Week in Standards – Week 19, 2011

It has been a long two weeks in the UK with celebrations of the Royal wedding and now we are back after a bit of a break.  Again we have a wide range of standards related news and I hope you enjoy it!

Web standards

Adhering to OGC SWE Standards Simplifies Sensor Web Development

The SWE Common Service Model interface standard can be applied across services, which either require information from sensors or give information about sensors. In all the cases involving access and management of sensors through service interfaces the OGC SWE Interface standard can be applied.

The OGC SWE Common Encoding standard gives the standard model of how the sensor related data such as nature, structure and encoding must be presented. This standard explains how static data in the form of files and dynamically data generated processing is to be presented. It also describes how real time data streams and web service outputs and inputs should be processed. Other OGC Sensor Web Enablement standards like OGC Sensor Model Language (SensorML) Encoding Standard, Sensor Planning Service (SPS) Interface Standard and Sensor Observation Service (SOS) Interface Standard are compatible with the OGC Interface and Encoding standards.

The HTML5 future of the web starts to take shape

Web based applications are already vying with some traditional PC based applications software for users – Google Docs comes to mind – but in the future HTML5 might accelerate this into a trend that could wind up turning most users’ PCs into thin clients totally dependent upon the web.

That’s the message from Paul Cotton, the director of web services standards strategy at Microsoft

Google Launches WebM Video Patent Cross-Licensing Initiative

As this year began, Google was ensconced in a web video brouhaha, after Google officials wrote that they are putting more muscle behind the VP8 open source video codec, and that Google’s WebM video standard would compete with more entrenched standards. The upshot was that Google is moving steadily away from supporting H.264 video, which could have a big impact on web publishers and device manufacturers. Many of the questions surrounding WebM had to do with how open a standard it will be, or whether Google might position it as a way to reap lucrative licensing revenues through its incorporation in the Google Chrome browser, and elsewhere. Now, WebM Community Cross-Licensing has been announced, possibly putting to rest some of the concerns.

Mobile standards

NFC to boost mobile commerce?

The new BlackBerry Bold smartphones unveiled by Research in Motion (RIM) this week are the first BlackBerry devices to be equipped with the much-hyped near-field communication (NFC) technology.

European Banks Work on Guidelines for NFC Payments

The European Payments Council (EPC), which represents the European banking industry, has released a draft version of guidelines it hopes will give the use of NFC (Near Field Communications) for payments a boost.

The Mobile Contactless SEPA (Single Euro Payments Area) Card Payments Interoperability Implementation Guidelines document focuses solely on the use of NFC. The EPC wants the industry to provide feedback by June 17. The final version is expected to be published in October, according to a statement issued on Thursday.

Swift mobile wallet adoption hinges on apps

Koichi Tagawa, chairman of the NFC Forum, a group formed to advance the use of the technology by ensuring interoperability among devices and services, said that one of the main reasons why NFC, and in particular mobile wallets, is back in the spotlight is because the group had recently released four new specifications to aid stakeholders in advancing their services.

Cloud standards

Standards for Inter-Cloud EDI

‘Inter-Cloud EDI’ aims to act as a hosted trading hub standard for EDI (Electronic Document Interchange) messages across Cloud applications.

The Case for Cloud Security Standards

A discussion on the key issue of  “What is the baseline security standard we have to have to trust third parties to govern our data?”

Five Guidelines for Cloud Computing and Device Security in The “Always Able” Era

there are five important guidelines enterprises should consider as they reshape IT policy to enable mobile devices to function seamlessly and securely in the cloud: Take an inventory of all devices, Device security equals cloud security, Unified protection, Cloud-based encryption, Scalability

Into The Great Wide Open: The Open-Source Cloud Revolution Takes Shape

A discussion on the evolution of the Open source cloud

Unified APIs or API Standards, The Race is On

The race is on:  can API standards evolve fast enough, or will unified APIs meet the demands of the development community?  Or are unified APIs just an interim solution until we can define common standards?

Giant telcos look to the cloud

In the battle for enterprise customers, giant telecommunications and cable companies are going to the cloud, reports the New York Times. According to Web Host Industry Review, CenturyLink, one of the largest telecommunications carriers in the US, revealed that it had entered into an agreement to buy managed hosting provider Savvis in a cash and stock merger worth a total of approximately $2.5 billion.

Savvis Exec Argues Against Cloud Standards

The man who has been the cloud computing guru at Savvis Inc. (Nasdaq: SVVS) says the telecom industry shouldn’t rush to standardize cloud services, for risk of shutting down innovation.

Larry Steele, vice president of software as a service (SaaS) at Savvis, says that tying cloud services to transport services is a natural next step, and most likely a positive one, unless telecom operators try to create standardized cookie-cutter approaches to delivering cloud services. (Savvis struck a deal Wednesday to be acquired by CenturyLink Inc. (NYSE: CTL) — see CenturyLink Clouds Up With Savvis Buy.)

CSA and ISO to team up to develop cloud security standards

The Cloud Security Alliance (CSA) and the International Organization for Standardization/ International Electrotechnical Commission (ISO/IEC) have announced they will be teaming up to develop key standards for cloud security.

The partnership was unveiled at the recent CSA Summit at Infosecurity Europe and the CSA has established a Category C Liaison relationship with ISO/IECs’ Joint Technical Committee 1/Sub Committee 27.

Storage: Cloud Implementation Standards Take Hold

A new standard for cloud storage called the Cloud Data Management Interface (CDMI) is being increasing used by storage vendors in both private and public cloud implementations.  CDMI was created by the Cloud Storage Initiative (CSI), a group within the Storage Networking Industry Association (SNIA).

Microsoft’s cloud OK’d by the federal government

Companies looking to offer cloud services to the federal government have to go through the proper certification channels, and, in many cases, this process hinges on security measures.

According to SecureInfo, it recently became involved in a strategic partnership with Microsoft. As a result, Microsoft’s new cloud offering passed regulation requirements issued by the federal government and is now able to dispense services to critical national agencies.

SecureInfo, a provider of electronic security solutions, worked with Microsoft so that its cloud offering would be in compliance with the Federal Information Security Management Act.

“Microsoft’s GFS and BPOS-Federal solutions have effectively satisfied the current National Institute of Standards and Technology controls at a Federal Information Processing Standards Moderate Impact level,” said Yong-Gon Chon, SecureInfo’s chief technology officer.

Huawei Joins DMTF Board of Directors

Dubai, United Arab Emirates, 27 April, 2011: Distributed Management Task Force, Inc. (DMTF), the organization bringing the IT industry together to collaborate on systems management standards development, validation, promotion and adoption, today announced that Huawei, a leader in providing next-generation telecommunications network solutions around the world, has been elected to the DMTF Board of Directors.

Privacy standards

India Adopts New Privacy Rules

Amid worldwide lobbying by IT companies to promote the harmonization of data protection laws for the sake of cloud computing, India last month quietly issued new privacy rules that impose significant limitations on how businesses can handle personal information.

Europe Leads in Pushing for Privacy of User Data

To address concerns about data protection, Viviane Reding, the European justice commissioner, said in a speech Tuesday that she would propose extending unionwide rules about breaches of privacy to online banking, video games, shopping and social media.

The rules require phone companies and Internet service providers to inform customers of any data breach “without undue delay.”

TRUSTe Now Largest DAA Compliance Solution for Online Behavioral Advertising

TRUSTe, the leading online privacy solutions provider, today announced that its TRUSTed Ads platform is now under contract to manage10 billion impressions per month, establishing TRUSTe as the largest provider of Online Behavioral Advertising (OBA) notice and choice by volume. TRUSTe also announced today that the TRUSTed Ads platform has been adopted by top consumer brands, DSPs, advertising networks, publishers and data aggregators as the privacy solution of choice to meet self-regulatory compliance requirements.

Sony, Apple Must Repair User Trust in Privacy Standards, EU’s Reding Says

Sony Corp. (6758) and Apple Inc. (AAPL) must work to reassure users that their personal data will be safe from prying eyes, the European Union’s justice commissioner said.

A Manhattan Project for online identity

A detailed discussion on the impact of the National Strategy for Trusted Identities in Cyberspace (NSTIC) announcement last week.

Privacy Commissioners launch free assessment tool for businesses

Several of Canada’s top privacy watch dogs have teamed up to release a free security and privacy assessment tool it hopes will help prevent breaches of personal information.

IT Outsourcing in China and Data Privacy Guidelines

China’s data privacy protection has long been considered one of the world’s weakest. But the government’s proposed data security guidelines may go too far in the opposite direction.

The People’s Republic of China took a step toward addressing its lack of comprehensive data privacy laws earlier this year: It issued a series of proposed data security guidelines intended to better protect the privacy of Chinese citizens and provide guidance for international businesses operating in the country. The document, developed in consult with China’s Ministry of Industry and Information Technology, contains a set of broadly applicable rules and principles for storing, handling and transferring personal information.

OMB sets IT purchasing guidelines for telework

Federal executives have until the end of July to develop or revise information technology procurement policies that support their agencies’ telework needs, according to memo released Thursday.

“When crafting these policies, agencies must account for security risks and ensure that all devices and infrastructure meet federal security and privacy standards”

Has Texas Patient Privacy Bill Hit a Snag?

State Rep. Lois Kolkhorst’s bill to further protect Texans’ private medical information looks stuck; it’s been three weeks since it passed out of committee, and it hasn’t yet been set for a House vote.

Are we really thinking enough about smart grid security?

Some new data from Pike Research suggests that spending on cybersecurity measures for the smart grid will reach $1.3 billion by 2015. The researchers are calling for a 62 percent increase between 2010 and 2011 alone. But personally speaking, I think that sounds far short of where it should be, considering the many billions of dollars being spent on smart grid infrastructure holistically and the very real exposure that the smart grid could mean in terms or privacy and data loss.

Group Worries ‘Do Not Track’ Could Bog Down Broader Privacy Bill

A “do-not-track” provision could bog down a wider online privacy bill, and should be left up to providers until it can be considered separately, a privacy group said Wednesday.

If the debate is defined by a do-not-track option, which would allow Web users to opt out of third-party tracking, the bill may not move through Congress, the Center for Democracy and Technology worries.

IPhone, Android location-logging feature sparks privacy concerns

Revelations about how Apple iPhones and Google Android phones keep precise track of each user’s whereabouts every day is sending shock waves through the tech and privacy communities.

More Consumers Say Privacy — Over Security — Is Biggest Concern …

Today, at both APPNATION and the Mobile Marketing Strategies Summit, TRUSTe, the leading online privacy solutions provider, announced the results of a survey of 1000 smartphone users nationwide on issues relating to privacy and usage of mobile applications and mobile web sites. The Q1 2011 online poll, conducted by Harris Interactive, included responses that reveal attitudes and perceptions about mobile privacy; primary areas of concern; as well as current safeguards being implemented.

Nearly all respondents agreed that privacy is an important issue when using a mobile device and that they want more transparency and control over what personal information is collected and how it is shared. In addition, smartphone users want more choices about advertising and geo-location tracking. Thirty-eight percent say privacy is the number one concern when using mobile applications, followed by security (26%); identity tracking (19%); and sharing information with or without permission (14%).

RFID tags at medical conferences attack doctors’ privacy

The disturbing trend of tracking physician’s movements at scientific conferences using RFID tags imbedded in attendees name badges at national scientific sessions.

Smart grid standards

EarthTechling IEEE And SAE Work On EV Grid Standards

The Institute of Electrical and Electronics Engineers (IEEE) and the Society of Automotive Engineers (SAE) have signed a memorandum of understanding to work together for standards that relate to how electric vehicles connect to the smart grid.

IEEE Launches Smart Grid Interoperability Standards Project in India

Mumbai, Maharashtra, May 3, 2011 /India PRwire/ — IEEE Standards Association (IEEE-SA), a globally recognized standards setting body within IEEE, today officially introduced its globally reputed project, the “IEEE P2030TM Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation with the Electric Power System (EPS) and End-Use Applications and Loads”, in India.

Electric vehicles need ‘smart’ power grid

WEST LAFAYETTE, Ind. — While an upcoming Electric Vehicle Grand Prix may reflect a growing popularity of electric vehicles, their widespread adoption will require innovations to the power grid, say researchers at Purdue University.

Can (should) a city build a smart grid?

The discussions and insights from Boulder, the worlds first Smart Grid city and it’s impact on other cities watching the results for future trends.

ANSI Electric Vehicles Standards Panel Seeks Participants to Develop …

To facilitate the large scale introduction of electric vehicles into the market while ensuring that the technologies and infrastructure are safe and effective, the American National Standards Institute (ANSI) has formed a cross-sector Electric Vehicles Standards Panel (EVSP). The EVSP is seeking participants with relevant expertise and interest to begin the critical work of developing a standardization roadmap to enable the safe, mass deployment of electric vehicles and associated infrastructure in the United States.  The goal is to develop version one of the roadmap this year.

SAE, IEEE partner on vehicle-to-smart-grid tech

Two of the world’s leading technology standardization groups have signed an agreement to partner on vehicle-to-smart-grid standards.

Are we really thinking enough about smart grid security?

Some new data from Pike Research suggests that spending on cybersecurity measures for the smart grid will reach $1.3 billion by 2015.

What exactly are we up against? A few weeks ago, I spoke about smart grid cybersecurity with Datta Godbole, a Honeywell director of research and director for the company’s Automation and Control Solutions (ACS) Labs group. According to Godbole, there are three primary concerns that we should all have when it comes to smart grid security:

1. The need to secure customer data. That’s because the information that is collected about people’s energy could inadvertently be used to reveal details of a person’s private life — such as whether or not they are home at a given time of day. Or likely to be so.

2. The need to secure the grid itself. This relates to management aspects, such as making sure the grid its stable, automating demand response requests, and protecting the physical infrastructure of the utility delivery system (doesn’t matter whether the utility in question is delivering water or electricity).

3. The need to protect transmissions and communications. This refers mainly to communications between substations and the central transmissions equipment. Think of this as the “data in motion” part of the security equation.

IEEE Initiates Standard-Making Process For Key Smart Grid

PISCATAWAY, N.J., USA – IEEE, the world’s largest professional association advancing technology for humanity, recently announced the formation of three working groups to develop technology standards that will assure improved performance by key fiber-optic components in the Smart Grid.

NEMA Unveils Smart Grid Testing Scheme

Following a program announcement by the National Electrical Manufacturers Association (NEMA) in February, NEMA Assistant Vice President for Strategic Initiatives and Special Projects Paul Molitor unveiled the association’s Smart Grid Interoperable & Conformant (SGIC) testing scheme at the World Meter Design Congress.

Tendril Networks Demand Response Solution for the Smart Grid

While the conversation focuses on exactly how sustainable electric vehicles are compared to gasoline-powered vehicles or what the impact their adoption will be on the electricity grid, Tendril Networks is developing a platform designed to answer such granular questions as how to account for the taxes that maintain our road infrastructure when the highly touted adoption of electric vehicle is realized.

The smart grid’s missing ingredient: performance feedback

Sharing of smart grid experiences is being done today to some degree.  Much is shared at numerous smart grid conferences and through smart grid publications and case studies.  Many of these experiences originate from obvious and clear cut issues spread by word-of-mouth or through other media channels.  But are we missing other opportunities and issues that may not be quite so obvious? Are we missing the opportunity to share the pitfalls so others can avoid them?  Is there a need for a more structured program that could create a stream of experiences that, if broadly shared as lessons learned or best practices, might benefit all stakeholders?

New Ipv6 protocol from IETF will boost ‘Internet of Things’

According to Vasseur(co-chair of the IETF Working Group responsible for RPL standardisation), “The industry has for some time being working to develop new IPv6 protocols designed specifically for constrained networking environments such as IP smart objects. These smart objects typically have to operate with very limited processing power [and] memory and under low energy conditions, and as a result, require a new generation of routing protocols to help them connect to the outside world.

“When compared to computers, laptops or even today’s generation of smart phones, traditional IPv6 protocols tend to work less effectively or consume energy at too rapid a rate for these small, self-contained devices or sensors that are often powered by small batteries that are difficult to replace.”

Vasseur added: “For a number for years, smart objects such as sensors, actuators or RFID tags have been interconnected using proprietary protocols and architectures, which has lead to closed systems, lack of innovation and limited numbers of deployments. Very early on, Cisco recognised the need for the adoption of an IP-based architecture for smart object networks…based on an open standard, and IPv6 is without a doubt the most appropriate protocol…

“For example in September 2008, Cisco co-founded the IP for Smart Objects alliance (IPSO), an industry grouping of 57 member organisations with the mission of defining and shaping the Internet of Things.”