Tuesday, January 14, 2014

So what drives e-trust in an Outside-In world

I started considering this question while fighting a cough that kept me awake until one am this morning.

We probably first need to define Outside-In and e-Trust:
The first definition will be the most difficult to capture in a single sentence, especially as LEF's own understanding of the concept is fast evolving, from being just an IT based paradigm focussed on platform location, to taking a more holistic business perspective resulting in the importance considering and engaging in the development of new business ecosystems, often powered by the fast evolving internet.

Outside-In
The approach or mindset of an enterprise or entity that makes use of an external network of partners and/or co-creators to expand the size of the network for the benefit of it's participants. This will more often involve the effective use of information or innovation sourced from the external network, than it will internally created information or innovation.

e-Trust
Involves the capacity to develop confidence during specific interactions, that involve specific assets, through various devices and systems across networks to other knowable and unknowable entities. One might call it Virtual Trust.

After my coughing bout, and a period of what felt like insane clarity, I fell asleep after having created the following seven top Level "A"s, as perceived by the end user.
(NB I did not concern myself with the deeper,  more technical components that will be required to deliver on these high level drivers.)

Affordance, Accessibility, Availability, Accuracy, and Agency....

I swear I came up with a sixth and seventh A, but as I fell asleep soon after with a deep sense of satisfaction, I failed to properly store it in my sleepy neurons.  Wait, they have appeared, I can't believe I momentarily forgot them, they are of course;

Authenticity and Authority

As I went to sleep, I gave myself the challenge of comparing these seven terms with the Parkerian Hexad, but first lets quickly define these seven drivers, not in any specific order. I will tweak the Wikipedia definitions to match the needs of this blog post. Remember we are considering the drivers of e-trust in an Outside-In world. I will not argue for or against these terms, I will just try and define them in the context of Outside-In.

Affordance 
The capacity of an object, service, ecosystem, or environment, to allow an entity to perform an action.
This term relates also to such concepts as usability, simplicity

Accessibility is the degree to which information, products, devices, services, or environments are available to as many entities as possible.

Availability is the probability that an item will operate satisfactorily, or information would usable at a given point in time when used under stated conditions in an ideal support environment. Simply put, availability is the proportion of time a system is in a functioning condition.

Accuracy The nearness or closeness of information to the actual value of information being accessed.

Agency is the capacity of an agent (a person or other entity) to act in a world, including controlling access to their own information.

Authenticity The genuineness of content or identity, actually possessing the alleged or apparent attribute or character,

Authority Represents the legitimacy of an entity to define formal rules or rights, established in law or by decree of the owning entity.

So onto my Parkerian Hexad comparison...

My seven terms Affordance, Accessibility, Availability, Accuracy, Agency, Authenticity and Authority

The terms from the Parkerian Hexad
  • Confidentiality
  • Possession or Control
  • Integrity
  • Authenticity
  • Availability
  • Utility
Two direct matches, but the rest all align to one degree or another


I believe that the seven more effectively represent the drivers of trust, rather than outcomes that influence the trust.


All this, apart from the last comparison, in a weirdly clear glimpse just as I fell asleep. It just felt right.

In the cold light of days I am starting to challenge the logic... what say you?

#40 To no one will we sell, to no one deny or delay right or justice.

Article 40 of the Magna Carta (1215) embodies in one sentence the concept of Agency.

#40 To no one will we sell, to no one deny or delay right or justice.


I was listening to a radio news article on the troubles besetting Egypt, when “agency" reared its head again…. For me having "agency" involves not having my rights, sold, delayed or denied.

The binary agency/control option is quite apparently the issue, with the Egyptian voters being given a fools choice.

Option 1) No i.e. you want the Prior Constitution which established the Muslim Brotherhood as the only option leading to a Police State
Option 2) Yes to the New Military Constitution which establishes the Military as the only option leading to a Police State

Getting the "Balance of Agency" right is never easy, I can’t see any easy way out, while neither side wants to truly create a pluralist society. I would commend those developing a new Egyptian Constitution to take the best parts of the Magna Carta.

The same goes for the Internet...

Option 1) Enterprise Centric  …. leads to exploitation of consumers data, and thus the consumers
Option 2) Network Centric …. leads to exploitation of consumers data, and thus the consumers
Option 3) Service Centric …. leads to exploitation of consumers data, and thus the consumers
Option 4) Device Centric …. leads to exploitation of consumers data, and thus the consumers

While Option 2) Network Centric Is currently dominant
(I hold the News Corporations to be part of the Network Centric Option, along with Broadcasters and Network Providers, in my mind Network is not just the wires.)
We are currently in a battle, perhaps as yet unrecognised, between the Service and Device Options for dominance. Clearly the Network Players will continue to fight to maintain their valuable, to them, dominance. Sadly it appears that all the potential winners want to sell, delay, or deny our data rights.

Put more starkly: Who will rule us, through our data, Google or Samsung?

(Apple is still straddling the fence between the two options but by targeting only the wealthier, they will likely be also rans.)
Amazon might be the white knight, if they help build an agency enabling ecosystem that gets the balance right. At present they are seemingly fighting for dominance in option 3, but they are not averse to fence sitting, with devices sold at a loss, if it helps them achieve dominance.

I don’t really like any of the above numbered options; where are the options that allow for the balance of control between providers and consumers. I am not looking for a compromise(d) option, I am asking is there a "Fourth Way"?

Do we need an Internet Magna Carta that focuses not on an individuals right to Privacy, but more on the right of entities and Society to control how their data are used. A charter that does not allow the selling, delay or denial of our data rights.

The intriguing thought I have is that the e-trust ecosystem designed to deliver on the needs defined in an as yet unwritten Internet Magna Carta, might be used to solve the wider societal difficulties that we face; as factions, formed from religion, tribe or dogma continue to rip our plant apart. Only this week we had a world leader get embroiled in an affair of the heart which interfered with the affairs of his state. We also had an individual chose to eat the raw limb of an opponent he had slaughtered as retribution for the loss of his own family members, we are living in a crazy world.

Clearly criminals would not be allowed to hide evidence of their crimes, nor Leaders hide their true values, but isn't it reasonable for us to want entities to have balanced agency?

Let’s build an e-trust eco-system that helps hold our leaders accountable, and achieve an agency balance that; supports rights of many different factions, encourages the growth of enterprises with the right values, ensures the continuation of a trustworthy global communications network, helps reward the development of valuable services, and creates a demand for devices that are valued.  We might call this Internet (or Social Media) enabled phenomena Social Capitalism! Either way “Agency" in the new system should be balanced in favour of no ONE entity or organisation.

Intel has written a paper on the upcoming Data Society in which they wrote "Today, we do not control most of our personal information. People in the future may "want to have more transparency and control over the use of their data." and perhaps more importantly: "We don’t know enough about our own data, and its value."

I hope that this new option will be “Value(s) Centric"

With an e-trust ecosystem in place perhaps we could build a Pluralist Outside-In Society?

I believe that this would be as valuable for the enterprises currently being marginalised in the batlle for dominance as will be to the consumers who are being increasingly exploited.

Whether Extremist Christians or Extremist Muslims would be happy to live in such a society is another matter.

Sunday, January 05, 2014

The big reveal!

I don't know my left from my right! You would however never know as I have a memory implant that gives me the answer on demand. While you can see the implant if you look carefully, you can't see when or if I operate it. A nasty collision with a wooden post in the early 60's, gave an RAF orthodontic surgeon, the excuse to experiment with this futuristic device.

To my delight I mastered the implant with ease, and have been using it ever since. It has no batteries, and has only had to be serviced twice in 50 years, once when the original materials decayed, and once when it came unstuck.

The reader is my tongue, the implant is simply a cap on what remains of my left incisor.

What the heck has this got to do with e-trust I hear you cry! Well actually far more than you might think. 
Having perused the recent news that Google is looking to allow you to unlock Chrome without a password, by using your mobile device, but were concerned that the devices might be abused, my surreptitious tongue interface came to mind. 

If I could give my tooth the power to communicate with my device, I could allow Chrome to automagically authenticate me through my device and then confirm my authorisation with a secret tap on my tooth.

An extension of the now hopefully not patentable idea, as I have put it into the public domain, is to piggy back an interface onto the nerves controlling the muscles in a particular area of ones body. then the user the would teach their identity agent their particular secret musculature confirm command.

For the challenge with establishing if any authentication signal was correct is first establishing with a high degree of authority the actual intent of the principal in question. There would also need to have a secret duress signal. Even more capable identity agents would have the capacity to detect the amount of blood in my alcohol! Authorisation would ever be allowed when it was high enough!

Too often are actions taken to be meant, this is not always the case.

Accepting actions without intent is a very fast way of denying the agency of the principal.

So when will I be able to get my dentist implanting my dental authentication device?
Perhaps more importantly what will it be called? 
Yorkshire Version = t'authorise
Modified Joke  = 2or30 ( two authority ok a stretch but close in an Irish accent)

Or a strap round my ankle that detects me twitching my left big toe, three times.
"Trust Ankor"?

It is not sufficient for a device to be able authenticate my ident, my device will need to confirm my intent, the two are very different problems.

As we shift to an Intention based economy this will be a real issue, for which we will need answers.

Thursday, January 02, 2014

Avoid Abrogation and/or Disintermediation on the journey to Outside-In

Two of the most dangerous aspects of the Outside-In journey are Abrogation and Disintermediation. So how do these two concepts relate to Outside-In?

Firstly, it is important to understand that the Outside-In frame, identified by the Leading Edge Forum, is an important new business trend, the antonym of Inside-Out, that results from the confluence of social connectedness and consumerized devices, that are empowering customers and partners. Organisations that understand this trend and are starting to explore its implications, and learning to live with the new frame, should become aware of the new opportunities, as well as the barriers and risks that the confluence also brings. Remember often the best data is "out-there", not inside your own organisation.



Abrogation is the result of choosing to allow rights over, or access to key data and / or business processes to be transferred to external entities or simply let go. This is very different than the act of choosing to make such data publicly available. Once an organisation has abrogated their rights over such data or business processes, it is very difficult to regain those rights.



Disintermediation has a similar result, ie the loss of rights over or access to key data or business processes, but in this case through the deliberate acts of external entities to gain control over those rights.

It is important to remember that much of the key data used to run an organisation profitably are actually owned by external entities, either partners or customers.

It is critical that Outside-In business processes are architected to allow the control over such data to be in the hands of the most appropriate entities, while maintaining access to such data.

This is arguably a security question, though clearly it is a question that involves collaboration and  co-operation with partners and customers. As identified by the Jericho Forum the future is "Collaboraion Oriented", and so we need Architectures that are also collaboration oriented.

Given we recognise that most current business architectures were developed for an Inside-Out frame .

Are the architectures your architects are developing focussed on the Inside-Out or Outside-In?

Do your architects have the skills and knowledge to develop architectures that enable your organisation in an Outside-In world?