication and network availability incorporated into
the worldwide wireless telecommunications system. These elements provide a modality allowing validation
of claims to a specific identity, binding that identity to the claimant, and
securing the identity for use in an environment requiring various levels of
trust by a wide array of relying parties. </div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
Although it is unlikely that development and adoption of a single
ubiquitous identity will occur in the next five years it is reasonable to
assume that various manifestations of an individual’s cyber identities are, and
will continue to be established at various and increasing levels of trust and
assurance. The challenge to be faced is
to fast track the ecosystem’s ability to work at moderate and high levels of
assurance. Historical barriers to
widespread use of trusted identities at a high level of assurance are
predominantly based on the high cost and limited availability of “approved”
identity proofing “tools” and the infrastructure requirements in the security
and maintenance of the “representation” of that identity.</div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: .0001pt; margin-bottom: 0in; text-align: justify;">
The most common biometric identifiers currently used in IdM systems
are fingerprint and facial recognition.
With the current PIV and PIV-I programs a dual approach in accordance
with NIST recommendations (NIST, 2003)is used. The capture of these biometric identifiers is
easily within the scope of commonly available commercial technologies
incorporated into today’s smart devices.
It is the analogous algorithms required for image analysis and
development of minutia for analytical and comparison purposes that pose the
challenge. Obstacles include contrast,
depth of field and background, or non-finger regions (Lee, Lee, & Kim, 2008) Current facial recognition software is more
than capable of effectively using images captured within the common 8-14
megapixel range of the average smart phone.
The technology is rapidly outpacing the market’s ability to sustain new
releases and/or uses as evidenced by Nokia’s release of a smart phone with a 41
megapixel camera sensor dubbed the 808 PureView (Foresman, 2012) So the specific challenge relates to the
fingerprint.</div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: justify;">
<br /></div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: justify;">
</div>
<div class="MsoBibliography">
<span style="font-size: x-small;">(1966). In G. Deleuze, <i>Bergsonism</i>
(H. Tomlinson, & B. Habberjam, Trans.). New York, New York: Zone Publishing
Inc.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
</div>
<div class="MsoBibliography">
<span style="font-size: x-small;">NIST. (2003, February
11). <i>Both Fingerprints, Facial Recognition Needed to Protect U.S. Borders.</i>
Retrieved March 5, 2012, from NIST; Public and Business Affairs:
http://www.nist.gov/public_affairs/releases/n03-01.cfm</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
</div>
<div class="MsoBibliography">
<span style="font-size: x-small;">Lee, S., Lee, C., &
Kim, J. (2008). <i>Image Preprocessing of Fingerprint Images.</i> Biometrics
Engineering Research Center at Yonsei University., Korea Science and
Engineering Foundation, Seoul, Korea.</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
</div>
<div class="MsoBibliography">
<span style="font-size: x-small;">Foresman, C. (2012,
March 2). <i>Innovation or hype? Ars examines Nokia's 41 megapixel smartphone
camera</i>. Retrieved March 5, 2012, from arc technica:
http://arstechnica.com/gadgets/news/2012/03/innovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camerainnovation-or-hype-ars-examines-nokias-41-megapixel-smartphone-camera.ars?clicked=related_right</span></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoBibliography">
<br /></div>
<div class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: justify;">
<br /></div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com0tag:blogger.com,1999:blog-3072447856983501300.post-85260052903386818322012-06-13T06:23:00.000-07:002013-04-30T06:23:03.929-07:00Managed Attributes, Not Standards, Lead to Interoperability<a href="https://docs.google.com/file/d/0B0grrLiDyW8kR2dRcmo5UGIwZDA/edit" target="_blank">Download Complete Paper</a><br />
<br />
<h3 align="left" style="margin-left: 0in; text-align: left; text-indent: 0in;">
<span style="font-size: large;"><b>I.<span style="-moz-font-feature-settings: normal; -moz-font-language-override: normal; font-family: "Times New Roman"; font-size-adjust: none; font-stretch: normal; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;">
</span></b><b>Introduction
</b></span></h3>
<div align="left" class="MsoBodyText" style="text-align: left; text-indent: 0in;">
Managed
attributes ensure essential interoperability. This is the foundation for
providing the most skilled, most timely and most appropriate response to any
situation, regardless of size. Emergency managers and incident commanders can
make sound decisions with the additional data that comes from knowing when and
where specific resources are located, what tasking assignments have been given
and to whom. Not only is everyone on the scene accounted for, but tasks are
given to responders with verified skills and capabilities thereby contributing
to the command staff’s ability to predict the next threat and deploy resources
accordingly, maintain critical situational awareness and respond to dynamic
conditions quickly and effectively. Assigning responders to duty is not an
issue. What’s critical is assigning the responder with the appropriate and
verifiable skills to a job he/she is capable of accomplishing, ensuring a
positive outcome for the situation and the responder. </div>
<div align="left" class="MsoBodyText" style="text-align: left; text-indent: 0in;">
<br /></div>
<h3 align="left" style="margin-left: 0in; text-align: left; text-indent: 0in;">
<span style="font-size: large;"><b>II.<span style="-moz-font-feature-settings: normal; -moz-font-language-override: normal; font-family: "Times New Roman"; font-size-adjust: none; font-stretch: normal; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;">
</span></b><b>Setting
the scene</b></span></h3>
<h4 style="margin-left: 0in; text-indent: 0in;">
<span style="font-size: small;">A.<span style="-moz-font-feature-settings: normal; -moz-font-language-override: normal; font-family: "Times New Roman"; font-size-adjust: none; font-stretch: normal; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;">
</span><b>Personal
experience sets the stage for complete understanding</b></span></h4>
<div align="left" class="MsoNormal" style="text-align: left;">
My first exposure to
pre-hospital care was the mandatory “first responder” training required for
firefighters by the State of California more than twenty years ago. The
training program which was taken concurrently with a CPR class added up to more
than the 120 hours of training required to be certified as Basic EMT in the
Commonwealth of Massachusetts a couple of years later. In the end it was not
the hours required to complete a training program that struck me as being the
unusual dichotomy but the difference in skills. As a “first responder” I was
trained in how to properly remove a helmet, place the electrodes from the 12-lead
EKG on a patient, spike IVs, assist with medications, etc. As a “Basic EMT” in
Massachusetts I was not trained in any of those skills. In fact I did not use
them again until the PB waiver program was instituted. Many years later as a
regional hospital preparedness coordinator I struggled with the concept that we
could not send paramedics across regional boundaries within the same state,
even within the same county and still allow them to work as paramedics because
scope of practice and certification was regional and there was no reciprocity
within the state! </div>
<div align="left" class="MsoNormal" style="text-align: left;">
<br /></div>
<div align="left" class="MsoNormal" style="text-align: left;">
Times have changed but
the essential challenges in the practice of pre hospital care have not. There
may be an EMS community but it is segregated even within its day-to-day
practices never mind responses to what can be categorized as disasters. On
February 20, 2003 the fourth deadliest nightclub
fire and the 9th deadliest place of public assembly fire in U.S. history took
place at the Station Nightclub in Rhode Island. The multi-jurisdictional (on a
very large scale) fire EMS response was atypical when it comes to patient care
and it worked. It is conjecture but I would hypothesize that the response was
modern in capability but traditional in implementation. That is, a small state
with close boarder ties to services in Massachusetts and Connecticut and
familiarity among the services responded as needed, there were no questions of
scope of practice, patients were cared for at the level the provider was
trained to without immediate regard for local or regional regulations. </div>
<div align="left" style="margin-left: 9.0pt; mso-list: none; tab-stops: .5in; text-align: left; text-indent: 0in;">
<br /></div>
<div align="left" style="mso-list: none; tab-stops: .5in; text-align: left; text-indent: 0in;">
<b><span style="font-style: normal; font-weight: normal;">In addition to the one hundred
fatalities there were an estimated 230 casualties, 186 transported to hospitals
by first responder agencies. Over five hundred firefighters, EMS, and Police
responded with fifty-seven public and six commercial ambulance companies
providing both basic and advanced life support services. (Kuntz, June 23 2000)<sup>1
</sup></span></b></div>
<div align="left" style="mso-list: none; tab-stops: .5in; text-align: left; text-indent: 0in;">
<br /></div>
<div align="left" style="mso-list: none; tab-stops: .5in; text-align: left; text-indent: 0in;">
<b><span style="font-style: normal; font-weight: normal;">I would argue the Station
Nightclub fire response was a success carried out by heroic and dedicated
professionals. The brethren of these same professionals also answered the call
to service for hurricane Katrina in late August and early September of 2005. I
would argue that that response was more typical of large multi jurisdictional, multi state responses. Some level of organization was applied to the call out and
activation of resources on a national scale. The typical American answer of a
call to duty resulted in a massive response. However, many police, fire and EMS
organizations from outside the affected areas were reportedly hindered or
otherwise slowed in their efforts to send help and assistance to the area. FEMA
sent hundreds of firefighters who had volunteered to Atlanta for two days of
training on topics including sexual harassment and the history of FEMA.
(Bluestein, 2005)<sup>2</sup></span></b></div>
<div align="left" class="MsoNormal" style="text-align: left;">
</div>
<h3 align="left" style="margin-left: 0in; text-align: left; text-indent: 0in;">
<span style="font-size: large;"><b>III.<span style="-moz-font-feature-settings: normal; -moz-font-language-override: normal; font-family: "Times New Roman"; font-size-adjust: none; font-stretch: normal; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;">
</span></b><b>Underlying
Problems</b></span></h3>
<h4 align="left" style="font-weight: normal; text-align: left; text-indent: 0in;">
<span style="font-style: normal;">So what is the
underlying problem? We can look at it from a national service prospective as
well as a level of service prospective. Take a look at the state of the service
in general. An excellent summary is contained in a recent report issued by the
National Academy of Sciences. </span></h4>
<blockquote class="tr_bq">
<h4 align="left" style="font-weight: normal; text-align: left; text-indent: 0in;">
<i><span style="font-style: normal;">“Each year in the United States approximately 114
million visits to EDs occur, and 16 million of these patients arrive by
ambulance. The transport of patients to available emergency care facilities is
often fragmented and disorganized, and the quality of emergency medical
services (EMS) is highly inconsistent from one town, city, or region to the
next. Multiple EMS agencies some volunteer, some paid, some fire based, others
hospital or privately operated frequently serve within a single population
center and do not act cohesively. Very little is known about the quality of
care delivered by EMS services. The reason for this lack of knowledge is that
there are no nationally agreed-upon measures of EMS quality, no nationwide
standards for the training and certification of EMS personnel, no accreditation
of institutions that educate EMS personnel, and virtually no accountability for
the performance of EMS systems. While most Americans assume that their
communities are served by competent EMS services, the public has no idea
whether this is true, and no way to know.</span></i></h4>
<h4 align="left" style="font-weight: normal; text-align: left; text-indent: 0in;">
<i><span style="font-style: normal;">The education and training requirements for the
EMTs and paramedics are substantially different from one state to the next and
consequently, not all EMS personnel are equally prepared. For example, while
the National Standard Curricula developed by the federal government calls for
paramedics to receive 1,000 - 1,200 hours of didactic training, states vary in
their requirements from as little as 270 hours to as much as 2,000 hours in the
classroom. In addition, the range of responsibilities afforded to EMTs and
paramedics, known as their scope of practice, varies significantly across the
states. National efforts to promote greater uniformity have been progressing in
recent years, but significant variation remains.” (Committee on the Future of
Emergency Care in the United States Health System, 2006) <sup>3</sup></span></i></h4>
</blockquote>
<h4 align="left" style="font-weight: normal; text-align: left; text-indent: 0in;">
<span style="font-style: normal;">My initial
brief example of the differences in training between states pales in comparison
to the preceding quote. We have established the fact that we have dedicated
trained and competent personnel working in an environment that is restrictive
primarily due not to the lack of a national standard but to a lack of information.
I will expound on that statement shortly. First, however, let’s take a look at
the problem from a scope vs. patient care prospective. An excellent example was
discussed in an article by Tori Socha published in February, 2011. The article
dealing with stoke reminded me of the initial introduction of thrombolytic drug
therapy through pre-hospital providers in Massachusetts and the personal
struggle some metropolitan medics had being able to use this lifesaving tool in
one region, with their big city services, but not have it available to them in
the small local, sometimes volunteer ALS services in the communities in which
they resided. Ms. Socha stated; </span></h4>
<blockquote class="tr_bq">
<i><span style="font-style: normal;">“Stroke, with direct and indirect costs
totaling $68.9 billion, is a major primary health priority in the United
States. Every 40 seconds, someone in the United States experiences a stroke,
and every 3 to 4 minutes, someone dies of a stroke. Administering intravenous
(IV) recombinant tissue plasminogen activator (tPA) within 3 hours of onset of
symptoms is associated with a 30% greater likelihood of decreased disability
compared with placebo. In selected patients, IV recombinant tPA may be safely
used up to 4.5 hours after symptom onset. Despite its clinical efficacy and
cost-effectiveness, only 3% to 8.5% of patients with stroke receive recombinant
tPA. One limitation is timely access to care. In 2000, the Brain Attack
Coalition recommended establishing primary stroke centers (PSCs). Researchers
recently conducted a study to determine the proportion of the population with
access to Acute Cerebrovascular Care in Emergency Stroke Systems (ACCESS). The
analysis found that if ground ambulances are not permitted to cross state
lines, fewer than 22.3% of Americans (1 in 4) have access to a PSC within 30 minutes
of symptom onset.” (Socha, 2011)<sup>4</sup></span></i></blockquote>
<h4 align="left" style="font-weight: normal; text-align: left; text-indent: 0in;">
<i><span style="font-style: normal;"> </span></i></h4>
<h4 align="left" style="font-weight: normal; text-align: left; text-indent: 0in;">
<span style="font-style: normal;">There is no
doubt that lack of definition causes, at bare minimum, organizational angst and
disparity in the EMS service. It can also be argued that this lack of
definition can result in loss of life, not due to negligence but the inability
of available service to provide a timely response across jurisdictional
boundaries stymied by the invisible but very real wall of scope of practice
limitations. This is evidenced by the research from the Socha article as well
countless additional journal articles and studies. The truly disquieting issue
is that this conundrum is not one unique to an incident of national consequence
but can be found in day-to-day EMS operations. </span></h4>
<h3 align="left" style="margin-left: 0in; text-align: left; text-indent: 0in;">
<span style="font-size: large;"><b>IV.<span style="-moz-font-feature-settings: normal; -moz-font-language-override: normal; font-family: "Times New Roman"; font-size-adjust: none; font-stretch: normal; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;">
</span></b><b>Solutions</b></span></h3>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">So what is the solution? I
left emergency services several years ago to seek technology solutions for
common operational problems faced by our nation’s first responders. Over the
last ten years I have listened to a consistent theme propagated in general by
well meaning federal civil servants. Regardless of the problem the solution is
of course to regulate it at the federal level. The following quote from the
Committee on the Future of Emergency Care starts with a rousing call to arms.</span></div>
<blockquote class="tr_bq">
<div style="font-weight: normal; margin-left: 0in; text-indent: 0in;">
<span style="font-style: normal;">“While today’s emergency care system offers significantly more medical
capability than was available in years past, it continues to suffer from severe
fragmentation, an absence of system wide coordination and planning, and a lack
of accountability. To overcome these challenges and chart a new direction for
emergency care, the committee envisions a system in which all communities will
be served by well planned and highly coordinated emergency care services that
are accountable for their performance. In this new system, dispatchers, EMS
personnel, medical providers, public safety officers, and public health
officials will be fully interconnected and united in an effort to ensure that
each patient receives the most appropriate care, at the optimal location, with
the minimum delay.” (Committee on the Future of Emergency Care in the United
States Health System, 2006)<sup>3</sup></span></div>
</blockquote>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">All communities should be
served with highly coordinated emergency care services that are accountable for
their performance and those services should be interconnected. I do, however, disagree
with manner in which the coordination, accountability and connectivity should
occur. A bit further in the report the foundation of the proposed solution is
revealed.</span></div>
<blockquote class="tr_bq">
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<i><span style="font-style: normal;">“The National EMS Scope of Practice Model Task Force has created a
national model to aid states in developing and refining their scope-of-practice
parameters and licensure requirements for EMS personnel. The committee supports
this effort and recommends that state governments adopt a common scope of
practice for EMS personnel, with state licensing reciprocity. In addition, to
support greater professionalism and consistency among and between the states,
the committee recommends that states accept national certification as a
prerequisite for state licensure and local credentialing of EMS providers.
Further, to improve EMS education nationally, the committee recommends that
states require national accreditation of paramedic education programs. The
federal government should provide technical assistance and possibly financial
support to state governments to help with this transition.” (Committee on the
Future of Emergency Care in the United States Health System, 2006)<sup>3</sup></span></i></div>
</blockquote>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">There it is. Solution by
national regulation. This could be effective if the United States were the size
of Switzerland. It would also be quite effective if we did not have 50
different autonomous state governments, not including territories. The
individual states do not want to give up their sovereignty, nor should they be
forced to. It is not necessary. The solution is to allow the authority having
jurisdiction the freedom to define the scope of practice. How can this premise,
the perceived status quo, change things? The logical proposal is the delivery
of this [scope] information in a trusted fashion attached to a non-reputable
identity. For those familiar with the ongoing work to leverage trusted identity
by the federal government for physical and logical access control you likely
have an idea where I am going with this concept. Several states have taken
definitive steps to leverage the work done by the federal government to
institute their own identity management (IDM) programs. One or two truly
visionary early adopters are using the trusted identity as a foundation and
attaching attributes. For example some states have implemented, as part of its functional
mandate, “authenticated qualifications and attributes” by which they mean
trusted and validated by the authority having jurisdiction or accrediting
organization and the ability to tie first responders' identities and attributes
to authoritative sources of information (e.g. licensing, certification, and
status databases for paramedics, police, licensed heath care practitioners,
firefighters, etc). </span></div>
<div style="margin-left: 0in; text-indent: 0in;">
<br /></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">Management of these
attributes allows for the rapid and effective allocation of personnel resources
during an operation. Historically, management of these resources,
assisted through mutual aid compacts, both formal and informal, was hampered by
a lack of information and trust. Further there often is a lack of
understanding as to the differing individual elements that defined the
attribute from jurisdiction to jurisdiction. Without any mechanism to
provide a trusted and detailed definition of the attribute the only recourse
has been to compare attributes between jurisdictions at the lowest common denominator.
Categorization of resources has been limited to generalized groupings
like Emergency Services Functions (ESFs) and subsets of Critical Infrastructure
and Key Resource sectors (CI/KR). A frequently disputed alternative has
been for the federal government to dictate the attribute definitions to state
and local authorities. This lack of information is compounded by the
specter of legal accountability for the jurisdiction receiving the resources
especially in those attributes which directly influence life safety. The
result is an under utilization of the available resources.<br style="mso-special-character: line-break;" />
<br style="mso-special-character: line-break;" />
</span></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">Attribute management
within an identity system is similar to that in network management. In a
network an “attribute” is the property of a managed object that has a value.
Similarly in one example of an IDM attribute-enhanced system an attribute is
the property of the person who has enrolled, and the value is “what that
attribute is.” For example: Joe Smith enrolls and designates he is a paramedic.
Joe is the “managed object” and paramedic is the “attribute.” The system then
associates the “value” as the skill set of a paramedic. </span></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">Also similar to network
management, certain mandatory initial values for attributes are specified as
part of the managed object class definition. Associating the skill set of a paramedic
is a mandatory initial value, but conditional values can also be added, these
may be unique to the jurisdiction where a responder works on a local, regional,
or state level. These paramedic conditional attributes could also be additional
training or certifications that are above and/or beyond the initial mandatory
value of a paramedic as defined by the federal AHJ. This allows all stakeholders
to have their cake and eat it too. The federal government establishes the
baseline and state and local jurisdictions are not forced into long term
expensive programmatic changes.</span></div>
<div style="mso-list: none; tab-stops: .5in; text-indent: 0in;">
<br /></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">When the attribute dataset
is read by a computing device the retrieved information is reported to the user
in local terminology and an instant comparison is made between the individual
knowledge and task statements and requirements of the local jurisdictions
certification requirements and the sending jurisdictions certification
requirements and critical discrepancies are reported. For example as part of
the comparison the table of pharmacology for a paramedic is compared between a
sending jurisdiction and a receiving jurisdiction is compared and the receiving
jurisdictions report shows that the medic is not trained in the administration
of a thrombolytic, part of the scope of care of the receiving jurisdiction.</span></div>
<div style="margin-left: 0in; text-indent: 0in;">
<br /></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">My example was originally
designed to use national regulatory or volunteer compliance standards as a
baseline. A methodology was developed allowing for local, regional, or county
based training and skill sets to be incorporated into the system. The
subsequent modifications to the system provided both a means of tracking these
local training programs, optionally using the resources that are the outcome of
these programs and communicating this information to disparate jurisdictions
whose training has a completely different baseline but whose terminology and
outcomes are similar. </span></div>
<div style="margin-left: 0in; text-indent: 0in;">
<br /></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">Systems of this type are </span><span style="font-style: normal;">designed to give command authorities trusted,
verified, data on skills licenses and certifications held by respond in
individuals and teams in order to allow use of these human resources at the
highest common denominator thereby making the most effective use of the
resources available and providing the highest level of care and services to
those in need during times of disaster of any scale. </span></div>
<div style="margin-left: 0in; mso-list: none; tab-stops: .5in; text-indent: 0in;">
<span style="font-style: normal;">Twenty five years ago very
little if any consideration was given to a need for instant reciprocity.
With a few exceptions emergency resources were drawn locally or regionally from
immediately adjacent jurisdictions. Today responses to critical events
can be national, leveraging the spirit and altruism that defines America.
Twenty five years ago a piece of paper, a uniform, or a badge could serve as
proof of qualification. Today the litigiousness of our society has prevented
even the federal government from using emergency services personnel to their
demonstrated capabilities. The advent of the “Google” age of
instant access to information has raised both demand for service and
expectations that such service will be quickly and effectively delivered.</span></div>
<div class="MsoNormal">
<br /></div>
<div align="left" class="MsoNormal" style="text-align: left;">
[1] Kuntz, K. (June 23 2000). <i>Federal Advisory Committee June 23
2000, National construction Safety Team Investigation, Station Nightclub Fire
Emergency Response.</i> Washington D.C.: U.S. Fire Administration, U.S.
Department of Homeland Security .</div>
<div align="left" class="MsoNormal" style="text-align: left;">
[2] Bluestein, G. (2005,
September 7). Firefighters stuck in Ga. awaiting orders. <i>USA Today</i> .</div>
<div align="left" class="MsoNormal" style="text-align: left;">
[3] Committee on the Future of Emergency Care in the United States
Health System, B. o. (2006). <i>Emergency Medical Services at the Crossroads.</i>
Institute of Medicine , National Academy of Sciences. 500 Fifth Street, N.W.
Washington DC: National Academies Press.</div>
<div align="left" class="MsoNormal" style="text-align: left;">
[4] Socha, T. (2011, February
15). <i>Timely Access to Primary Stroke Centers in the United States</i>. (HMP
Communications LLC) Retrieved April 12, 2011, from First Report Managed Care:
http://www.firstreportnow.com/articles/timely-access-primary-stroke-centers-united-states<br />
<br />
This concept paper was first delivered as an open letter to the National EMS Advisory Council in January of 2011. A revised version of the paper was published by the IEEE as part of a poster presentation at the <span class="st">annual IEEE Conference on Technologies for Homeland Security in December of 2011. </span></div>
Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com1tag:blogger.com,1999:blog-3072447856983501300.post-78140195918413076282012-06-08T11:27:00.000-07:002012-07-02T06:58:06.324-07:00Sanity is not statistical: Why does it really matter if you are who you say you are?<a href="https://docs.google.com/file/d/0B0grrLiDyW8kc05mNGR1OW9PUXc/edit" target="_blank">Download PDF of complete paper</a><br />
<br />
<br />
<div class="MsoNormal">
As Winston Smith, the protagonist of 1984’s big brother
dominated world, falls asleep his last thought is “Sanity is not Statistical” (Orwell, 1949). There are multitudes of varied analysis that
have accompanied this poignant quote from the George Orwell classic. At their root they break down to a single
common theme, everything is objectively true or false. Depending on what side of the societal fence
you reside this could mean truth is what is reported by Fox News or MSNBC, or
America is represented by the Occupy movement or the Tea Party. The reality is that fundamental truths or
untruths lie someplace in between the extremes.
Things do not become true just because the majority believes in them or
false because the minority believes in them.
Ask 100 people leaving the local chain
pharmacy if they need to have their loyalty card scanned or provide their email
or phone number to complete their purchase and the majority will say yes. Ask them why and you will likely be treated
to some blank and or puzzled stares. </div>
<div class="MsoNormal">
<br /></div>
<h3 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><u>The problem</u></b></h3>
<div class="MsoNormal">
If you ask 100 people
on the street if HTTPS is secure it is likely that half of them will ask you
what HTTPS is. The majority of the
remaining half will insist it is safe based on their tertiary experiences. HTTPS begins "my banks" URL, Amazons URL etc.,
so of course it is safe or they would not use it. A small minority will tell you nothing is
secure or make a statement that includes a variation on that theme. It is true that HTTPS is a lot more secure
than HTTP. It is also true that is
possible to break into HTTPS/TLS/SSL even when websites do everything
correctly. Most people think of HTTPS as
a bank vault when in fact they should equate it to the lock on the door of
their house. A locked door will keep
the honest people honest and the casual thief forewarned but it will not stop a
determined attack. Determined attacks
like breaking into a CA, compromising a web site, compromising a DNS or a
router are all paths around the HTTPS security.
</div>
<div class="MsoNormal" style="margin-bottom: 10.0pt; margin-left: 0in; margin-right: 0in; margin-top: 10.0pt;">
The United States population is one of the most open,
information centric demographics in the world.
Tens of millions of people voluntarily expose the most intimate details
of their lives through the pervasive world of social networking. More than 88% of consumers have made
purchases online spending more than 142 billion dollars in 2010 with a 14%
increase continuing to trend upwards through the 2<sup>nd</sup> quarter of 2011 (comScore,
Inc., 2011).
Within a few years this trend will represent hundreds of billions of dollars of
transactions conducted with the barest of security protections. The bulk of these transactions can be
characterized as the modern equivalent of giving your checking account number,
routing number, and driver’s license information to a 16 year old supermarket
customer service worker in return for a check cashing card. A FTC-sponsored survey estimated that the
annual total loss to businesses due to ID theft approached $50 billion with the
total annual cost of identity theft to victims at $5 billion (H CMTE on Ways and Means, 2012). This means more than a third of annual gross
cyber revenue is lost to business or more likely the losses are passed to the
consumers. Yet those same hordes of
consumers who willingly play this financial Russian roulette on a regular basis
are the doppelgänger vocal detractors of government sponsored identity systems. The paradox of an individual who will
surrender his or her credit card, credit history, and identity to a faceless
cyber organization but balk at providing their government-issued social
security numbers to either state or federal government program is astounding.</div>
<div class="MsoNormal">
The fundamental issue is one of trust - not trusted identity
but trusted government. Winston, in
1984, represented a tacit prediction of the lack of trust people would have in their
governments and the total control that governments would impose in their people
in the future. Although we have thus far
escaped turning America into a totalitarian state public trust is at an all
time low according to the Pew Research Center.
Nearly eighty percent of Americans do not trust their own
government. In fact, the only time since
1975 that government trust broke 50% was in the months following 9/11 (Thompson,
2010). To summarize, eighty eight percent of
Americans trust the internet with their identity and their hard earned money
while eighty percent of Americans distrust their government. Given this situation, it is not surprising
that government sponsored identity trust models have struggled to get off the
ground unless they are thus elevated by significant amounts of funding. </div>
<div class="MsoNormal">
<br /></div>
<h3 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><u>The best possible
solution?</u></b></h3>
<div class="MsoNormal">
Granted there are a number of security programs that offer
trust to some degree, the most common of these are digital certificates. A digital certificate is an electronic signature
that establishes your credentials when doing business or other transactions on
the Web. It is issued by a certification authority (CA). It contains your name,
a serial number, expiration dates, a copy of the certificate holder's public
key (used for encrypting messages and digital signatures), and the digital
signature of the certificate-issuing authority so that a recipient can verify
that the certificate is real. It is not
just individuals who can possess digital certificates. In fact digital certificates are a byproduct
of the secure sockets layer protocol developed in 1994 by Netscape for sending
information over the relatively new internet.
It is this specific solution that we have put under the magnifying
glass.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
SSL was created in the infancy of the internet and designed
to prevent passive attacks. When SSl was
developed there was no such thing as e-commerce and “credentials” were seldom
if ever transmitted other than in and through government networks. At the time the internet had less than five
million users but growth at nearly a hundred percent per year beginning in the
late 1990’s resulted in to the four billion publicly facing hosts of today. (Coffman & Odlyzko, 1998) However the development of the SSL protocol
recognized a potential vulnerability known as “Man in the Middle Attacks”. A man in the middle attack is carried out by
an attacker making independent contact with the victims, e.g. user and host,
and relays information between them so that it appears as though they are
communicating directly when in fact the data can be both modified and/or
stolen. In order to guard against this
[at the time] perceived threat Certificate Authorities (CA’s) providing public
key encryption was introduced. Public
Key Encryption was described as follows during the development of the AAL
protocol; </div>
<div class="MsoNormal">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: 0.5in; text-align: left;">
“Public key encryption is a
technique that leverages asymmetric ciphers.
A public key system consists of two keys: a public key and a private
key. Messages encrypted with the public key can only be decrypted with the
associated private key. Conversely, messages encrypted with the private key can
only be decrypted with the public key. Public key encryption tends to be
extremely computing intensive and so is not suitable as a bulk cipher”. (Hickman, 1995) In an interview with Moxie Marlinspike, CTO
and co-founder of Whisper Systems, SSL designer Kipp Hickman said the addition
of CA’s was “thrown in at the end” …”the whole CA thing was a bit of a hand
wave” (Marlinspike,
2011)</div>
</blockquote>
<div class="MsoNormal" style="margin-left: 0.5in;">
<br /></div>
<div class="MsoNormal">
In 2011, Comodo, the 2<sup>nd</sup> largest certificate
authority in the world was hacked resulting in nine certificates for seven
domains being issued. Among the domains affected
were Google, Yahoo, Skype, Mozilla and Microsoft’s Live. Originally thought to be an action of “cyber
terrorism” by a city state (Iran) based on the IP address trace (212.95.136.18)
it later appeared to be the work of a single individual without a great deal of
technical experience. (Marlinspike, 2011)</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
So given what appears to be a less than auspicious track
record and questionable parentage why would the educated consumer turn to a CA
to help establish their identity and more importantly trust the identity of the
cyber entity to which they are surrendering their financial information. Historically digital certificates can lay
claim to a twenty plus year history of trust and effectiveness. Each time you log into your bank account
online or make a purchase with your Amazon account the transactions and
parities involved are authenticated using digital certificates. As is obvious from our previous examples the
technology is not without its detractors and its very public failures. These however need to be balanced against its
success stories.</div>
<div class="MsoNormal">
<br /></div>
<h3 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><u>Why Government?</u></b></h3>
<div class="MsoNormal">
Government sponsored
PKI, more specifically US government sponsored PKI has not yet been
compromised. Like most of the rest of
the PKI world the US government PKI is built around the International
Telecommunication Union (ITU) X.509 standard.
Program policy is overseen and managed through the Federal Public Key
Infrastructure (FPKI) Policy Authority.
FPKI is an interagency body set up under the CIO Council to enforce
digital certificate standards for trusted identity authentication across the
federal agencies and between federal agencies and outside bodies, such as
universities, state and local governments and commercial entities. The United States has adopted a Federal PKI
policy and program as a response to the Paperwork Elimination Act of 1998 which
required electronic government services by October 21, 2003. The law itself is technology agnostic but the
consensus is that PKI combined with biometrics, multi factor authentication,
and hardware tokens, is the best available option. In and of itself PKI is superior to the
physical inked signature on a document and when used with the previously
described accoutrements are superior to other existing electronic signature. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The senior advisor to the chair of the Federal PKI steering
committee sums up the US government program thusly; </div>
<div class="MsoNormal">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in;">
“The goals of the U.S. Federal PKI
are to create a cross-governmental, ubiquitous, interoperable Public Key
Infrastructure and the development and use of applications which employ that
PKI in support of Agency business processes. In addition, the U.S. Federal PKI
must interoperate with State governments and with other national governments.
Our goals recognize that the purpose of deploying a PKI is to provide secure
electronic government services utilizing Internet technology, not only to
satisfy the little hearts of a dedicated cadre of techno-nerds and paranoiac
security gurus but to serve the citizenry.” (Alterman, 2012)</div>
</blockquote>
<div class="MsoNormal" style="margin-left: 0.5in;">
<br /></div>
<div class="MsoNormal">
Who are you? In
Orwell’s 1984 Winston Smith was a clerk in the records department of the Ministry
of Truth where is job is to rewrite historical documents so that they can match
the ever changing party line. This job
involves removing photographs and altering documents generally for the purpose
of removing “un-persons” that have crossed the party and are eliminated both
physically and virtually. The hesitancy
for people to “share” information with the government is strongly influenced by
an Orwellion fear that the more information the government has on you the more
control they will have over your life.
The purpose of this paper is not to debate the right or wrong of that
statement rather to clarify just what the government already knows and why it
is necessary in the Identity management world. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Who and what you are digitally is broken down into a series
of attributes that define your person and lead to the rights and privileges
that are based on those defining attributes. Standardizing what these attributes are and
how they are vetted leads to trust in the identities, a requirement for
interoperability. The best example of
this trust model across multiple jurisdictions is RealID. Real ID has some controversial elements but
we are just focusing on the Identity, vetting, and information sharing
elements. These are the same elements
required for you to open and use an Amazon.com® account and contain what is
known as Personally Identifiable information or PII</div>
<div class="MsoNormal">
<br /></div>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in;">
“The REAL ID Act of 2005, Pub.L.
109-13, 119 Stat. 302, enacted May 11, 2005, was an Act of Congress that
modified U.S. federal law pertaining to security, authentication, and issuance
procedures standards for the state driver's licenses and identification (ID)
cards, as well as various immigration issues pertaining to terrorism.</div>
<div class="MsoNormal" style="margin-left: .5in;">
The law set forth certain
requirements for state driver's licenses and ID cards to be accepted by the
federal government for "official purposes", as defined by the
Secretary of Homeland Security. The Secretary of Homeland Security has
currently defined "official purposes" as presenting state driver's
licenses and identification cards for boarding commercially operated airline
flights and entering federal buildings and nuclear power plants”. (Wikimedia
Foundation, Inc., 2012)</div>
</blockquote>
<div class="MsoNormal" style="margin-left: 0.5in;">
<br /></div>
<div class="MsoNormal">
The American Civil Liberties Union, a strong opponent of
Real ID and its variants consistently claims that these types of programs are a
severe detriment to privacy rights. The
ACLU states that there are “real security concerns with creating a federal
identity document every American will need in order to fly on commercial
airlines, enter government buildings, or open a bank account” and that “tens of
thousands of people will have access to our information in a massive government
database. The national database could
well become a one-stop shop for identity thieves.” (ACLU , 2008) It can be successfully argued that it is
the hard sell, or the phrase required by law, that defines government programs
that causes the dissension. </div>
<div class="MsoNormal">
</div>
<h3 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><u>Who are you
really?</u></b></h3>
<div class="MsoNormal" style="margin-left: .25in;">
PII is any information about an individual
maintained by an agency, including (1) any information that can be used to
distinguish or trace an individual‘s identity, such as name, social security
number, date and place of birth, mother‘s maiden name, or biometric records;
and (2) any other information that is linked or linkable to an individual, such
as medical, educational, financial, and employment information.‖ Examples of
PII include, but are not limited to:</div>
<blockquote class="tr_bq">
<ul>
<li> <span style="font-family: Symbol;"></span>Name, such as full name, maiden name, mother‘s
maiden name, or alias</li>
<li><span style="font-family: Symbol;"></span>Personal identification number, such as social
security number (SSN), passport number, driver‘s</li>
<li>license number, taxpayer
identification number, or financial account or credit card number</li>
<li><span style="font-family: Symbol;"></span>Address information, such as street address or
email address</li>
<li><span style="font-family: Symbol;"></span>Personal characteristics, including photographic
image (especially of face or other identifying characteristic), fingerprints,
handwriting, or other biometric data (e.g., retina scan, voice signature,
facial geometry)</li>
</ul>
</blockquote>
<blockquote class="tr_bq">
<div class="MsoNormal" style="margin-left: .5in;">
(McCallister, Grance, & Scarfone, 2010)</div>
</blockquote>
<div class="MsoNormal">
The problem with PII is that it is personally identifiable,
and we live in a world where we have identities both physically and in
cyberspace. Twenty first century
interaction requires we have a digital identity but the digital ecosystem has
not yet balanced out. As a result you
can have multiple digital identities.
The real problem is that that your identity could be stolen from you or
even created without your knowledge. Why
is this? Millions of Americans who do
not trust local, state, or federal government to keep a database of PII
willingly give it to any cyber entity who asks for it. Consider all of the social networking sites,
game and entertainment sites, browsers, cloud applications and others all
requiring you to fill out a simple form which most people do without
questions. Without more than a few
seconds consideration many people give up their information to a faceless
entity because that entity has something they want, information, a purchase, a
connection, a relationship. In goes your
name, alias, address, bank or credit card information. Now that your basic information is in you
will nearly always be prompted for answers to secret questions and in goes your
mother’s maiden name, place of birth, fathers middle name etc. Now that you have your account how often do
you fill in a profile with your age, gender, personal preferences and
more. All of this data it not used for
making sure travel and government buildings are secure. It is not protected in FISMA compliant data
centers or secured and encrypted with federally regulated PKI. Rather it is collected for the sole purpose
of generating revenue either directly or indirectly for the social networking
or e-commerce web site you registered with.
The final blow comes with the social networking sites that flood you
with a number of options for sharing your information. </div>
<div class="MsoNormal">
<br /></div>
<h3 class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><u>Who do you want to
be?</u></b></h3>
<div class="MsoNormal">
The vast majority of Americans feel that the internet offers
anonymity. The old adage “On the
internet, nobody knows you’re a dog” (Steiner, 1993) was published as part of a satirical
cartoon in a 1993 addition of the magazine New Yorker. The message that the cartoon was originally
meant to convey was that internet users could send and receive messages in
relative anonymity. 1993 was before
social networking and e-commence, a time when cyber anonymity equated to
privacy. That same anonymity is now a
looming specter of privacy infringement and fraudulent identity creation because
there is no requirement to prove you are you who claim to be in order to
establish a cyber identity. Try the
20-20 experiment. Spend twenty minutes
and twenty dollars researching yourself on the internet. Even the layperson is likely to develop
enough information that would allow them to establish a cyber identity to
include finding their social security number and financial history. From this point ecommerce is but a shot step
away. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Winston Smith rewrote identity history for the totalitarian
government in Orwell’s 1984. It is not
the government that is the nameless faceless predator stalking the dark paths
of our cyber world but the opportunistic hacker or the casual yet
technologically savvy cyber mugger.
Stealing your purse or wallet used to be an intimate physical act. Today
it is accomplished with the stroke of a keyboard. It is time for the cyber world to recognize
its inhabitants as unique individuals.
Contrary to popular belief this uniqueness can be achieved in near
complete anonymity as compared to the publicly facing methods currently in
use. Moreover the uniqueness can vastly
increase the level of trust possible in a cyber identity while greatly reducing
fraud and identity theft. Your cyber
identity need be nothing more than a digitally signed public and private key
pair, an encrypted series of numbers that represent you. Rather than repeatedly creating an untested,
un-vetted cyber identity on every site you visit you
create a single profile for a single certificate authority. Given the private sectors track record it is
logical that that authority be, or be regulated by and overseen by
government. This does not require any
information beyond what you have already provided to the government throughout
your life in the form of Birth certificates, social security card applications,
tax records, vehicle registrations, and license applications of all types. The difference is that this time the
information will be cross checked and a cyber alias, a series of numbers, will
be created for and associated with that information. The cyber alias can be tied to you through
any number of physical unique identifiers which make it virtually impossible
for anyone to co-opt or use without your express permission and physical
presence. This process is in reality the
exact opposite of the claims of its detractors.
It locks up your cyber identity and provides you with the sole key to
unlock and use it. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Google your own name and ask yourself the question, is this
really me? Are you really willing to
play the odds? Nine million Americans
were victims of Identity theft in 2011.
Just how sane is that statistic?</div>
<h2>
Works Cited</h2>
<div class="MsoBibliography">
ACLU . (2008, April 29). <i>ACLU Testifies before
Senate against Real ID.</i> Retrieved May 15, 2012, from ACLU:
http://www.aclu.org/technology-and-liberty/aclu-testifies-senate-against-real-id</div>
<div class="MsoBibliography">
Alterman, P. (2012). <i>The
U.S. Federal PKI and the Federal Bridge Certification Authority.</i> Retrieved
May 15, 2012, from Federal PKI Policy Authority:
http://www.idmanagement.gov/pages.cfm/page/Federal-PKI-Policy-Authority-home-page</div>
<div class="MsoBibliography">
Coffman, K. G., &
Odlyzko, A. M. (1998). <i>The size and growth rate of the Internet.</i>
AT&T Labs - Research (2 Oct 1998).</div>
<div class="MsoBibliography">
comScore, Inc. (2011,
August 8). <i>comScore Reports $37.5 Billion in Q2 2011 U.S. Retail E-Commerce
Spending, Up 14 Percent vs. Year Ago</i>. Retrieved March 1, 2012, from
comScore, Press & Events :
http://www.comscore.com/Press_Events/Press_Releases/2011/8/comScore_Reports_37.5_Billion_in_Q2_2011_U.S._Retail_E-Commerce_Spending</div>
<div class="MsoBibliography">
H CMTE on Ways and
Means. (2012, February 29). <i>Committee on Ways and Means Facts and Figures:
Identity Theft.</i> Retrieved March 2, 2012, from Committee on Ways and Means:
http://waysandmeans.house.gov/media/pdf/ss/factsfigures.pdf</div>
<div class="MsoBibliography">
Hickman, K. E. (1995,
April). The SSL Protocol. <i>Internet Draft</i> . CA: Netscape Communications
Corp. Retrieved May 154, 2012, from http://tools.ietf.org/html/draft-hickman-netscape-ssl-00</div>
<div class="MsoBibliography">
Marlinspike, M.
(2011). SSL And The Future Of Authenticity. Las Vegas, NV, USA. Retrieved May
15, 2012, from http://www.youtube.com/watch?v=Z7Wl2FW2TcA</div>
<div class="MsoBibliography">
McCallister, E.,
Grance, T., & Scarfone, K. (2010, April). Special Publication 800-122. <i>Guide
to Protecting the Confidentiality of Personally Identifiable Information
(PII),</i> . Gaithersburg, MD, USA: US Dept of Commerce National Institute of
Standards and Technology.</div>
<div class="MsoBibliography">
Orwell, G. (1949). <i>1984.</i>
(E. Fromm, Ed.) New York, New York: Harcourt.</div>
<div class="MsoBibliography">
Steiner, P. (1993,
July 5). On the internet nobody knows your a dog. <i>The New Yorker</i> . (D.
Remnick, Ed.) New York City, New York, USA: Condé Nast. Retrieved May 16,
2012, from http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you%27re_a_dog</div>
<div class="MsoBibliography">
Thompson, D. (2010,
Aril 19). <i>80 Percent of Americans Don't Trust the Government. Here's Why.</i>
Retrieved March 1, 2012, from The Atlantic Business Archive:
http://www.theatlantic.com/business/archive/2010/04/80-percent-of-americans-dont-trust-the-government-heres-why/39148/</div>
<div class="MsoBibliography">
Wikimedia Foundation,
Inc. (2012, May 10). <i>The Real ID Act</i>. Retrieved May 16, 2012, from
Wikipedia.org: http://en.wikipedia.org/wiki/REAL_ID_Act</div>
<div class="MsoNormal">
<br /></div>Anonymoushttp://www.blogger.com/profile/08277975770241435662noreply@blogger.com1