Saturday, March 28. 2009
Cequs creating Universal Patient Identifiers
Cequs is providing notice that it will begin testing Universal Patient Identifiers. These
identifiers are protected medical information, as defined under HIPPA. Recently, around March 16, 2009, privacy rules went into effect creating severe fines for the disclosure of protected medical information. Cequs UPI will meet or exceed all currently known standards regarding the use of UPI, and comply with all Federal laws, and security certifications.
As part of the in-depth requirements analysis for a collaborative system, Cequs welcomes stakeholder comments. This dialog will involve other UPI providers, regional health systems, patient master index systems, corporations, non-profits, privacy researchers, policy advocates, security experts (white and black hats), consultants, IDM professionals, and interested individuals.
The only non-participants in this process will be govermental officials who are under a "gag order" of UP study since legislation. Most significant discussion took place in the 1993 to 1999 period, then legislation and an executive order tabled the discussion Should that mandate be lifted, they too can join the discussion.
For an initial understanding of the issues, there is a great amount of material that can be obtained via the web. Start with the RAND report on UPI, which was very well researched.
One might also look at the following.
As a stakeholder you may be interested in figuring out what your rights are in terms of what information you can process, how an individual can determine what information is visible and to whom it is visible. In the patient centric HIT this is a complex matter. Part of the issue is psychological, in countries where people have the right to determine who can see what record, they don't generally exercise that right, but having the right is very important.
Access to medical records is traceable when it is in an electronic form.
For example, while patients are not required to have a UPI, healthcare employees do, so they can be part of business model, and be accountable. How to give the patient more control (when desired) involves selectively shielding of information. Consider two lines at airport security. One involves ID, and there is a normal security process. Two involves a full body X-Ray. A full body X-Ray of course involves exposure of body parts that normally are not shown. Because they are shown, there is a blurring function, which protects the person being scanned (the scan is optional), and the person who has to evaluate the scan. How would this be done for defined sensitive data, so that privacy is not violated in the course of doing business? Essentially this is a dialogue that has been going on since the introduction of electronic systems for healthcare, a twenty year discussion.
Ask yourself the following questions.
1. Are the current level of medical errors acceptable?
2. Do you feel that your medical information (or the information that you have to protect) is safe?
3. Do you have enough control of your medical information and who sees it?
I can be contacted at peterb@cequs.com and seriously welcome your comments. This
is something that affects us all, but interests a few.
Continue reading "Cequs creating Universal Patient Identifiers"
Thursday, March 26. 2009
More on the Electronic Health Record Plan, What's up Doc?
I've been immersed in digital health records requirements for security
and privacy for the last few months. A couple of observations after looking
at some articles in the current NEJM.
Blumenthal on beyond carrots and sticks.
Healthcare is a complex adaptive system in which the specifics are
very daunting.
To say that healthcare is complex, and therefore the software to
provide HIT needs to be complex misses the point that complex systems
can be built up from simple rules.
HIT originally came out of billing systems, not clinical systems.
To say that HIT does not extend the EHR to all potential participants
is a realization of a number of obstacles and barriers to adoption,
many of which, (if given the right level of abstraction), are quite
solvable given collaboration, voluntary network adoption models and
the right incentives.
The current software company/consultant matrix can only do so much,
and ends up building in their own barriers because the economic
incentives are there to make the problem complex, so the strategy is
now to move this to a public good in which the stakeholders
collaborate, but using some basic protocols, while leaving the more
complex rules and roles for the internal systems where specialists are
needed. This means networking the target group, which is every U.S.
citizen, and in addition non-citizens who reside in the U.S. and
consume healthcare resources. This means getting uniqueness into the
domains where this data will live, which is currently the role of the
master patient index within a specific domain.
One of these barriers, Doctors who will not use computers, seeing it
to be a clerical function, is something that is generational, and will
solve itself when retirement kicks in for that generation. Subsequent
generations do not have that problem, that's why many people,
including myself and the NY State Dept. of Health, see the Internet,
and its ability to articulate clear protocols as a model for
exchanging health care data.
Patients have rights, and one of those rights is access to the best
information to manage their health. People can already see their data
online, make appointments, get referrals, see a history, transfer that
history to other providers, and get authoritative information if they
want to research a specific complaint. They may also have their own
copy of the data.
However, because that access is somewhat specific (though generally
web based) to how the other participants set up their systems, then
vendor specific implementations are a problem. Standards are a
solution, like HL7, but as anyone who has worked in the standards
space knows, they are no magic bullet. If the system is localized,
there is less of an immediate need for standards, so thats how HIT
started out with incompatible billing formats in the beginning, I read
somewhere around 400. Going forward there is a much greater emphasis
on proven common IT architectures and models, of which the Internet is
a significant model.
Healthcare consumers will not adopt a system that does not have strong
authentication and authorization for their PII. They will not (Esther Dyson
being a notable and brave exception in her participation in personal
genomics published on the WWW) adopt a system
(especially one that goes over a network) that presents unacceptable levels of risk.
One solution which I have proposed to the national health information network
security architects (who are very architecture, protocol, and security
savvy) is that they reconsider putting PII in their XML messages. By
only sending the health data, and not the PII, this vastly reduces the
threat surface, by making the information much less attractive to an
attacker.
Medical identity theft is a major concern, and it should not
be "baked in" to any protocol. This means that Identity has to be a
separate service in the way that a patient master index provides
uniqueness. If we allow patients to generate their own uniqueness
within the data system, according to an accepted protocol, we can
transcend current organizational boundaries and security domains.
This has an added benefit of making the patient responsible for accurate
data, to correct it, and to have current information. This requires a
linkage between HIPPA covered entities, EHR, and personal health
records, PHR. These do not currently have the same level of security
requirements. One of my fairly simple solutions exceeds most in house
requirements, being FIPS-140, Common Criteria EAL 2.
These Healthcare organizations are very complex, and very political
with strong traditional hierarchical models that demand proof before
change. The policy wonks know this, and admit while there is some
statistical data that supports their case for integrated EHR, that the
financial incentives for the stakeholders have not entirely been there,
but now it is an issue of public good. This is not a dot com like bubble
That's a good thing, but it makes organizing capital a different animal, one that can be responsive in an economic downturn. Who is this animal?
We don't need a lot of private solutions, those already exist. We can use them. We can continue to install them. The ones that have a rhizomatic function will integrate themselves, and we will see the fruits of that underlying mycelium if we have good
networks.
We need to intelligently apply the standards which already exist.
The NEJM article on adoption notes that if you include the VA system which
has an integrated system, the low rate of adoption in the private sector is doubled!
That's because the VA has been at this for a long
time. It also means that they can do things like having multiple
records transferred en-masse from a disaster area to a recovery site,
prepped and ready to go. Your local doctor, group, or HMO may not be
able to do that, so the burden falls on you to be able to network that
data.
For a social network enabled generation, that's not that hard,
for a doctor's office, it requires that the patient be an advocate for
themselves, and if you know someone who has had cancer, etc., you know
the coordination that requires in terms of getting data and test
results scheduled and delivered.
Surely we can make this simpler for
people, just like we made the Internet available, while some of this
is very specialist oriented and complex, there are some of us who are
willing to make new mistakes, but don't expect that from doctors who
had no financial incentive to support this.
This has to be a networked citizen/patient effort or we will be
rearranging the deck chairs for the ensuing economic collapse caused
by higher health care burdens on the economy, as the cost in the long
term is unsupportable. There will be a knowledge gap before there is
consensus. Like the net, in three years people will just not imagine
why you can't get all your medical info on line, get it transferred
to another provider, or get the records fixed because someone stole your SSN
iand got their information inserted into your EHR! It will all become part of the background of choices.
As such it is inherently an open collaboration, whereas before it was
dominated by beltway consultancies, policy analysts, and healthcare
professionals with a minimum of 3 sets of letters after their name to
be qualified to touch your medical data. We still need all those
people, internally, to handle thousands, millions of records (which
they seem to want to keep unencrypted in the trunk of their cars while
they eat lunch) but the government is based very fundamentally (when
it works) on citizen input, instead of just K Street consultant input.
Lookup Clinger-Cohen. President Obama has been doing this with lots of web
sites, great information flow, and townhall meetings on Healthcare.
That means not just reforming HIT, but actually being less of a burden
on the system, which shifts costs into insurance premiums, and then
onto employers. As such losing weight or stopping smoking, are
behaviors that can have major impacts, as part of individual health
management. The focus is on prevention, where one saves money.
We need better architecture that supports a secure and private system
where there is transparency to the patient for their data, ease of
access for authorized providers and clinicians for whom these systems
can not represent additional barriers, and scalable auditing so we can
see if data is being abused, a Bob, Carol, Ted and Alice approach to
encrypted use cases, and tracking of objects like hemostats and
sponges so prions can not travel between patients, so Hepatitis does
not spread, and so your day at the beach with the kids is enjoyable,
and not spoiled stepping on a syringe by someone who dumped biohazard
waste off their 30 foot cruiser off the Jersey shore. We want Sponge Bob enjoying
himself at the Krusty Krab, not a sponge left inside Bob, who then sues Carol, and is insured by Ted, and paid for by Alice, who is all of us.
Continue reading "More on the Electronic Health Record Plan, What's up Doc?"
Wednesday, March 25. 2009
It's that time again, cast your vote for Earth.
Saturday, March 21. 2009
Ways to avoid Mass Extinction
Earth, fire water, are basic elements of the alchemical process. They need to be understood in the larger systems of which we are often unconscious. Deleuze and Guttari talk about curing Schizophrenia in capitalism. This makes sense when we see the limits of consumerism. The market looks for value and that's the economic phase that we are currently in.
We can find value in networks and how we are al connected together, often in random ways. Those interconnections have been emphsized by explosion of information over the Internet. Sometimes it is a different kind of knowledge. D&G discuss the rhizome. How does consciousness establish itself when the parts themselves are not conscious? Here we start to see part of the solution that consumerism could only solve to a certain extent. With unintended side effects that includes pollution and boom/bust economic cycles.
What happens when there is too much unfiltered information, too much involvement with the unconsciousness? D&G talk about this in terms of schizophrenia, and the anti-Oedipus.
Jung documents the alchemical transformation of air, fire, earth and water for the individual. To see it in time lapse in the physical world is something else. It moves the bar past Freud. We see how things are connected, but not in the dysfunctional manner of the schizophrenic @ DSM code 295.3/ICD code F20.0 Making connections and getting past the elements of the unconscious is something that Freud felt might not be possible for the very irrational human.
There is a highly useful connectedness that is evidenced by this rhizomatic thinking that is given by Paul Statmets at a TED conference.
An interview I heard recently by Terry Gross of photographer James Balog had a great comment by Balog about the elemental aspects of fire, water and earth as he saws these glaciers going to die, and exposing thousand year old ice diamonds on the shore. The Nova special will be on PBS called Extreme Ice.
I'm going to order some of Paul's mushrooms to grow on my compost heap or used espresso grounds. This has interesting implications for network authentication and HIT, as well as healthy environments.
Continue reading "Ways to avoid Mass Extinction"
Distributed Identity Medical Security and Privacy
“Finally, federal authorities can
encourage HIT adoption by creating national regulations and standards
in several areas that will improve the confidence of doctors and
patients alike in the electronic management of health information.
These areas include the development of sound guarantees of data
security and patient privacy, as well as the certification of records
that have the capability necessary to support health system
improvement.”
Blumenthal, National Coordinator
for Health IT
The Federal Role in Promoting
Health Information Technology,
The Commonwealth Fund, January 2009
--------------------------------------------------------------------------------------------------------------------
Abstract:
Identity Layer deliverables to connect
Health Network Complex Adaptive Systems to other stakeholders,
Hospitals, RHIOS, Interstate Health Information Networks, Agencies
such as FEMA etc. by population of national identity container other
than centralized systems such as FBI biometric database
(fingerprints).
Those systems can remain as government
internal trusted systems and can also act as Identity proofing
mechanisms for certain populations by comparison of hashed values.
Non centralized system distributed
components form part of an identity meta system or identity
management layer described by Identity Management Task Force 2008
National Science and Technology Council, and also ITU, U.N. Standards
development.
The author argues that national
identity is a shared and valuable resource that incorporates unique
aspects of our culture, and is intrinsically owned by the people who
create and maintain it.
A plan is put forward to allow end
users to participate in a system that will securely network their
local identity to domains or realms that are manged by their
healthcare provider and be able to network that data in a usable form
to other consumers of that data through the idea of meta tagging, and
various ways that meta tagging can be accomplished with COTS
software, and current standards.
An emphasis is put on transparency, and
auditing so the path of the data can be self described, and threats
such as SSL spoofing to web browsers during an https session can be
mitigated for MITM attacks. Without an economical, secure and
private way to network health records stakeholders will resist
adoption even as economic stability threatens the economy and data
will remain in silos.
(This is not a final draft, but a
working paper of initial thoughts as of
comments are welcome, distribution is unrestricted, there is no
intellectual property within this document
Contributions and criticism is
welcomed.
peterb@cequs.com
HIT is a “complex adaptive system”,
it must properly relate to other systems, and maintain function even
when those connected systems degrade in performance. Objects need to
identified, from people to organizations, even down to disposable
medical instruments that present a danger if re-used or end up as
biohazards in the environment. These items must be linked to the
people who use them, and the people on whom they are used.
This can be accomplished in the Bob,
Carol, Ted and Alice use case scenarios of cryptographic systems
where use case actors of these objects can be identified, time
stamped for audit trails.
This means giving identity to objects,
and a container must exist to hold those objects.
If a container and labeling is not
defined, then the risk is that the patient becomes the container of
these objects by proxy, by a failure to identify and track objects
during process lifecycle. The largest working defined container we
have for 50 to 100 million unique objects with defined attributes is
an X.500 directory that scales to the entire U.S. c=US Or country=US.
An open arc for object identifiers is located under the original DOD
arc for the Internet for Cequs, and other arcs are available for
permanent, persistent object identification through ANSI. This
provides guaranteed uniqueness for perpetuity.
Identification of objects in perpetuity
has a very old history where bodies were buried in London from
victims of the plague, (not to be dug up again), and recent efforts
to selectively reconstruct the 1918 flu virus which killed between 20
and 40 million people for study. A similar problem space exists for
spent nuclear fuel where languages may change (will change) in
thousands of years. Perpetual inventory management is required here,
as with seed banks, and other applications. People who choose a
resuscitate order and are put into stasis, will have to have vital
records restored, along with civil rights, and this may include
people who may continue either without physical bodies, (as
information) but digital objects, (with copyrights, etc.) or may have
only partial human content. While futuristic, these legal issues have
already been decided in some countries such as Costa Rica, and
various frozen stem cells created a legal situation here in the U.S.
This amount of data is vast, and it is driving up the cost of health
care to meet requirements. But it has to be done.
Large scale biohazards natural or man
made will require evacuations and will stress health care systems,
the VA with an integrated health care system is able to transfer
records out of disaster areas into recovery areas, but this does not
extend to all providers. Every citizen should have access to their
health records, be able to route them to where they need to go, have
transparency in that process, and physicians or first responders
should have instant access to anyone's health record (say on a
Blackberry) if the patient has given permission to do so, or in
emergency “break the glass” situations.
The doctor is the locality of care, the
system is distributed.
Objects should not get lost, not in the
system, not within a patient. We should never have to ask,
“where's that sponge, Bob?” How
these objects are coded is important, bar codes, RFID, but ultimately
the data has to be stored.
Health providers typically work within
localities. These localities constrain the activities of “agents”
that participate in the system.
What happens to agents that reach a
local maximum or minima?
Patients in the locality may have found
the best or worst health care options though whatever discovery
mechanisms are available. They discover resources.
They may create costs to the overall
health care system that are optimized, average, or very expensive due
to choices made by the agent, choice will always be a factor, since
the agent is going from a position of less knowledge regarding an
outcome, to more knowledge, but even with more knowledge there still
will exist choices.
Doctors describe these combined choices
of a complaint, information gathered about a complaint, diagnostic
codes, tests ordered, referrals made, recommendations and
prescriptions given as work flow.
Within that work flow are combined
decision points, with the data to support those choices and the
software to help interpret and display information, for example an
Hl7 Medical Logic Module.
The defined locality is important to
the architecture of a HIT network, since it represents a set of
domains that differentiate themselves from each other in which the
common factor may be the actual presence, either physical or virtual,
of a doctor or health care professional. Thus knowledge and skills
create their own defined localities, robotic surgery could be done in
the same room, or across a network. In that instance there are
commands, and feedback, as well as knowledge that is flowing across
the network. Since there are going to be interactions, then a local
network will also be created that may be ad hoc, or planned. That
local network will likely have the ability to interact with other
networks.
In the simplest form, the architecture
demands a relationship to the locality of the surroundings which was
first noted by Vitruvius on siting medical facilities near springs of
healthy water so that it would fit in with the healing character of
Aesculapius.
Localized patients may not be so lucky
to have access to such a setting, and a patient in the community,
such as Camden, N.J., for example, might instead forgo a drive to a
rural facility in a beautiful setting instead for a number of closely
situated emergency rooms with expertise in gunshot trauma. The timing
of an episode is critical. Some choices have to be pre-planned. This
means moving decision support closer to the patient by notification
systems. Then follow up to find out status, and not overwhelm the
communication system, and communication to significant others.
It is the combined interactions of
agents in the CAS, which includes other systems on which the medical
facility is dependent, or which depend on the medical facility, which
are extended through networks. These may degrade in unpredictable
ways, a backup generator may fail, resources may be unavailable.
Thus the different types of networks,
along with the localities are what makes a difference. This scales to
local, regional, statewide, inter-state, federal, and global levels.
One of the problems of the Internet is
that it is global, right off the bat. It is the internetwork, and
gives everyone equal access, unless artificial borders are created.
It is thus the goal state for interoperability, as is the
telecommunications network, and the next generation network, but the
Internet itself does not respect domains, or borders, and some of
its users will constantly attempt to violate a line drawn in the sand
that normally would be respected. This challenges the openness of
critical systems, which often then do not operate directly onto the
Internet. At the same time the protocols that underly the Internet
offer some of the best possibilities for scaling to large
populations. In the case of each U.S. citizen this means examining
the network protocols and how they relate to other protocols. HL7
does not require a specific lower layer protocol, but describes
itself as being an application (layer 7) protocol.
If we start with a similar concept, we
find that most network protocols are agnostic of the layers
underneath. Although it would be fun to try a desert from a
restaurant that specializes in the art of molecular food, the issue
of choice again enters the system as to how much one would perceive
it as being a desert with enjoyable features, such as sweetness and
novelty, but how it got there might not be as important, unless there
were other concerns about its origins. From an artisanal point of
view that might be very important, but it would be highly dependent
on conditions at that moment. If a medical instrument used to stop
bleeding had come in contact with prions, the origin might be very
important.
From a pure Internet standpoint, the IP
does not care, so you could deliver a cryptographically secure HL7
message via carrier pigeons if you wanted. It would take some time,
but would be just as accurate as a computer, because of protocol
separation.
The idea of abstracting Identity to the
session/presentation layer adds a great deal of value, as well as
attempting to insert into other layers. It is normal to address
someone by their name if you wish to talk to them. Computer systems
do the same thing, but proxy identity in different ways. Have you
ever typed in 209.85.171.100 into a browser? It is somewhat
inconvenient, right? Yet that is how computers address each other,
and by having global uniqueness (there is exactly one 209.85.171.100
in the world, but more than one computer that will answer to that
address) and many different computers will give that web page, we
begin to see that identity is not a one to one association.
Rapidly identity becomes a 1 to many
association, or a many to many association. With computers, networks,
authentication, authorization, and policies in between, and add in a
difficult knowledge domain like medicine, then one cannot look at the
situation holistically unless there is the correct amount of
abstraction, and simplification. This means there exist basic
abstractions that come before other transactions. They are ordered
and binary.
Abstraction #1 Health is a one,
everything else is a zero. If you have your health, and add zeros you
rapidly gain value, if you have zeros in front of your health, the
value is much less. Health comes first, even if people have no money.
Good health creates wealth.
Abstraction #2 If something is too
complex, attempt to simplify. But not too simple. (Einstein)
Abstraction #3 Look at the problem a
different way by using creative problem solving. Triz is one
approach, “Inventing is the removal of a technical contradiction
with the help of certain principles”
according to Altschuller.
What
are a few inherent contradictions of the health care records system
attempting to reach level 7?
HIT
was originally designed for billing systems, not patient centric
care, it was to keep up with insurance systems.
Insurance
systems were built on two mountains of technology and data
Executives
enjoyed parties on both mountains on OPM.
IBM
AIG/Insurance
Companies in general who leveraged computers
Health
care reacted to those mountains (fought fire with fire)
400
software billing systems emerged
Organizations
built within own domain
Systems
did not communicate (silos)
Systems
had different views of patients
Non
cost centric clinical and office management software emerges
Not
just about billing
Changes
interactions more than billing
Billing
requires inputs of codes
Clinical
procedures require codes
Codes
have to be translated across systems
Standards
enforce business processes
Standards
such as prescriptions
Drug
interactions flagged
Does
not inherently change process
Process
is more than technology or standards
Patient
can opt for different processes
Potential
different outcomes
Time
to heal
Costs
Coverage
Expertise
Contradiction:
Adoption Inhibitor
Sometimes
aids, sometimes inhibit work flow
Contradiction:
Work flow is it's own issue
Errors
still occur
Computers
do not inherently reduce errors
Business
process model reduces errors
Rules
Roles
Does
not develop business model
Billing
and revenue is business model
Incentives
not present
Business
model is contradiction
Patient
centric is 1
Incentive via patient
eccentricity to increase value
Contradiction:
Manipulation of patient as a consumer
Freudian understanding of
behaviors to consumerism
Wants instead of needs
Economy crashes on too much
ID (wants)
Economy crashes on only needs
(insufficient demand)
Unconscious, Id, Ego, Superego
Consumerism as replacement for
democracy no longer viable
Increased citizen interaction
(may not be experts but cross domain, usefulness)
Individuation next step from
Freud
Same monsters, different
results if elements are defined
Unbound elements do not need to
appear as events
System opposites security v.
Privacy appear as integrated whole
Unconscious is not manipulated
though advertising, public relations, spin.
Basic needs are met, higher
level needs developed
UNHCR integrated
Room to innovate
Patient centric, treat people as
individuals
Do not create co-dependencies
Rebuild citizen inputs into
system
Town hall meetings for
requirements
Make contradictions clear
Politicize issues
Politics about scarce
resources (David Eaton)
Make current trade offs
evident
Raise the bar for trade offs
that are contradictions
May disrupt current status
quo
Circles of Power (David
Truman)
Inner circles
Detectable by gatherings
featuring >U15 size shrimp on ice
K Street influence
Government/private
revolving door pension plans
Policy Wonks
Influential Loggers
People with more than 4
sets of initials after last name
Corporate Influence (Under
K)
Providers
Associations
Legislators
Experts
Authors
Outer circles
Consumers
Lay People
Citizens
Disenfranchised
Shadow economy workers
Network citizen inputs
Change consumers (choice/brand
pickers due to fear, optimization) to citizens.
Basic authoritative
information on Web
“Should I get vaccination?”
What is the time I should do
this?
Decision Support
Can I pay for this?
Should I fly to India to get
this done?
I got the money, I'm going to
Mayo
Empower citizens
What are actual systemic
costs for everyone?
Other than HIT what are the
potential savings?
Understand behavioral costs
Smoking, obesity (system
savings)
HIT (system savings)
Fixing system (system
savings)
Not changing what works
(preserving investment)
What are systemic
connections?
Unique citizen role
Not tied to official role
Can speak in multiple
languages not just official language
Understanding economic threat
Current system parameters sinks
economy due to resource consumption
Tied to consumerism
Tied to victim injury model,
lawyers versus doctors
Tied to adversary model
Tied to economic bubble numbers
for UN-insured
$13,000 for 3hrs care plus
diagnostics
Insurance company pays less
(one tenth?) than patient out of pocket
Built in societal inhibitors
(must stay in current job, per-existing conditions)
Freezes movement in job market
due to risk
Discourages disruptive
innovation
Deification of status quo
Encourages consumerism (does
not address needs)
Palliative approach to
problems, proxy appears in different areas
Whats an EMPI?
Gateway to SOA within enterprise
Ownership of patient
identification
We provide integrated services
to them
We can tell them apart
We know them
We are on the way to Level 7 EMR
If they are not in the EMPI, we
don't know them (as patients)
Indexes work fast
EMPI requires registration
Registration is essentially
local
May require already processed
referral
Referral comes from per-cert
Originates from primary care
physician
Approved by Insurance
Capitation requirements
Is an outgrowth of billing
function
If first time in system,
identity is unknown
Requires history
Requires consent
Requires back up billing
guarantees
Contradiction:
Patient centric system should recognize patient
Patient as “US Friendly”
Wide Scope
Identity Management Task Force
Report 2008
National Science and
Technology Council
May not require citizenship
per se
Health comes #1 so immigrants
also
Uniqueness for undocumented
aliens for uncontaminated records
Contradiction:
Otherwise recycling of SSN occurs
Contradiction:
Billing Fails
Contradiction:
Medical Identity Theft
Processing outside of justice
system schema
Heuristics to connect with
justice system schema
Trusted third parties
Simple enrollment
Allows for routing of medical
data (does not specify format)
Tags create special
handling, priority in network
Location independent
End to end FIPS-140, AES
Level Encryption, Keystone, Revocation
Common Criteria, Relevant
security standards, etc.
Use knowledge domain to discover
patient eccentricity localities
Cost effectiveness
Everyone enrolled in situ already
Do they meet routing and
security sharing standards?
If not upgrade at minimal cost
Route over VPNS or Internetwork
Identity Proofing Sweeps Data to
best known version
Corrected by end user or agent
of end user
Data trawling prevented
Clinical studies opt in
Transparent policy
Identity outside of records
Records stripped of PII
Linkage to separate PII
(indirection for SOA)
Government at Organization level
Public-Private Partnership
Very low cost
No specific source (not
centralized) identity meta-system
Patient chooses authoritative, or
several authoritative providers for information
Multiple backup locations
Complete audit trail
Voluntary
Open to all participants
All actors covered in use cases
All actors in business process
models in UML
pre-post constraints defined
data dictionary defined
schema and attributes defined
(X.500 root)
webservices defined (Oasis)
contradiction:
only one model of many, outside of SOA bus
master
record header contains PII
security defined (various)
threat surfaces defined
(attackers)
risks defined
contradiction:
PII data spills not currently contained
risks insured
CMMI process improvement model
Project Management
Continue reading "Distributed Identity Medical Security and Privacy"
Thursday, March 19. 2009
Gate
Identity Management Task Force 2008 National Science and Technology Council
Continue reading "Gate"
Tuesday, March 17. 2009
Distillation of Names How-To
notable Greeks, during which he briefly stepped outside. Suddenly, the
roof of the building collapsed, killing everyone inside. During the
excavation of the rubble, Simonides was called upon to identify each
guest killed. He managed to do so by correlating their identities to
their positions (loci) at the table before his departure.
An early example of mapping identity to loci in disaster recovery, cited by Cicero.
So I was wondering exactly how one might start doing this distillation of names, or rectification of names alluded to by Confucius, with due propriety, etc. with the limited resources I have on hand and I'm still convinced that on national scale it makes sense to leverage the value of place, or genius loci.
Many of my fellow networked identity designers consider anything less than global, or personal (host based) to be insufficient, but that has an unintended effect of forcing the U.S. government to build in a back door into the system or continuing to rely on mass identity aggregation.
The fact is that the government has to have some limits in this regard, it is fundamental to the design of the constitution.
At the same time it needs to share information effectively.
What has happened up to this point is that government has been limited in terms of numbers of career employees and thus has employed a large number of contractors. It has been very lucrative for ex-government officials to leverage their former social networks, and after so many years of service, this is a typical strategy for many individuals to make lots of money in the private sector while still doing government work. The fact that this is a somewhat expensive approach brings us into the land of unintended consequences, but one that is very well understood by the participants. It has the effect of creating good plans but not always the political ability to implement them, sort of like Hollywood movies, they start out, and get made years later, with different writers, a different studio, and different producers. If it gets made at all.
In fact do we even need to talk about it? Haliburton, AIG, and Wall Street have the problem that these are specialist roles that we largely ignore. Those that fail to ignore it are fired. So we are consumers of the news from people who supposedly are in the know. But they are looking at the results, the deals, and are reactive. They don't communicate "how are we going to wind down this problem" when so many people are invested.
Until it all hits the fan, then we talk about it incessantly. This is Jon Stewarts point about media irresponsibility. It is not about Cramer. Sometimes it takes fake news to get to the real news when the real news is fake.
It's not a meta point at all, if there "weapons of financial mass destruction" and the financial press does not cover, or make known the risk to the general public, they are not doing their job. It's not like someone is right, or wrong, that's always going to be the case, because the bears are going to get killed during the run up, they will be consistently wrong, until they are right. My point is that is very different than placing money at some degree of risk, and getting some reward, because it's an issue of false information. That is what makes it a scam, rather than being irrational. The checks and balances don't work because people are being paid off in numerous ways, right down to the immigrant doing drywall. At the same time you have this massive identity machine which is supposed to, but does not impact this. And when someone is courageous like Spitzer to start to unravel what is going on, there's plenty of personal scandal to be unsurfaced from the overall surveillance database to stop making any progress in real reform.
The same people cycle between these roles in and out of government because we think they have the knowledge. What do we logically expect? I bake bread, why should I care about credit default swaps being sold in London to Morgan Stanley? In fact people do care, but the system is largely set up to make people unaccountable. And people will not see this while riding the bubble. They see their house going up in price, and therefore they have some equity which they can spend. They don't see the part about securities dealers mixing in bad mortgages with AA rated securities and re-selling them as tranches. They don't see AIG backing the entire scam. They don't see the AIG auditors being fired for trying to uncover and correct the scam. And of yet, the FBI has not uncovered the payoffs. But the public has.
It's just that we are all complicit in the scheme of a real estate bubble, and although people have lost money, they also made money on it. So the public is complicit, but there are individuals who actually broke the law in handling mortgages, repackaging them into securities, and then selling them in very complicated, unregulated markets, which created a new form of wealth. Into a global system. These mortgages lost their identity because of how they were re-packaged, so no one knows what they are worth, so the credit markets froze.
AIG was backing them up with the CDOs so the government bailed them out. But since they put up the entire money making part of AIG as collateral, the risk aware part, they leveraged high risk, with low risk. An interesting twist, since Spitzer made them settle for years before for multiple billions about taking tax write offs for risk that was supposed to have gone to a re-insurance pool, which was supposedly owned by someone else, which had the effect of propping up the stock price. However, in a massive case of identity fraud, the company that was supposed to be pooling the additional risk was actually owned by AIG! Let me make it crystal. They hid ownership of an entire company and no one noticed, at least not right off the bat. And the executives kept quiet about it. Well some of them anyway. And now we own AIG. How ironic, since their internal politics which was essentially limited to a small group of people, has now spilled into national politics.
Hippocrates was right, they don't need a doctor, they need a barber. But its like the original Alien movie, you are sitting around the spaceship eating your breakfast, and then bam!
Therefore no transfer of risk, therefore no tax writeoff due, therefore stock should have gone down, but did not due to fraud.
And why? Because no one really understands what companies actually are owned by AIG. They chose to keep that information at the executive level. It's like a great deal of information that no one actually knows, certainly not the insurance regulators, since this was an office in London. You have to an executive, (or an Identity Management consultant) who worked for AIG, to grasp this just how vast they are. And when you don't get it, and the political relationships, then they are "too big to fail", and we transfer billions of dollars into this shadow banking system, since AIG was in effect acting as the FDIC for that system.
So why shouldn't the branch mangers there not get millions of dollars, for the billions of dollars they lost? It was their payoff in the scam.
Privacy advocates have been able to deconstruct the how of telecommunications being split for mass data retrieval by an etalon in a regional telecommunications facility, but have been remarkably deficient in explaining why the NSA should choose to do so as policy and the costs to society of doing the same. At one point your average NSA signals intelligence nerd would have an equally hard time justifying scooping up all that data traffic of U.S. citizens, because at one point it was expressly against the law. We understand why they would tap the satellite phone of OBL, but our military talking to their families?
At the same time there needs to be a global solution, but that is not entirely the same thing, and that set of solutions should in fact be different. So I have c=US, based on the technology of 1993, and then the global identity layer, which is based on different technology, personal DWDM. If you look at the development of both telecommunications, and the Internet, and how and why the protocols are the way they are currently, this should make sense.
I certainly understand it when it comes to a distilled name, and namespace that created a distinguished name, etc. in the X.500 sense, which is sort of the CS approach but I was wondering if there was something basic that I had not yet grasped. So I started playing around with the idea and came across the ancient Egyptian concept of unification of names, and what they had done to try and unite Upper and Lower Egypt.
If one looks at the KV34 site in Egypt there is this story of unity of multiple identities that has been translated into English as Book of Praying to Re in the West, Praying to the United One in the West. Ra or Re, has multiple identities, some of which are well known. Having multiple names is a problem, in terms of multiple systems, but as the old SNL sketch goes, it does not matter what you call people, if they are ok with it, so you can call him Re, or Ra, or Ray. J. Jr., it does not matter. However, it is difficult to login or keep track of different user names, partial identities, nicknames, avatars, and common names. So out of that how do you get Unity? My theory here is that you distill it into a living water, or an aqua vitae. (BTW it is St. Patricks Day so I will be exploring this concept with soda bread and some Jameson)
A spirit. If you start driving fast cars after you make this moon shine and start watching NASCAR, that's a whole different story, (you may be a redneck), this is a networked software based solution.
In terms of Re names or forms, the dung beetle was very common, since it fertilized the ground by rolling balls of dung into its hole. That was translated into the sun being kept in the underworld at night, and being reborn each morning. This particular belief, or motif, or theme had rock star status in its day, being written on all sorts of amulets, monuments, documents and so on. There is this concept of sun equals authority. Along with this common theme are also over 26 other versions of the same idea.
So where does the unity come from?, he's not one of your monotheistic gods. Not only that but he and the Pharaoh are on equal footing here. Theres an early story about a rebellion against Re, from a previous golden era, and during that time, there was no darkness, and hence no need for a circadian rhythm. After he killed most of the people with a mass extinction, which seems to the standard god solution to most of these squabbles from Abrahamic religions to the Popul Vuh, he had to find some place for all the dead people, and thus the underworld was created. Traveling to the underworld is very tricksy business, especially for the South American Quiche, who had the legends (and reality) of the pre-Naismith era final four, or final two. With an emphasis on final. Beating the underworld, or dealing with it, or even surviving it, with identity intact is a pre-occupation of both the Pharaohs, the ball players, and anyone who risks their personal identifying information to modern computer systems due to identity theft.
One of the versions of Re has him wearing a stove pipe hat, besides the traditional hat that one sees more often. At one point Re and the Pharaoh are merged as the same or equal beings, and in the underworld they follow the same journey, in a daily cycle of death and rebirth. The creatures of the underworld apparently suffer from some memory defect, since they don't recognize him, especially when he appears as a migratory bird, but unlike most Re, he is able to speak to them, and therefore they recognize him, before he emerges the next day.
So this obviously multiple, yet united idea for identity is interesting, as is the idea of authentication (coming in a different form such as a migratory bird) so the various full time inhabitants of the underworld don't trap him there, as they do others. Essentially, one of the characteristics of the underworld in the Egyptian and Hellenic senses is the inability to leave.
One of the few characters that is allowed to leave is Hermes. The hermetic tradition is the basis of alchemical distillation that was current up to Newton, who was himself a practicing alchemist as well as a brilliant physicist. This power of speech to explain things is very hermetic. So is the shady character of Hermes. He is born and immediately leaves the cave to go up and steal cattle from Apollo. A cattle rustler.
Then he turns around and creates the Lyre from the cattle intestines and gives the Lyre to Apollo, and creates propriety, a sense of balance. That Pythagorean arrangement of tones is composed of both mathematical theory, and actual vibrations picked up by humans (and gods) as harmony. This underlies the concept of things with are of accord, and discordant.
Democritus had original idea of atomic theory. The librarian at Alexandria had measured the circumference though the use of a stick and a well thought out experiment. The Antikythera Mechanism (probably limited to the very rich) was a complex analog computer that could predict eclipses, and when the Olympics should take place. It would be a while before Babbage started the wheels turning on the difference engine, and WWII at Bletchley Park where Turing would apply his talents to decoding the outputs from the Enigma. We authenticate using cryptography today.
So Re has multiple identities, but is united in the west. In Epidaurus, Aesclepius has the Tholos built, and the floor is a heliocentric map of the known solar system with the orbits of the planets. Its the same basic plan as the Kiva of Hopi, and Hermes is called upon there again as the trickster, I assume as coyote, who puts the stone on the portal to the underworld, again enforcer (and guide) of the different levels. He also shows up as Loki in the Norse sagas.
The sun in the center sends out arrows, or rays. The lyre is there, so music is also there, so we are distilling the concept.
The patients encounter the Tholos as a way to communicate with, but not live in, their unconsciousness. So the Tholos works as ancient diagnostic machine, leveraging universal forces, (like gravity) and resonance (through harmony and alignment) with input from the unconsciousness (psychotherapy), but with suggested cures, (go get more exercise, etc.), that we build currently as a super conducting quantum interference device.
In short Tholos was a symbolic version of a MRI. And the theater next door supplied the catharsis of subconscious images brought to the stage, so they did not need to be internalized by the patients, with predictably tragic results. Throw in a sphinx that asks riddles, and you got some great entertainment. This then translates to the more modern theater (passing by the Passion Plays) of the bard, and into modern theater that plays with the wall separating the audience from actors. While the bard has his role, so to speak, in the fates of star crossed lovers, where does the distillation of names take us?
The outside of the temple has multiple columns which mark the solstices. A labyrinth underneath or nearby is full of snakes that aid in healing. The rod of Aesclepius is surrounded by a snake, in a sort of mobius strip, and becomes the symbol for healing which is turn linked to a constellation through which the sun travels (zodiacal) which in turn is not part of the standard 12. A missing part of the Zodiac to be filled in by symbolic identity management. Go ahead, find it, and when you do, you can update Wikipedia, just do it before Colbert finds out, he's already doing a great bit on the Vikings and Armageddon.
The names become a problem in Judaism because at one point it becomes impossible to talk to god. Yet the letters themselves are directly connected. In terms of a feedback loop there is the famous Urim and Thummim device, which was originally in Solomon's temple. Some Rabbis argue that since talking to God was no longer possible, the breastplate of the High Priest would light up when presented with a question, and a light would appear in various jewels on the breastplate in a pattern that indicated the answer. Others believed that it was a divination by placing rods with yes or no, and picking one. The Chinese casted yarrow sticks to consult the book of changes with lines solid or broken, forming trigrams and hexagrams. A sort of interesting path in the protection of names would be the line of thought that a lost tribe of Israel did in fact make it to the U.S. at some point, in the same way you find Jewish artifacts in Africa. If they had sacred writing they would have had to bury it, if they could not continue. It would not just be a treasure, per se, but a respect for the name itself in the same way a terma would be hidden by a Buddah. The uncovering of that would require an emergent property, of time and place, or a cledon, (key). The key is not lying around, but produced from what otherwise would be meaningless.
This also would be a maintenance of names, or a Shemot in a Genizah. The metaphor of activation of a golem hidden in a Genizah by inscribing on its forehead a letter, giving it life, as a kind of doomsday device is not entirely lost.
Joseph Smith rediscovers the Urim and Thummim device in the U.S.according to the Book of Mormon, and thus is able to transcribe the book from the tablets which otherwise would be unreadable, and they begin a massive effort in preserving family names and genealogy in a distilled form. Certainly there is a native U.S. fascination of being in touch with a holy spirit, or depending on one's religious bent, the holy spirit, which would result in glossolia, and that in turn can be viewed as inspiration or meaningless babble. Which is interesting, because if it were something non-random it seems something would appear out of it.
To touch Marvin Minsky for a moment, "A frame's terminals are normally already filled with "default" assignments" Thus one think that there would be some coherence present in any names uttered while filled with the spirit. If one were attempting to work with basic design patterns of the universe, these would be the defaults, like the heliocentric pattern. Or not. Minsky talks about the patterns of frames 9accessible in this case via the Orant), as generalized, when there is no specific proof, and subject to replacement if something more accurate is realized, a sort of hypothesis which then is filled in, or replaced by a better model. To locate those frames, a matching algorithm is created, and thus names provide a handle into that system, but gradually acquire some status when the system becomes more static and hierarchical, like Linnaeus, who created taxonomies that could then be named.
So partial information is the norm, but we want some evidence of distillation of names. How about an extended value digital certificate?
A frame, once evoked on the basis of partial evidence or expectation,
would first direct a test to confirm its own appropriateness, using knowledge
about recently noticed features, loci, relations, and plausible subframes. The
current goal list is used to decide which terminals and conditions must be
made to match reality.
So isn't that what we are doing when clicking on the browser to assure ourselves that the name is distilled, we are making test to confirm noticed features that the browser is supplying, or not supplying, such as loci, and whether the subframes are plausible. It used to be a sniff test when it came to spam, but faked and real websites can look very much the same, fake SSL certificates can be generated, DNS can be poisoned, etc. Ultimately the identity of truth or falsehood will come out in the wash, but at what effort. I hear you can make a lot of money with Bernie Madoff, or flipping houses can make you a lot of money because I sent away for the kit from the guy on cable tv at 3 in the morning. If it works now, where does it fail the sniff test of the subframes later?
Continue reading "Distillation of Names How-To"
Sunday, March 15. 2009
The Alchemical Distillation of Names
The topic is continued as to whether man is the measure of all things, or whether there is a metric standard for Identity, and specifically national identity. Right now there are discussions regarding the use of cards to represent identity, a recycling of the older v-card concept, and one that is fairly well known, since people use cards to convey their communication access points, and known physical locations.
These identity attributes can be considered to be PII, but it is really more of a matter of putting some reachability information into a larger network. PII in the privacy sphere may be the information that you do not want to share, except in situations in which you give a form of consent.
What is interesting is the user centric nature of cards, (except for managed cards) which test the ability of a self issued claim to be accepted. My personal experience with the various forms of ICards is that they don't yet have the ubiquity necessary, but represent a needed evolution.
Oasis is working on a meta-layer for acceptance of the Icards. If I am totally caught up in my development environment, either in Linux or Microsoft, I can get an Icard to work, including a managed card with a secure token, but it is very operating system centric. If I'm in the Microsoft world, it works pretty seamlessly at this point, although this was not always the case with various software updates. Trying to use my self generated ICard that is not Microsoft, not such good results, so I'm looking at WS security and wondering to what extent is will be a "standard" or an extension of a specific form of software.
How would we see the transformation of identity, by alchemical means, via Hermes, a typical example being the distillation of the alembic, a purification, heated by a furnace, and then cooled down. The alchemical process, as described by Jung, is mirrored both in psychology, and the actual physical world, providing a kind of object oriented approach. This is not a top down, or bottom up view, but levels that are linked to each other in ways that are not obvious.
This linkage can also extend to resolve ideas that are, often in a fundamental sense considered to be opposite, and the union of opposites is a very powerful and useful concept.
It is this process which creates individuation, which otherwise would be a sameness, and a loss of being able to clearly distinguish between this and that. This does lead to some strange loops, in regards to identity, if one considers the "identical" definition of identity, which means identity relates to individuation, having both same and different elements rooted into some sort of context.
Some opposites chosen by Jung are listed below. One of the basic concepts of alchemy, "what is above is below", seems to follow this theme. The practical ability to distinguish names means a refinement from a common name, which requires a fairly long string, which have attribute value pairs. This uniqueness is an engine, or furnace to create additional distillation, or services which are bespoke to the individual. This series of steps is necessary, but ultimately has its own limitations that must be overcome. The ladder is necessary to reach a certain point, but then it becomes a limitation and must be kicked aside.
The Effective and the ineffective.
Fullness and Emptiness.
Living and Dead.
Difference and Sameness.
Light and Darkness.
The Hot and the Cold.
Force and Matter.
Time and Space.
Good and Evil.
Beauty and Ugliness.
The One and the Many.
One of the early experts in medicine, Avicenna, invented an alembic to create essences.
Can names be distilled, rectified? It's certainly an interesting concept, because along with this idea is the idea of adulteration, where words and names no longer represent what they did, and therefore lose value, or worse yet, they come to represent their opposite. There is also the sheer fact of inaccurate information, duplicated information regarding people, which can best be addressed by getting people to update information themselves. If that is a one to many association, this is a chore. If the end user is the source of authoritative information (which still can be verified) the one to many association can be managed using more effectively in a pub-sub arrangement.
Pollution of names
Names which no longer mean what they say are propaganda, explored in depth by Hannah Ahrendt.When we discuss about why and how we discuss, this gets to a "meta" level, which can be difficult to keep straight, if only because there is such a long history of thought that must precede any discussion, with people taking positions over thousands of years.
Boundaries begin as an outgrowth of the forces that animate the earth, creating a gap that law is supposed to fill, like the all thing, and law rock that formed the first parliament, located right on the fissure of the the North American, and European tectonic plates.
Virtruvius, who inspired DaVinci, places a great deal of emphasis on place. Literally it is not something to be ignored. Place is special, because every place has a character, that character is transmitted to the people who live there.
There are exceptions since expressions of certain migrations, gangs, or cliques extend to anywhere. That makes certain forms of culture, say Crips and Bloods exportable to suburbs, and Mexican drug cartel violence out of Mexico to anywhere in the U.S. based on transportation systems and migrant populations. This exportability and objectification of place is dealt with very early on by Vitruvius, as sign and signifier.
Skip from Roman times to modern Rome, and you have Umberto Ecco saying the exact same thing in his works on semiotics. Or even in his popular works like the Name of the Rose. We might suppose that Paris really is a movable feast or Nathan Detroit can keep relocating his dice game anywhere, but there still is a unified thereness that says Paris is in its individual neighborhoods, and Nathan Detroit is in New York and not Chicago. Some of the context of uniqueness of place is not dependent on sameness, but on the reiteration and re-discovery of it's uniqueness, a pleasing repetition of the Fibonacci sequence, a melody that hangs together because there is a inner harmony.
That place looks different with different views. A flower looks pleasing to us because of the symmetry and color, to an insect that will pollinate the plant, it looks like the markings of a heliport. This multiplicity of meanings is self explanatory and does not take away from the essential nature of the rose.
Despite all the rushing around, there is a sense of place, or as Vitruvius put it, a natural development that aligned forces from a specific place. That aligned the elements of the architecture around basic concepts, one of which was symmetry, another eurythmy (practiced most recently by those exposed to Rudolph Steiner), and also propriety, economy and order. Propriety, was very much in the mind of Confucius, in terms of making things fit, in all sorts of situations. In particular the importance of naming in creating that propriety in the architecture.
A superior man, in regard to what he does not know,
shows a cautious reserve. If names be not correct, language is not in
accordance with the truth of things. If language be not in accordance
with the truth of things, affairs cannot be carried on to success. When
affairs cannot be carried on to success, proprieties (li ) and
music (yüeh) will not flourish. When proprieties and music do not
flourish, punishments will not be properly awarded. When punishments
are not properly awarded, the people do not know how to move hand or
foot. Therefore a superior man considers it necessary that the names he
uses may be spoken appropriately, and also that what he speaks may be
carried out appropriately. What the superior man requires, is just that
in his words there may be nothing incorrect
Analects 13.3
That fitment was also dependent on the overall spirit of place, or genus loci. For health, he recommended exposure to good air, for architecture of health, he wanted a pastoral setting that would encourage the natural spirit.
Finally, propriety will be due to natural causes if,
for example, in the case of all sacred precincts we select very healthy
neighbourhoods with suitable springs of water in the places where the fanes are
to be built, particularly in the case of those to Aesculapius and to Health,
gods by whose healing powers great numbers of the sick are apparently cured. For
when their diseased bodies are transferred from an unhealthy to a healthy spot,
and treated with waters from health-giving springs, they will the more speedily
grow well. The result will be that the divinity will stand in higher esteem and
find his dignity increased, all owing to the nature of his site.
A familiar concept in Christian belief is transubstantiation. Identity now, and identity later, but identity later is based on going through the design pattern of the gateway, the entry to, and exit from the physical body. So we do need to go beyond birth and death vital records, to Maxine's concept of long term digital identity.
Maxine funded the great mambo chicken idea of uploading your various identity artifacts into a permanent digital storage. A helpful idea, and even a more helpful idea if you are pursuing the path of dealing with multiple incarnations, because, (just like they identify the latest incarnations in Tibet, by showing objects and toys, favorite items to the child that has appeared out of the Bardo Thodal), you would have the option of picking up where you left off in a past life, sort of the ultimate Memex.
Descartes proposed you got there by activating the pineal gland. This could happen unavoidably at death, or deliberately by sleeping. The gland secretes melatonin, which is a synchronizing force for circadian cycles.
So the rectification of names is the start of governance according to Confucius. He has a good point.
Renaming "captured soldier" which fell under the Geneva Convention for humane treatment of enemy soldiers, to "enemy combatant" gave former President Bush leave to torture prisoners, as documented by the International Red Cross, which did independent investigations at Guantanamo. President Obama has rescinded this designation.
While these people were actually tortured, that had a bad connotation, so another term was invented in it's place, since "torture" was illegal. This propaganda is very Orwellian, very 1984.
Can we go past our Cartesian concepts of identity duality by a quick check of the pineal gland, our often quoted "third eye"?
Or is the invocation of names enough? Given the proper distillation, maybe that is enough. According to the Taoists, a quick recitation of Guanyin would be enough to forestall torture, but that would be hard to do with a cloth over one's face, strapped down, and water being poured over the face to create the feeling of drowning. The Taoists believed that Guanyin could instantly appear and fix things, like shipwrecks, torture, etc.
One could say, "9/11" was so horrible, certainly it was justifiable to torture these people, people that might have been directly involved". That was the position of certain people in the last administration. That further extended to a loss of national identity, since the administration no longer trusted its own citizens, largely because it failed to follow the law itself. It reverted to a pre-legal stance, and the choice of words is deliberate, since in some respects it was able to retroactively get its actions declared legal. But the pre-legality is different from illegal, it is essentially a lower form of trust where there had been a barrier to tapping the phones of citizens, and then the officers of the NSA then began to intercept phone calls of U.S. citizens which was in violation of the charter, which was focused on national security. All of a sudden there was no distinction, and thus in the virtual world of telecommunications, national identity was affected. What has not been addressed so far would be the actual interference of communication, rather than passive intelligence gathering, which would be a freedom of speech issue.
I don't mean to sound hypocritical, but the horrible events of 9/11 represented no form of justice what so ever. It was an opportunity for the Nation to learn how to protect itself, and protect itself by asserting our humanity. We could have done so. Instead we squandered that good will by attempting to impose a police state, a reaction that OBL wanted.
All those reactions were not the compassion that the 9/11 victims needed. Were they understandable? Yes. Could they have been transcended? Yes. There was the opportunity to heal.
Hell could have been turned into paradise, but instead, we saw the reaction spin into a failure of names, and we chased ghosts around the planet, off this cliff, and another. We tortured and called it something else.
It is not like this has not happened before, our civilization has condoned torture in different time periods, in different places for a variety of reasons, using a fiendish assortment of tools and techniques against people, guilty or innocent, who would be eventually willing to confess to anything. And the evidence that was gathered, destroyed.
So to rectify, is to reestablish the value of names.
To show compassion. To show so much compassion, such boundless compassion that our national identity transcends the horror that we sometimes find ourselves in, and extends itself through time. The interesting thing about these types of things is that no country is without blame, but once that is understood, the question then becomes how to move beyond.
It is a time for healing.
Continue reading "The Alchemical Distillation of Names"
Sunday, March 8. 2009
Alignment
We have often thought that things have to be big to scale, big government, big business, big everything. And then someone said, hmm, small has some great potential. So we invented microchips, and nano-technology and have developed great value in small.
At one point people figured out "connected is good", and they shipped around the world, creating vast value chains that existed for rare items that could sold at profit where these items did not exist, and a global trade system evolved, along with political concepts such as merchantilism. Nations bankrupted other nations, nations even addicted other nations. The world became globally connected. The world became capable of destroying itself in 15 minutes.
And the world became oddly similar. There was a demand for sameness, not just standard roads and rails, but common outlets that resulted from these value chains. This is not a new thing, cultures and economies became fixated on similar materials and technologies, concrete, steel, and working those things into complex, interrelated systems providing more and more value.
But if you go to Braddock PA, or Chester PA, you can see the remains of what these big mono-cultures achieved. You have some brilliance, say the first Carnegie Free Library and you have ruins.
The same goes for Detroit. It's not like it hasn't been happening for a while. Take a few minutes and contrast my childhood in Michigan watching movies about the ever expanding car culture, and the fifties following the horrors of WWII, and the Hopi theme of balance with nature. They deliberately kept it minimal so they could live where no one else wanted to go. They took the small corn, the one that was not mixed with anything else. We took the larger corn and mixed it, not only genetically, but culturally.
It's not that we did not appreciate nature. We just had to head north in our cars to get there. But is was that unbalance, the monoculture that probably would be fine in small doses, or distributed. It just warps things.
Watch this movie about the unbalance.you can watch it for free on Hulu. When that unbalance started invading the virtual monetary world, we of course faced the same crisis.
There was argument in 1800's regarding industrialization versus agrarian goals. Whether the industrial mechanisms which produced jobs and goods could do so without ruining the country. The Schuykill was already polluted, people still celebrated Tammany, in trying to stay in touch with the native cultures. They sensed they had already lost something, but there was always the opportunity to pack up to a less polluted place, for some.
Work in the factories drew in people, and for some it was good work and money, if dangerous. But the idea of producing goods for a national, or global market began to create strains. To pull off these big things required massive resources, and talented people. With systems this interconnected they became very complex. Looking at a matrix of what a natural disaster does, show all these interconnected systems. When that's the only way to interconnect, then there has to be a way to achieve balance. Clearly, we don't want that balance imposed on us, it has to arrive somehow from our existence. When some of these systems fail, they don't degrade gracefully. It's not like some of these large degrading systems are not built with the best of intentions, or to meet some pressing immediate need. There has to be deconstruction to see what network effects various actions will have, something that artists can show us.
In "Three Standard Stoppages" Duchamp explores the idea of the metric standard, but adding the element of time, the 4th dimension. By dropping a meter line, from one meter, the shape changes, he then cut out shapes and used those shapes as templates, and in another work. If networking is essentially about topology we begin to see artists confronting the 4th dimension attributes by using COTS, or as they put it, "Readymade".and wonder how the 4th Dimension can be leveraged for Identity. Not just time/motion studies, but how time can act as an emergence factor, part of a natural Fibonacci growth sequence that is sustainable and less likely to crash.
In terms of standards or "Etalon", the meter uses the earth itself for reference. One ten millionth of the distance from the equator to the north pole. So not only is it exact as it can be, but it is designed to scale to the earth itself. As opposed to man, and the concept that man is the measure of all things. The all thing is now more a part of Duchamp's stoppage, or invisible mending, or the connections between the thousand plateaus.
As we grow more comfortable with standards we then look to hermneutically link humanity with those standards, something that I have attempted to research in showing some threads of the invisible mending.
So it's clear, that the idea of dropping the thread a set distance, from a set length began to play with the standard, and actually to interact with the standard. And this then sets into opposition those who can quickly revert back to the heuristics of what humanly makes sense, what gets the job done, without requiring all the "metrics". Those who can quickly judge the various parts and make something come together, make pieces come together that fts, in short a rule of thumb. How to accomodate both, because we crave both accuracy and humanity at the same time. But time changes that. Sure you can serve billions of something, and it may not be the best, but it is consistent, it may not be the best, but it won't kill you either. Which I think is the appeal of brands and value chains which replicate standard goods and services. But on a large scale, that of the U.S, which is the point of the blog, what caused us to get to this point?
For this I think the "all thing" is important. One can look at the division of lines on a map and realize that over time, those lines are going to be redrawn. But people settled, and named themselves based on occupations and geography, and sometimes stopped migrating, took root as it were.
For the U.S. we of course encouraged movement, (with exceptions) but came to what seem to be natural boundaries. Sea to shining sea. The fact that it was not always so, and the costs associated with that expansion are of course worth discussing, as are the costs associated with maintaining those boundaries.
Let's just say, it is what it is. We are not trying to take over any more territory, as was the practice of the colonialists, or create a merchantile economy, or an imperial political system that wants to impose our will on the rest of the world. We have the Monroe doctrine, we had a Bush doctrine, (even if no one could remember what it was), but clearly we have a sphere of influence that is larger than our sphere of ownership. The doctrine about where the U.S. is in cyberspace apparently is defined here, and by various cyber security folks at the NSA, since the alphabet soup of cyberczardom seems to be torn between the model of we have no one in charge of the Internet and it is all host based, to something else. To be clear, I'm claiming a virtual image of the U.S. in the 5th dimension, and did so when I renamed the U.S. to honor Native Americans. To be more accurate, it's a form of stewardship so that we don't suffer the slings and arrows of what the Hopi described at the U.N. I certainly am not the pahana, but I'm willing to acknowledge that fact in the way back machine, there is a major problem, an ethical problem that has to be resolved. The way back geological machine that supports our existence, and can, if we are not careful, result in mass extinction. Thus in the requirements analysis I literally leave no stone unturned, (especially the Fire stones) and can trace the requirements back thousands of years.
When we do that, as was the case of the neo-cons, it was based on the intellectual sense, if not the practice, that we were not telling people how to be, but allowing them to be themselves, by exporting democracy.
But in practice, as Bruno Latour put it, it's not just as simple as inflating a large rubber raft and calling it a legislature, so the mechanism of how that takes place, of "exporting" our own experiment in government, as opposed to other forms of government is something that has mixed results. We do a much better job exporting pollutants, but other nations are catching up.
Whether it is Hillary Clinton giving gag gifts to other super-powers, or invading Irag without a plan to fix the country after we defeated their regular army, there is some desire to show the rest of the world that we have something different and valuable to offer, in how we structure the dialog, even in our slang, which is the ultimate summing up of a moment in time. But there is a "slang" gap, versus diplomatic speech. Slang is much faster, and coining new terms, like IDM, involves roots into larger concepts.
These different conversations contribute to a Habermasian legitimacy, and when words don't mean what we expect, that legitimacy begins to evaporate. Hence while we all enjoy the wild west show, when it comes to buying the snake oil, (as used in terms of digital security) we are naturally skeptical. And we should be. So we search for heuristics that can approximate what we need, perhaps without the exactness required in different parts of the system. For medical systems that means preserving or increasing the quality of care, limiting medical identity theft, limiting access to information to those who need to know, and minimizing the spread and scope of data that the patient needs to communicate, while being able to securely network it where they choose. There are many other requirements that I am working on in the OWL ontology, such as data retention, but largely the problem is solved by patient centricity, which relates to identity management.
So big rule of thumb for the U.S., we are situated in North America. North America is in turn created by the latest version of techtonic plate shifts, moving a few inches here and there, gradually shape shifting. Geologic time is of course something else. We are newcomers to the earth, but we can measure it. We have the etalon, but may also fail to see the stoppages, or the invisible mending of a tailor made solution for the U.S. And the solution can be bespoke. We might not all agree to the Treaty of Meter, despite the fact that most of the world has adopted it. This has costs, we lost a multi-million dollar spacecraft going to Mars because of a failed mathematical conversion. But we can explore with Duchamp the idea behind the metric, and how that extends into the 4th dimension. How it incorporates chance, and becomes for a moment anti-rational, before returning back as an Etalon. We are interested in where time, the 4th dimension, takes us three dimensional people, and we understand that flatland people, have their own dimensional problems, the least of which is getting painfully poked by a triangle which you don't see coming.
During this geologic time frame there have been mass extinctions.
We are concerned that we may be heading for, or in fact causing another mass extinction as a result of our by now normal patterns of existence. Patterns that were in fact set into place as Hamilton and Jefferson argued about capital formation and federalism versus states rights. Suffice to say that there are costs associated with our industrial economy, especially when one looks at where it comes in and takes over, like Detroit, Braddock, Chester and provides lots of jobs making things, like cars, steel, or ships, that require lots of people. Note that it was very different to build a Delorean, than to build a standard car. It's very different to build these new green cars, because the infrastructure is slanted in a particular way. It was very different to mass produce Liberty Ships, versus the individual technical skills of specialists who understood how to make a compass, how to lay a keel, etc. The mass industrial approach with scientific management of the 20th century and time and motion studies, and enforced separation of duties is different than combining individuals with a passion for their work, that might hire a few more people, but never a vast amount, and thus the effects were based on projects, rather than production.
So the geologic features caused natural barriers. Eisenhower saw the autobahn and wanted to get rid of those barriers, so the Interstates were built. Intercontinental Ballistic Missiles with nuclear warheads also transcended those boundaries. The Internet transcended those boundaries. The economy is global. But in the midst of all this globalization and long supply chains, brands, and big multi-nationals, the locality of place began to corrode. That is a value that began to be lost. The interstate took away the flavor and uniqueness of locality, like in the movie "Cars", but with thousands of examples. So there are two conflicting themes, people want the convenience of connectivity, but the benefits of locality. They may be willing to pay more for locality. Some people are willing to pay less, and have a supply chain which might have less accountability. Here we have a choice. But an identity architecture has to take into account these factors. People don't want to be treated like a number, but they are not always willing to support systems which give them more personal attention. Computers are very good at localization. They can adapt to different keyboards, different languages, and still provide the same services. They will adapt to a next generation network that has rationalized identity.
That should be true also with an identity architecture. Take it as a given that the techtonic plates are in fact an influence, because they formed boundaries, energy from the earth causes different features to appear. These features are in fact localized, and have major economic impacts. The fact that there is more movement is a significant difference geographically, and culturally. States are in fact different, and have different needs. This is generally a given, as is the Federalist viewpoint that there is a force in uniting. That union has been tested and found to hold. As a result we have the benefits of both.
Logically, we would want to extend that theory of localism, and choice, to the concept of union, without losing the features of either, or getting more negative aspects of either in an identity system. So since the entire system of laws is based largely on this concept, within the boundaries, it is important to leverage that work, while also recognizing the animating spirit that feeds that, which is the larger cultural identity, as opposed to political identity. Fuel injected on Highway 9, that means something. Your community means something. That's what makes c=US relevant because it is not government, government is there because it has a cybernetic function, and function is what we want to focus on in the identity infrastructure. This is an important feature, because the we the people form the identity, and not the government. However, the government (along with a few gag gifts) does represent us to other nations. Those relationships are highly structured, highly based on protocols, and thus sometimes very effective, sometimes very protocol based and dependent on not-ruffling feathers. This can get extremely nit picky, (such as the order in which people exit elevators) and is largely in a different world than the everyday. Even diplomatic language has its own rules, and thus can be subject to a great deal of interpretation. IDM was such a term. It is designed to be filled in. And if has been elevated to an international standard by the ITU, which was one of my goals!
Continue reading "Alignment"
Thursday, March 5. 2009
Healthcare in Washington
So the news today is the Healthcare summit at the Whitehouse. It's going to be very interesting what develops. I am listening to the state efforts (which are significant) at a conference in North Bethesda.
Obviously a great deal of work has gone into both analysis, and building systems. The job going forward for c=US is to gather requirements, build an ontology, and then translate those requirements in a proof of concept. This will result from the collaborative processes that have continued to bear fruit, and analyze the roadblocks that will inhibit adoption.
The Kentucky group has developed a fine sense of what works, and what barriers exists to adoption by health systems and doctors. There was a strong point made in regards to the economic consequences of a health care crash that they predict is coming.
There is significant interest by the health care interstate collaborations in addressing security and privacy issues. I will be publishing the ontology when it is cleaned up, and in the spirit of advancing Obama's plan, you are welcome to use this business intelligence since it was presented with a goal of harmonization and standards adoption.
Do we in fact have some of the problem solved. I have stated this explicitly that the requirements, the UML, and agile model are pointing to the fact that the AUTH-N part of the problem is solvable. One consortia was able to bring up AUTH-N within a year. Now to scale that out to a national level, that's where the competition is. Each of us has a part to contribute to the puzzle, my part is the 12-13 years i have spent developing identity management on a national scale, that can reach down to the local level.
A couple of issues have surfaced which will have to be resolved. To scoot back to the original value statement of Aescelpius, i.e. the Hippocratic Oath, we have to figure out what is the role of the doctor, and what is the role of the specialist HIT role.
The idea is to free doctors from the burdens, and give them the advantages of some uniformity to hook up their product of choice for the services they choose to provide. Other systems will then be able to "talk" to their system, and dependent on policy, expose that to their patients via PHR access. The best system is one in which the patients are actively involved in their own health care, or "patient centric". Saying that, and doing that of course represent a gap, a gap that can be addressed, and is work. Once done, it is a matter of technological adaption, which is going to be uneven so different use cases will address different classes of users. How difficult will it be to get someone who uses Facebook to manage their health care, and develop a health plan, manage a health savings account, and in general limit their economic footprint on the system, which as Kentucky officials put it, is on the way to sure disaster if the current approach is not modified. My gut reaction is not so difficult, since the current generation of young adults is born into the digital environment, and takes digital identity management as part of the matrix.
The more 20th century systems are based on code sharing, which dates back to code books developed in the telegraph era. Shortened messages were required to save bandwidth, and one sees the same short message format in SMS, like BRB, ROTFL, for the same reason. So they have naturally already coded. And genetically, we are masses of code. But the bandwidth limitations that existed in telephone central offices, which required a terse order entry system, which spawned fairly cryptic commands like ls, for list files, and rm for remove file, with appended switches, like ls -a, and so on, is a command oriented language, which predates the more graphic rich hypertextual environment. As the Kentucky contingent put is, healthcare is at the DOS level, and they need to be at XP. Actually they need to be at Kim and Stefan's level, which is about creating identity cards and secure token services, which is common across various operating systems and within the heart and soul of Windows 7, and Server 2008. There is no time to approach the problem gradually, we have to leap frog onto Turtle Island, which is the national safe place. The Turtle Island metaphor, is also the migration path from the sipapu, which we are able now to navigate. I say navigate, because the bamboo pole is already grown under the Grand Canyon caves and the whirlwind of change, animus and anima is visible from the edge of the crevasse. We can hunker down in the cellar while the tornado passes, or attempt to understand what psychological forces are allowing for, or inhibiting the processes of collaboration. As a network alchemist, I'm arguing that the transmutation of the various requirements requires both geek speek and poltitical wonk synthesis, which is going to be one of the hallmarks of the advancements done by e-goverment services.
Luckily we can tap into standard data modeling approaches, like agile, and UML to tackle this problem, and iterate as we find defects. There are going to be people who will take the leap to digital faster than others, but if health is primary, or as the astute binary statement common in the ancient Arabic philosophy goes, wealth is a zero, but health is a one. If you have 01, that's not as good as 10. Health logically comes first in the requirements analysis, reduced to the most basic code. To complicate that further, with Oxford coding for various procedures, that's understandable, and to share those codes is in fact similar to the UCC, and all code sharing systems. But there are advances with knowedge management that are at the heart of what a doctor does, and in concert with the patient. We don't need to re-write that process, but we need to enable it to the larger sets of systems that are very rigid.
So based on my requirements gathered I'm going to ask Stefan to insert the intellectual property that Microsoft got with him to introduce Zero Knowledge Proofs into the beta E-Health product. Currently they use Live ID, and Open ID, but in conversations with the states we are grappling with an age old identity problem.
That problem, which of course goes back to the Hopi, and my SNP343 cohort who started out with 10 guys in Asia that migrated to Europe, is migration. Populations shift according to value chains. Those value chains are economic, but also cultural. Systems don't adapt that well to people who don't fit into neat categories. So from a health perspective, it's about the healthcare first, and triage within that system, and identity second. That's the basic requirement, and accords with the Pythagorean oath. So Stefan and Kim can step to the plate and make that part of the puzzle fit, by putting in a Zero Knowledge token for care providers to link together records for non-documented participants who represent an opportunity to improve health, and an economic cost within the system. It's a tailor made opportunity because in a very advanced way, these migrants are faking or sharing social security records, so the old approach of the SSN will not work. This means you need to generate a unique identity, and then we are back to which unique identity do you want to use? At a fundamental level, we can allow a anonymous secure token to authenticate a HMR. This should remove any barriers to identity risk adverse user groups from taking advantage of the system. Additional economic benefits would then result in the credentialing (doctors also) which different roles would require. Electronic sheepskins are not such a bad idea when you consider the recent spate of falsification of academic records, and so on that exist in regulatory regimes.
Continue reading "Healthcare in Washington"
Saturday, February 28. 2009
Walking with the A man, rod and serpent.
The link between the layout of the kiva, and the tholos is interesting. Both mark the position of the sun, and a specific angle is presented in the kiva on how the sun falls at different parts of the season. At Epidaurus, the floor of the temple was inlaid with rhomboids, apparently a heliocentric depiction of the planets circling the sun in the center. In the middle of the temple was a depiction of the sun, which sent out arrows (like rays) being a form of love, or attraction to the other planets, which kept them in an elliptical orbit. In both instances there is a charting of time and space. One also sees this energy of the future in a cartoon put out about the wonders of Atomic Energy, that starts out with Democritus, and ends up with a glowing Tholos in Schenectady N.Y. This is a page about the first colliders. You can find the rest of the comic on the atomic history web site.
So I first came across the A man while I was walking through the State Park in Saratoga Springs. I looked up on one of the buildings and there he was. And I wondered why and how do you get these Greek god on a public building? Exactly what was the significance of this? I had never heard of Tholos, but I had heard some great performances at the performing arts center.
So when I got home I pulled out a book on Saratoga Springs architcture, and it explained Aesculapius, and how the building had been built during the depression by Baruch, because of theories that the waters had curative principles.
They had employed people to research water cures, something that always fascinated me from places like Baden Baden, Arizona, and the Battle Creek Sanitarium, which had by far the most wacky medical cures they foisted on people, my favorite being radium inhalation therapy and of course the corn flakes, and grande promenades of various upper class Americans and Europeans who had come to "take the cure" for dypsomania. I got a tour of the basement at the San and it was just amazingly wierd, because the Defense Department put all of these one of kind audio-visual devices down there in kind of an A/V graveyard. I would not have been surprised to come across a Zoetrope.
By that time I had sampled most of the different springs, including the ones in Congress Park, and not too much mindful that in fact they were slightly radioactive, and the mineral ones are particularly not that pleasing. But I had not gotten around to the Baths, and the whole history behind them. So this was in a sense, Baruch's interpretation of Epidaurus, sans the Tholos.
So the settlers of Saratoga Springs got on friendly terms with the Iroquois, and the iroquois let them in on a secret, which was the springs. Of course the battle of Saratoga was one of the turning points of the revolutionary war, but there are a couple of lesser known facts that make the place interesting, and not the racetrack.
Outside of town is one of the spots where life began. Its sort of an odd mixture of sand and rock, and limestone, which is how you get the carbonated springs, and this place where there are these stromatolites from an ancient sea bed, roughly 2700 millions years old. Needless to say, the Iroquois found some of the areas around Saratoga Springs to be sacred, and in particular, one tree which signified the confederation of the Indian nations.
It was a story that a man came down from Huron country and attempted to get them to agree to this arrangement. This story was supposed to have taken place somewhere along the Hudon between Saratoga Springs and Albany where there was a huge waterfall.
Generally they thought the idea that they would all live together in peace was fairly outlandish, and things had gotten fairly bad because there was a lot of feuding, and thus violence between clans. Sort of an early version of Gangs of New York. So, he said, "ok, you don't belive me, what would it take to convice you, at which point they were pretty much not taking him seriously at all, so he proceeded to climb up this really tall pine tree, and he went up and up, til he was at the top, and then he jumped off, into the Hudson.
They were pretty amazed at that, but he didn't surface, so they figured, well that was that, and the rest of the day went on pretty much as normal. Later on that night at dinner, he showed up at dinner, and said, in effect, so what do you think about my proposal to link up the tribes? They thought about it, and said, well it's a pretty good idea, but there's one serious problem, there's this guy who has been spoiling everything, and there is no way we can get him to either stop being such a pain, or get him to leave.
And anyone who tries does not survive.
So he said, I got a plan, we will get all these people together and go visit him. And they tried to convince him not to, since the man had been taken over by some evil spirit, and thus anything they said to him would be misunderstood and taken as a provocation. But they went along, some of them anyway, and he got a few people here and there, and to pass the time on the way to his hut, he taught them peace songs. And by the time they got there, and the old man was very angry in his hut threatening them with this and that, and they were pretty scared and wanted to leave, thinking this was not such a good idea, espcially since he seemed to have some extraordinary powers which he didn't mind using.
So they said, what should we do now? And he replied, "Sing the songs that you learned". And so they sang. And they sang, and then sung some more. Nothing happened at first, but more and more people showed up, and they started singing. And then there was this horrible scream, and it came from inside the hut. They went inside the hut and there was the old man. And he was very happy. He told them that he had been taken over by this evil spirit, and the spririt hated the singing so much that it left him. So they told him the idea about the constitution, and he said that's a great idea, I will help do this.
So the Irogouis lived that way, with their constitution, which the man that had come down the river had helped author. And things went well. And one day they were approached those who had heard about their form of government and wanted their advice to create another nation. The Founders would be exploring how to acheive the union, and debating what form it should take. In Pennsylvania, they reached back to the idea behind the union. When the union is broken, the value of strength and consistency is lost. Preserving the union, means preserving the faith with each other, and remembering.
[C]ast your eyes towards this belt, whereon six figures are . . . holding one
another by the hands. This is a just resemblance of our present
union. The first five figures representing the Five Nations [and] the
sixth . . . the government of Pennsylvania; with whom you are linked in a close
and firm union. In whatever part the belt is broke, all the wampum runs
off, and renders the whole of no strength or consistency. In like manner,
should you break faith with one another, or with this government, the union is
dissolved. We would therefore hereby place before you the necessity of
preserving your faith entire to one another, as well as to this
government. Do not separate; Do not part of any score. Let no
differences nor jealousies subsist a moment between Nation and Nation, but join
together as one man.
Continue reading "Walking with the A man, rod and serpent."
Friday, February 27. 2009
E-Health Exchanges-Architecture
"To support the NYHII SHIN-NY must use architecture
and materials that fit the problem – the Internet is
the best model we have"
NYS Office of Health Information Technology Transformation
In the early 90's I helped the N.Y State Economic Commission explore ways to bring high speed networking and advanced services to NY.
The N.Y. Health Department was kind enough to provide hosting for my blog, (except there were no blogs back then, so it was called a ListServ, and it was on the BITNET). I attended meetings with many of the cable and telco executives, and spoke up for the potential of the Internet, which I had been using for email, and wanted to use for multimedia. The telcos and cable folks had their own plans, and no one thought the Internet was such a big deal, except in the academic and scientific community, but there was considerable interest.
When I talked to these executives, I said, why don't you join the ListServ, and be up to date on what is new?
Remarkably, they did not have email accounts, so I offered to get them set up. That's when I started working for PSINet in the RPI tech park and the big Internet boom had started, from what had previously been regional networks, and before that super-computer networks.
In 1993 the government paid for a Pilot project to develop an Internet based directory service. PSINet ran the root servers for that service in the U.S., and the Internic was responsible for signing up participants. The technology was very advanced, but the business model had not matured relative to the need to selectively maintain confidential information and how those organizational borders were defined. To help that out that process the directory operators created a bill of rights for personal information on the network.
There have been significant advancements in technology and adoption since 1993. The Internet is no longer subject to some of the same limitations in terms of bandwidth, ubiquity, processing and connectivity. Thus the overall architecture which was present of non-connected systems is now replaced with a systems which are connected and end users are accustomed to both high quality services, and risk.
The idea of borders reduces risk, because it is a fundamental concept, establishing domains in which certain interactions take place according to a plan or policy. By nature the Internet itself has little in the way of policy, it is neutral, so it is not a PEP, or policy enforcement point. But we can establish national policies as a layer over the network. I say this as a citizen, sitting on a park bench and nothing more. This is not a Chinese firewall, a limitation, but a recognition that we can, in fact have a national identity that can extend to all citizens as defined in the stimulus bill. It is this scope which requires a polite wave from the bench and say are you ready for this now?
But to function, these borders need to both flexible and adaptable. This is why corporate use of the Internet started out as brochureware, a few pictures, and an email address, and phone number, but with the majority of business processes taking place on the "back end" with many people typing, and retyping in information.
Gradually, with the advent of better portals, customers were able to interact more directly with the business processes, which arrived with much more efficient packaging, as a direct effect of integrating the business process with the presentation layer. This caused a rethinking of the back end processes, and the relationship to the front end presentation layer, thus promoting a second wave of integration known as middleware.
The complexity of electronic health records is related to the complexity of the health system. It thus makes sense to apply the best simplification mechanisms that the network has to offer. In particular, the lack of accurate identity is a problem in the general Internet, and in secure networks the problem is critical that identity is not fragmented as it is in health systems. This is largely a result of "ownership" issues that need to factored out of an Identity Management solution as a service. If there is to be a national initiative for health care information technology, there has to a solution that scales beyond the current fragmented approach to identity.
This holistic concept is something that is realized by the military. I came up with the concept of digital identity, which is now matured beyond the technology into meeting line of business requirements.
This is exactly the point, identity is a collaborative concept that has to be filled in, by the stakeholders, it has to be defined, and tied into the business processes.
It is not about a specific technology, but leverages and merges appropriate technologies and concepts to provide services to individuals. Which is why we came up with the term, it brought the idea out of the data center and into the hands of the end user to manage their identity, and to use that concept to manage their health care, and other goals.
The technologies are simply not adequate by themselves. Instead it is a value chain that allows the end user to access a wealth of resources, and when a properly authenticated identity is presented, the next step is to apply business rules based on defined roles. That's the value of identity.
Combined with another basic concept, breaking down information into internet protocol packets, and sending them to virtual addresses, as Vint Cerf first described it, "IP over everything", and the TCP state machine, this becomes a very powerful concept. And a concept that only works when the right security and privacy controls are in place.
Thus you have Cequs, fundamentally listed right under the original DOD Internet numbering system arc. Because it is just that basic a service for an advanced network architecture. And simple is good, when the knowledge domain is already highly complex.
IDENTITY DOMINANCE EVOLUTION. Recently, the DOD consolidated the
management and oversight of CAC, PKI and Biometrics under an Identity
Protection and Management Senior Coordinating Group (IPMSCG) that is
comprised of senior DOD Flag-level Officials. This action recognized
that information assurance fundamentally depends upon strong
management, assurance and protection of digital identities across the
DOD.
Fundamentally. As in bedrock. Also as in boundaries. Luckily the certification guidelines do require authenticated identity in a way that is consistent with NIST approaches, but these largely do with a subset of identity proofing, and not identity routing. There is a concept that we agree upon. The government, and useful and necessary as it is, is not the entire nation. The people are the fundamental principle, we the people. Thus the government must be limited in what it can do, even when it holds very important powers. Ultimately the value of identity far exceeds the artifacts produced by a government, like a photo id. It comes when citizens fulfill a role that is not constrained by official duties, because simply not everything can be defined as a cycle. Some things are unique, you are unique, you are not a number.
Why should Healthcare have a different identity for you than if you needed to be evacuated in a disaster? Its because the systems don't talk to each other, and they largely don't recognize you. So we pile up more and more identity tokens.
If we don't put into place an inter-operable identity system, we will have to duplicate data.
The system is healthcare system is cracked in some places it is broken, but it still manages to provide high quality services.
Unfortunately at a cost which is not affordable for a greater and greater portion of the U.S. This is an economic issue, if we don't fix healthcare, we are going to have a far more difficult effort fixing the economy, if we don't fix HealthCare systems (and the records and processes they contain), we can't leverage the 34 billion dollars in savings from advances in Health IT. And if we don't solve PII in these systems and apply some rational identity mangement, we will not truly fix HIT.
To ignore this and continue to reject citizen centric efforts to reform the national architecture for Identity is a clear violation of principles which are behind the Clinger-Cohen act. It is simply a waste of taxpayer money, and the Federal Architects support the idea of a unified identity layer that allows for connections from multiple systems, in different formats, but fundamentally, and I really mean this, gets systems so they can talk to each other. They don't, and the Exchanges are a way to make this happen, to manage the complexity of the data, and to make the PII part simpler, since there are so many requirements from the certifications for PII, employ a consistent standard. If you don't accept the world documented standard for this approach which has already been in place since 1988, what are you waiting for?
Keep the stuff that works, but realize that duplication of efforts does not scale. The same guidelines for EHR and Personal Health Records need to apply. One is this typically highly regulated and complex backend system, the other is this typical web based system. Meanwhile clerks from CVS have been chucking PII in the dumpsteer.
PHR are held to standards which are typical of web based services. That means some https, and privacy policies, with some encryption thrown in, but very customer facing, and inherently fragmented.
One of the major well known PHR efforts makes absolutely no mention of HIPPA in their privacy policy. PII is currently a very, very, difficult privacy issue, with significant legal costs. They can't be responsible when you leave "their" system. Yet your identity is the same.
CVS just was fined millions of dollars for failing to follow these procedures.
"The FTC opened an investigation into CVS after numerous reports from around the
country said CVS pharmacies were throwing trash into open dumpsters
that contained pill bottles with patient names, addresses, prescribing
physicians' names, medication and dosages; medication instruction
sheets with personal information;
computer order information from the pharmacies, including consumers'
personal information; employment applications, including social
security numbers; payroll information; and credit card and insurance
card information, including, in some cases, account numbers and
driver's license numbers. At the same time, HHS opened its
investigation into the pharmacies' disposal of health information
protected by HIPAA, the FTC said" [Network World]
Some PHR companies that I looked at would transmit your SSN to a healthcare provider, sure it's encrypted, but that's not the point.
This is backwards. I don't know how to deal with the fragmented procurement system, but the Stimulus Bill can fix this, and at a very reasonable cost.
The E-Health Exchanges can have a scalable model if they follow something like NY has outlined, since they understand network protocols and how important they are. They will lower costs and provide better customer oriented service. But they should be consuming identity, and not providing it, each time they replicate the information is an opportunity to do something wrong. It is a massive effort to normalize identity in all the records, but it has to be done.
Continue reading "E-Health Exchanges-Architecture"
Thursday, February 26. 2009
Tholos, A Dialog with Aesclepius
Aesculapius leaned up against the Corinthian column that supported the Tholos. At the supporting point, the capital, the column was decorated with perfectly carved acanthus leaves, more perfect than in nature, giving some insight into his brush with Platonic forms.
"So what do you think?" He began.
"Beautiful, more so than I could have imagined, the pictures on the Web really don't do it justice. It's much better in person."
"Well that's the idea, really, you should spend the night. We can talk about your dreams in the morning, you see your dreams, but then you have to discuss them with other people. it's more about the inner dialog, how is she working out?"
"Working out well, I didn't realize I would get assigned a muse."
"One of the perks of the job, I guess. Kind of like the Cledon, you want to be careful how you use the key."
"Well the time queasiness is an issue, I noticed that they are using that device in Lost now.I started watching it again."
"Lost, I love that show, how do the writers ever keep track? Much less the viewers."
"You get that show in Ancient Greece?"
"Remember, I'm in your subconscious, so of course I get it."
"Oh right, of course, I forgot I was dreaming".
"Precisely, now back to the matter at hand, what have you figured out".
"Well first I want to give some credit to the Muse."
"What is this, the Academy Awards?"
"No really, and Steven Spielberg"
"Spielberg? What, did you fall asleep again watching the Academy Awards?"
"Oops, yes again, It's a theme, like how I met my wife, the memory device, you know, Vannevar Bush, the Memex, memento pattern, wampum belts, and you of course, the Shoah Visual History."
"So that affected you, going out and seeing that on the lot?
"Well being on the lot on the tour is one thing, but going there and watching the tapes was another. I guess everybody breaks down, it's very powerful when you hear the survivor stories...its almost a PTSD, Post Traumatic Stress Disorder. It's hard to remember the Shoah, he deserves credit. He had that dream about the Rabbis at the end of the hall. I love that story.
"I remember. It's all about the healing process. For society, that is."
"So the remembering, that's important?"
"Sure it is, that's why its factored into identity. So I was just reading about the Woz, he remembers it now."
"The accident, you mean?"
"Yea, apparently he wasn't flight rated for that plane"
"Bit like Icarus?", Aesclepius, somewhat tired, decided to sit on the steps going into the Tholos.
"You could say that, but lets forget about the connection to the academy awards right now, that keeps popping up, and let's discuss about healing the economy."
"I thought this was going to be a dream about Medical Records, you know saving 364 Billion dollars by accelerating Health IT".
"We could save more money by getting everyone to lose some weight, and stop smoking, and thats not going to happen overnight. I haven't been to Dunkin for three months since I lost my job, and I quit donuts way before that."
"Didn't you meet Obama at the Dunkin?" Aesclepius said topologically, savoring a metaphysical donut that was about to be a cup of coffee.
"I'm sure I imagined it, the person just looked like him. i ordered a bagel instead of a donut, and he said "A wise choice". I was supporting Hillary at the time, but that's when I switched. It was a Dunkin moment. Anyway, he came to my daughter's high school, and I had to work, so she met him, and of course there was that whole "stand by the river" thing that was produced here in Swarthmore. You know the underground railroad ran right through here. People are always finding hidden rooms in old houses."
"Oh yes do tell, that was Muse stuff".
"Not my muse, but I enjoyed the play. The theme was for me embedded within the economic snafu. The whole AIG mess, it just does not go away. I remember drinking with the AIG project team it was Christmas, Bush had just been elected, they did away with the regulations on derivatives trading, I was there in the bar, talking to them after work, we were going to go out and see the window decorations. I ended up not going and missed my connection in Newark to take the train back to Philly."
"So the naming, you got that? After all, the day AIG was trying to borrow money from everyone, and the credit markets froze, that was an important moment. You got a call. The New York Fed was preparing for the worse."
"Not at first. Exceedingly clever, my grandmother was Leila, you add my last name, and it's like a river, only a brook. Brook man." Lee Brookman., but in German, Lee Bachman, my oldest sister.
So I really did not workout the other clue without the muse. First I had to look at the derivatives financial history, one of the first big bailouts, then the Enron scam where they faked an entire trading floor, then see the timeline. Even in 2005 they were talking financial meltdown from the derivatives.
That led me to the Brook, and Lee combo. It's a unique name. Very synchronistic. And then when I try to explain the financial crisis to my other sister Kay she then is interested in doing a movie about Brooksley Born, and how she tried to stop the crisis. This makes a lot more sense to more people than wampum, with government agencies duking it out, and the beginning of the Bush trillion dollar deficit legacy. It's something you get George Clooney to do, explaining how credit default swaps work."
"Aha".
"So Born's parents liked the names Brook and Lee. And thus you have Brooksley Born. And the story is impressive, she probably knew more about derivatives, and futures, than anyone. Well anyone except the financial wizards that cooked up the current mess, that helped fuel the bubble."
"It nuked her career. Going before congress. That took a lot of courage."
"She tried to stop an 8 year bubble, before it started. Enron writ large, Brave woman. Can't wait to see the movie. Don't know if they have a deal yet. Academy Awards are a long way off."
"It's no Slumdog".
"No it's not, but people want answers, she told the truth, and was told to go home, we could have avoided a major catastrophe. People want to know why."
"Speaking of Slumdog, what about the muse there?"
"Again, brilliant...he opens a window in his office, and puts a computer there hooked up to the Internet, facing out for all the kids to use in the slum and as an experiment sees if they teach themselves to use it. They do, it's total situated learning, they bootstrap themselves. It's pure Engelbart, right down in the Mumbai slums. The writer hears about it, adds the millionaire theme, then they buy the film option to the book, and it goes right down to the kids in the movie on the red carpet."
"I see they got another award, oh that's right, you are asleep listening to Academy Awards, can we get back to the stimulus?
"Yes, but I was ahead of the curve on that one, check my Facebook page, I beat Colbert to that. It was a shoe in, so was Sean Penn."
"So the whole Hopi, gamma ray thing? Where's that heading?"
"Oh the real estate bubble? Securitization of mortgages, Fannie and Freddie? Bad banks and no one knows what anything is worth?"
"Yes"
"I was going to take a job working at Fannie. They knew that they had control problems, and I also interviewed doing middleware at CountryWide, it was clear that they were riding a boom that would not last. I didn't land the job.
I hiked back into the White Tanks and saw some of the petroglyphs. It right around the time of the big lemon war at the beautiful Frank LLoyd Wright hotel in Phoeneix where they leave the lemons outside the rooms, and before my father died. I don't know if our family can ever stay there again as a result.
They were seriously tanked. Still you can get a handle on the symbols, the ones from Chaco Canyon make a lot of sense. EnergyMan is very cool, did you see it earlier in the blog?"
"Dude, absolutely no one reads your blog, it's just a conversation with yourself?, except for a few intelligence analysts, no one follows it. Only one person linked the "Birds" with the NSA beam splitter in S.F., and no one is getting the Fabry-Perot etalon, except for DOD, but then again they get the global IDM going into the SOA bus. Believe me, I know from pissing off Gods, they like their drink. You talk ambrosia shortage at the bar, and Loki just goes berserk, you would think it was Armageddon or something."
"Oh yea, forgot. Dreaming. But we are plugged into the Jungian Archetypes, synchronicity, Wolfgang Pauli breaking the Chinese vase in Switzerland, and the reactor at Princeton, and Dirac space around the Black Hole. Black Holes That's got to count for something. A minor stipend, perhaps?"
"On a quantum level, you might as well be trying to get virtual Internet dollars for Canada like Cartman, and end up with coupons to Bennigans, so maybe, but Tholos never really makes it to your time, as opposed to fake Irish pubs. You are about the only one who comes here now, but theater, and musical theater, is a big hit. Tholos, not so big. Can you get me tickets for Guys and Dolls?"
"Deal, you get me the medical privacy solution without this whole RHIA, CHPS overhead, Obama doesn't have time for this on the project line, we need to deliver to the HIT Coordinator in Bethesda, and they have been studying this since 1993 for electronic health records. They will be studying for another 5 years at this rate. Besides, HL7, XML, that's not such a big deal, they are still using Personal Information, they don't own it."
"Let the cutters cut, that's what I always say"
"Let's show em that SNP 343 still has some innovation left in the genome sequence. Living by the brook, so to speak, let's party like the glacier is receding. Those Irish people might have nothing but their voices, but they like the pubs, and it's so pretty, we R1B1 know how to keep ourselves amused, we won't let something like a tectonic plate shift or the English Channel stand in our way. We reserve the right to party. Why else would the ancient parliament be right there near Law Rock. You know, the Thing."
"The Thing? The one on the North American plate boundary, on the old road through the crevasse?, boy did they get hit by the weapons of financial destruction, Iceland was financially nuked."
Aesclepius, decided to stretch his legs, it was a fine summer night, and no ice around. "You folks are all about dodging icebergs I guess. Don't stand on the bow of the boat I say."
"Well SNP 343 still is planning a party at Law Rock, we don't mind a bit of ice in our Scotch. Or standing by the river. It's going to be a party for everyone that left Eurasia thirty thousand years ago. I'm letting the relatives know. Catered. And free drinks in the Irish pubs, the real ones."
"Good luck with that. Thinking about any publicity? Everything is about Mardi Gras right now?"
"Aesclepius, would you be interested in doing "Le Show", It seems all I do all day is listen to NPR. After all he figured out the Dutch polder house political connection to Katrina, he's on the right track? Maybe he could help FEMA? You know, living by the water, instead of walling it out?"
"Have his people, call my people."
"Dude, you are in my imagination".
"It's radio, you think that ever stopped the Winged Warrior?"
"You mean that Obama is really mild mannered Benton Harbor?"
"He's everywhere isn't he? From Chicago?"
"You got a point, you got a point. Later A., I think I'm waking up"
Continue reading "Tholos, A Dialog with Aesclepius"
Friday, February 20. 2009
If I only had a Brane
A reassessment of what type of black holes might or might not be created in the LHC, harmless ones, or catastrophic black holes. It is a risk that I feel totally stupid in not understanding, but still see some interesting connections, if we are willing to look outside the box where Schrödinger's cat resides. The authors, having revised their model, still do not think it will happen, which is great, because we stand to learn a great deal from the LHC. Or as James Joyce put it, "three quarks for Muster Mark".
The sci-fi version plot line is that the event already occurred (in our future), and all information is now encoded on the edge of the black hole with our world projected as a holographic image.
This time line folding brane is depicted on the Hopi Prophecy rock petroglyph, where there are two distinct time lines, the upper, or left, characterized in Western mythology as the easy or sinister. The two paths are parallel, but with different symbols on each line. Some people have interpreted that certain circles represent world wars. The end of the top line finishes as a triangular wave. Working with the symbolism, one might interpret that wave as very intense radiation, (coming from the MAD 1950's) my first thought would be WWW III as a nuclear conflict, and another thought was that it could be a natural occurrence, like being lined up with gamma radiation from space.
The lower, or right path is initially far more difficult, but ends up ok. The triangular waves are now included in the official U.N symbol for radiation. Again, the sci-fi plot line would be connecting the dots between a black hole and gamma radiation, or a massive extinction event somehow predicted by all these ancient astronomical devices, followed by an evacuation through a worm hole. Somewhere along the line is the discovery, or realization of what it is to exist in multiple dimensions
If gamma rays, such as in a recent event which would be equivalent to 9000 supernovae (if radiated in each direction) were instead lined up, the problem emerges. It turns out that the gas jets in fact are aimed in a specific direction, (even if they are in random directions), we would be looking at a quite a billiard shot. Or thinking in brane terms a probability along the time dimension.
Whether that shot has information, liberated from the edge of the black hole, seems interesting. Also there is the issue of how fast the rays are traveling, (very close to the speed of light), and how far away this recent event took place in light years.
That is 12.2 billion light years. That's a long time (and an enormous expenditure of energy) to get 8 minutes of information of which few people are aware.
And a long time that we could evolve sufficiently to get something in place to see and record it. About the only way we could in fact get that information before now, would be if someone already knew about a specific extreme gamma ray burst before we did.
In turn if that was the same source of a predictable mass extinction event, or sufficient to cause a time warp, or some interesting entanglement, that's a good plot line for a sci-fi movie, because there would be some alignment of the information in different, and persistent locations, triangulating on where the event would occur.
For example, the 3 Mesas near the sipapu, marked in the deed for ownership of the U.S. (which has been to this point ignored or forgotten but presented to the U.N.), until the missing part of the firestones deed is returned, and the pahana to do that will have to be able to decode the symbolism in the stones, and heal that break in the economic system in the U.S. Lucky for us, the various wampum belts have been rediscovered, Penn's in particular, and also kept.
Logically, since the Quipucamayocs at least had a clue to strings signifying ownership, dating back to some of the lost Hopi tribes that were stranded in various places in the Americas, there is a tenuous memory link where the story can be pieced together to remake the wholeness of the nation, at a virtual level, as opposed to a physical level. The fact that this is so far out from typical rational thought, this alignment, is even better, because that's what makes it unattractive as a ladder.
Think of two paths up a cliff face. Both start off as plausible paths, but the one who lives in the cliff knows the path that does not end up as a dead end with the attacker falling down, with no way either up or down. After a point, there are no more handholds, because it was designed that way, as a form of protection. There's a line of cornmeal in the sand, we can't go farther unless we understand, and if not, that's ok, since there are different paths, just not this one.
Obviously the solution is to take the right path, but that implies a form of knowledge, of what that right path might entail, and the KM required, in this case an Athenian OWL, which represents the distillation into schema or requirements management which is a group effort towards development, a merger of citizen ethics and knowledge management.
Wisdom entails some cost, a loss that can be turned into gain. Thus the expression, I would give my right eye to...in the same way that Odin gave up one eye to drink from Mimir's well that nourished the world tree.
The sacrifice, may represent a loss of vision, blinding PII. Odin's crows are the same old (and thus wise), crows of the NSA. They would have to be partially blinded in terms of PII, (as was their charter) and gain the vision to trust each other in a fairly normal and consistent manner that constitute ways in which we typically interact, constitute as in Constitution.
So the objections and requirements go back as far as the pine tree of the Iroquois Confederacy, on which sat an Eagle which would warn the inhabitants of danger.
That eagle, and our current national eagle was not designed to spy on the tribes because the law was sufficient to keep the problems in check. For those that were not constrained by that law, (the folks on the other path), of course you needed warning, and the vision to be able to achieve that. The other idea is that you could see the danger coming, translated into radar, or satellites, or U.N. inspection of WMD, but that long gaze equally required that one establish a dinkum domestically based on extensive collaboration leading to accepted laws.
Forgotten except by the 51st honorary state and former colony, (where Washington was a guest), which links back every May day to Native American customs (in a sort of well intentioned thanksgiving play colonial suburban white guy backyard beer fest kind of fashion of Native American imitation, but also somewhat seriously). Consistently since colonial days constituting a real (if invented) form of national identity, distinct from the English custom mixing myth with reality.
Thus they had embellished the original memory device that linked the two paths that was the foundation of the American economy. Foundation, as in the very first basis for trade with the Dutch. So in terms of the Madness and Popular Delusions of Crowds, in 1627 the seed for the economy was created, and in 1636 was the great mania followed by a crash the following February.
The Egyptian Funerary Texts and thus the monuments, the Quiche, Rudolph Steiner, and the Zen Buddhists, could have some sort of astronomical alignment. Or not, in the new secular order. But on a symbolic level, they do. The rational mind is going to recognize this as garbage, and that's fair.
But the great thing is that it is so mythological that it is not generic, and therefore not something a rational developer would attempt to do, and thus as a big idea, or grand challenge, it is creative (in fact is about creativity) so that it is linked, and makes sense, but perhaps more so in terms of a sci-fi plot line.
Whatever, it works and you want deeds to work in real estate and copyright, even when there are going to be long term disputes. I met Gordon Gould in Ann Arbor when he was prevented by ARPA from profiting from his patent on the Laser since the project had been classified. In his office he has set up some speakers with a mirror surface, and was trying to make some money with "light shows". it would be years later before the patent would be enforced. It is the way the system works when politics can be made to affect the outcome of research, and since the process is classified you get these incredibly silly explanations as to why, because of course the real reason can not be divulged. But breaking those agreements has a social consequence because innovators are not rewarded, as the Founders intended, it either makes sense and is enforced, or is theater. Politics is politics, there's nothing wrong with that, but there are costs with any tradeoffs that we all ultimately pay, and we should not be overly surprised when the value chain of knowledge, or trust, is broken, and the economy falls off the cliff.
The basic idea is that we are out of balance if we exploit resources indiscriminately for short term profits. If we manage resources wisely, perhaps we have a chance, but the sort of rampant consumerism present in the last few years present economic problems in terms of sustainability of growth. Some authors claim this is a form of addiction.
At one point, the myth states that the two paths (or time lines) are connected to allow people to make a final decision and people can travel between them before that gate closes and the decision then becomes permanent.
This is a feature which one does not typically find in most Western European mythology, a sort of cut through gate in which the initial choice can be changed without presumably backtracking to the entrance.
In zero knowledge cryptography one can imagine a tunnel going through solid rock with only two entrances where the observer can see both entrances. In the middle is placed a barrier which is securely locked. If a person goes in one entrance, and is observed coming out the other entrance, the observer can deduce that the person who came out the other way has the key, but without knowing what exactly that key may be, or observing the other person actually going through the door. This is actually a feature in Identity Management.
Pandora's box however is irreversible, the evils are set loose in the world, and the role of hope is let out at last, which is either the most evil of all, because it prolongs the other torments, or in fact is a way to go beyond the evil.
According to the Hopi emergence/creation myth, the U.S. was discovered by the Hopi ancestors while there still was a land bridge, and others used the land bridge to escape a flood while they came via water. They then found the land already occupied by a spirit who eventually gave them permission to settle, but only if they remained in a stewardship role, so they could not own the land.
In speeches to the U.N. the Hopi continue to maintain this role, and apparently never signed a peace treaty that
would have given up this role. Ethically, they feel compelled to warn us of our actions, but have little influence of how the concept of land ownership, titles, and communities have formed since that contract was made. They did record the deed which they have duly presented to governmental authorities and the U.N, and is custom in most cultures, marked boundary stones across the U.S. and South America (and in cyberspace, I might add).
Out of these original migrations there were successes and failures. In one of the oldest recorded texts of creation myths, there are significant battles in the 3rd world, perhaps the same stories that are in the Popul Vuh, which consist of defeating evil gods using various clever tricks, winning at play to the death ball games and so on.
Thus our current world/dimension is considered by the Hopi as the 4th world after they (or coyote) sealed up the entrance to the former 3rd world so that only animal spirits could go down there to re-spawn. They did this also because they did not want humans to return to the 3rd world at will.
One can look at source material and personal visits to the Founding Fathers who decided to base the U.S. Constitution on
significant elements of the Constitution of the Iroquois Confederacy, and land agreements negotiated by William Penn, and see that the description of two distinct time lines is also evident, primarily as a mnemonic device. GoF 283
software design "memento" pattern.
The Native Americans had no great expectations that future generations would remember, or honor the agreements of previous generations so they ceremonialized those agreements with tangible representations of parallel worlds. One could say this was more a cultural statement, but from an organizational standpoint these were promises that were made to kept in terms of environmental stewardship.
The wampum belt was both currency, and a memory device meant to persist in time to future generations to remind them of this specific agreement, and when we forget what values this country has, and go into economic free fall, it is there to remind us of what our Founders intended this country to be and how the nation was created.
As Ben Franklin put it after the close of the Constitutional Convention, when asked by a woman what type of government had been chosen, (bear in mind there was secrecy, the windows were closed against eavesdroppers), was it another monarchy, etc? Franklin replied, "A republic madam, if you choose to keep it."
Franklin and the other Framers looked at why governments failed, and put the burden right back on the public, it was the citizen's duty to maintain what they designed, or lose it, or choose to come up with something different, a pressure which reached the boiling point in the Civil War from issues that the Founders did not resolve, and have been challenged in any state of emergency where rights in the Constitution were under pressure from a War effort.
There were pressures pre-revolutionary war to open more land to the west for exploitation which were fought by the British and the French, and that formed some basis for the revolution, but if you have been following
the popular press lately there is a significant argument that has been formed in the mortgage crisis and what solutions have been offered, specifically mentioning the Boston Tea Party which is not surprising since this is a strong theme.
It was those Sons of Liberty, that helped create a national identity, and took upon themselves that role to cast themselves as Americans, and not British subjects.
Naturally, they respected and emulated Native Americans and took on some of their customs, importing and creating their own mythology. The continued celebration of that took place on the Schuylkill, and later the Delaware rivers, and members of that group constituted a separate but currently unknown Colony, recognized repeatedly over 200 years by Pennsylvania
officials, and later an official honorary State, dedicated to the simple concepts expressed by Izzak Walton of the freedom to live in an environment that was not polluted to the point that one could eat the fish, or hunt game. Or for some colonists to engage in a typical British fox hunt. They were busy building a national identity mythology which was parallel and contained some elements of the Native American mythology.
These were tradeoffs that were recognized as pollution from various industrial processes such as tanneries which entered the rivers in Colonial America, and issues regarding environmental protection are also recognized, but hardly completely solved today, despite valiant efforts. We face some of the same problems of long term storage of waste radioactive materials, and tried to construct a language that will survive thousands of years of dangerous half life. The difference is that some Hopi probably believe that this already happened once already in human pre-history, and there are stories in Hindu pre-history mythology that clearly refer to nuclear type weapons. Even recently a safe containing weapons grade plutonium was uncovered near
the Columbia River at the Hanford Weapons site.
The wampum belt by Penn given to the Lenape for land in the Philadelphia area clearly shows these two time lines, and it is evident in other documents from that era that plainly say that one will be forced to make a choice, since it will be impossible to maintain balance with a foot in two canoes! Wampum was of course considered at one point to be official currency here in the U.S., starting at the Aptuxcet trading post on Cape Cod.
The current economic crisis will end for individual agents in a complex adaptive system when they re-discover the value chain. Of course, they might base it on another scheme, the dot com, the securitization of mortgages, or any scheme. In this case we face another crash, sooner. But if we go back to values, and thus a bedrock of trust, as opposed to complicated whiz kid economics which have led us here, then perhaps we have accomplished something.
The theme of "separate but equal" in U.S. law established in Plessy v. Ferguson was struck down by Brown v.
Board of Education, but from a legal standpoint, Native Americans belong to sovereign nations recognized by the U.S., and the Hopi
consider us to be guests in their world, and as just as they sealed up the portal from the last 3rd world, they pan to do the same during the next migration up the Sipapu, with the idea of leaving the "evil folks"
behind.
There are lot of science fiction, movie plots and web sites of
a "Philadelphia Experiment" gone wrong that center around the theme of a space-time warp disaster that occurs 2010-2012. Enjoy your hot chocolate as Quetzalcoatl leaves the building.
Continue reading "If I only had a Brane"
Thursday, February 19. 2009
Medical Privacy, The Specifics
Concerned that J. Random Hacker or some other unauthorized user is going to be reading your personal health records? You should be, and here is what is going either stop that from happening, or not.
First off, medical privacy is a subset of all security, then specifically information/data/network security and the best practices that go along with that security. We are not talking about security theater, which gives the illusion of security, or security through obscurity where one hopes that either someone does not know a specific trick, or just will not look in a specific place. Instead we are talking about security in depth, that attempts to be comprehensive, and anticipate (itself sort of a knowledge gambit) attacks.
Ultimately there are no guarantees, but unencrypted Personal Health Information data on a consultant's laptop has happened, and then stolen from a car trunk during lunch, or mailing CDs of unencrypted data and having them get lost in the mail. So it is just as important to weed out the really stupid stuff, because your medical records may not be that interesting to someone who wants to buy things with a fake credit card in your name, and as the saying goes, you don't build an armored car to deliver information if the end points are not also secure. Thus most specific requirements actually make sense, and some requirements are in there because someone thought they made sense, which they may have at one time, but due to technological changes, they are now longer valid, say for example a specific type of message hash, or cryptography that has been broken. Frankly we don't want our health care professionals to be concerned about this, it just has to work right.
Since the knowledge base, such as Common Criteria, and threat matrices are fairly well known, and are often reiterated, they form a long term knowledge process which is highly documented, and testable, say from a CISSP certification. They don't address the real social environment to some extent, but then again they do. If you have cancer and lose your hair from chemo, you can wear a wig, and people do, but more than likely you are going to share that information with significant others, and not require them to sign a HIPPA statement. Yet the hospital, or doctor, has to specifically take these relationships into account and adjust the "view" of the data to the roles of the various use case actors, even if the social situation is not really set up that way. So largely we are talking about "official" roles, and who can see your information, and to what use it can be put. This creates "ownership" issues. This is the great thing about Identity, you are the only one who really "owns" it, even though people will have the job of managing the data.
Does this comprehensive security teach one to think outside the box?
Not necessarily, but certainly by using known best practices one will reduce problems from simple mistakes which might turn out to be quite devastating. This makes requirements very important but not necessarily sufficient, because attacks will focus on both well known problems (say a failure to apply a specific security patch) but also unique zero day vulnerabilities known only to the attacker, or a small group. This infers that security is, (as often stated), a process and not a product.
I remember a conference of Federal Architects where they presented a paper on security that I had helped work on. Two comments by experts in the field struck home. The first was from a very well known person in the security community, a person you usually find associated with documents on practice, the other a head of IT security for one of the three letter organizations.
The well known security expert remarked that we were repeating the same thing, and it was remarkable to be paid for it. I had to agree, most of the conference was nothing new, but everything was spot on, it really was a question actually applying that knowledge. Also the OMB, who was one the key agencies involved in the process was responsible for grading the efforts of various agencies. There were few Federal agencies that got a decent grade. It is very difficult to effect change on a comprehensive government wide level. With this funding cycle, this has a chance because it is not just about staying within a specific domain.
The same conversation just in a slightly different format. Essentially from a Scrum or Agile development process the stories, and defects fell into a predictable set of vulnerabilities, the ever present buffer overload, unexpected injection of strings that could be interpreted as commnds, in short the usual suspects of poorly written software that was not adequately tested, or just written without a knowledge of vulnerabilities.
This implies that information security is largely a solved problem, in theory, but not in practice, and therefore it is a matter of fundamentally of communication of these best practices, and then the implementation of the same.
But also that people want to get things done and not be concerned with the security under the hood, (for example does the remote for your car have frequency code hopping), there are expectations of the larger issues, does the remote work? [Availability]
Can someone clone my remote? Can someone lock me out my car? But first you have to know that cloning is possible, then you want the feature of frequency code hopping. To me that means that security should be "baked in", but not always exposed to the end user. For example, for an authentication decision one could use a number of different factors, some of which might have a higher degree of validity.
The director of security for the three letter agency had a much more troubling comment, because he was discussing information assurance, in the general sense, of whether it was possible to trust the output from any computer, period. This hearkens back to Ken Thompson, and "Reflections on Trusting Trust", sort of the original paper on self replicating code, in which he hid something on a computer that no one would be able to find. Even more so it went back to the basis of symbolic logic and Turing's examination of things that are computable, and things that are not. So it is fair for any user to question whether what they are seeing is really what should be there, and the question is how does one know? How can inaccurate information gather momentum and be transformed into supposed fact?
So I mentioned that to be effective, identity information had to be transmissible across domains. This is now a specific draft criterion of the Personal Health Record, 4.02 by the Certification Commission for Health Information Technology. To translate into business process speak that we use in the Architecture, it has to be crosscutting. Why? Because vendor systems often are proprietary, and the ER system does not talk to another system in another department, thus requiring a great deal of integration. This is normal, but has to change, thus the requirement of interoperability, is introduced. In order to get interoperability you need at least two things, "open systems", and "standards". Then the software implementations of those two things have to demonstrate interoperability.
One has to have a fairly good tolerance for abstraction to make this work, because one has to take an object, and reuse that object in a number of different instances and use cases. And that is how you know that you modeled that object correctly, because it represents not an arbitrary way of doing something, or the way "It always has been done here at XYZ Hospital" perhaps with a very good reason based on how the systems have to talk with each other, but really because it has some intrinsic value as an object.
So the doctor will look upon certain people as his or her patient, but in the general context that person can be defined in more general terms that the health care professional can further define as a patient, but already exists in a way that is crosscutting across domains, and thus the identity data is interoperable.
Looking at PHR 05.01 we have Security identity Proofing, which provides the answer to the question is this person whom they claim to be? The level of Proofing can range from very simple, to very complex, and this is not really the role of the Directory, which can provide that answer that the information is consistent with the claim, and that the method of authentication is dependent of the needed level of assurance. X.509v3 certificates are backed by a CPS, or certificate policy statement, that will attest to something simple, like the domain name of the site you are visiting, or someone's personal credentials. The more elaborate checking that needs to be done is a policy issue, because the certificate issuer has to back the CPS with insurance in the case that the information is not correct.
If there a question regarding authenticity of data, one asks more questions, perhaps from multiple sources, perhaps drilling down, perhaps using a notary approach such as how Perspectives from CMU polls on how long a digital certificate has been visible on the net.
Moving on in the requirements (which leans heavily on material from the Markle Foundation, when in turn refers to the government E-Authentication initiative we have a series of classification of security tokens based on information from NIST).These are collectively referred to as E-Authentication Partnership (EAP) and E-Authentication Framework. As a root server operator, Cequs would be interested in the more stringent level 4 form of token, especially given the recent problems that have required DNSSEC in the DNS to meet the requirements of passing along information from Identity Proofers. This gives protection against
1. Online Guessing
2. Replay Attacks
3. Eavesdropper
4. Verifier Impersonation
5. Man in the Middle (MITM)
6. Session Hijacking
This is largely handled by the Directory software itself, and X.509v3, but an out of band hardware token may also be necessary to achieve the highest levels of assurance. Anything beyond a level 2 assurance for end users would probably be fairly expensive, so PHR requires a minimum level 2 assurance, or better.
It's not mentioned in the requirements, but something that I have researched indpendently is that there is a long term concern of medicine and pharmaceutical companies that feel that they have a limited supply of "blockbuster" drug general purpose compounds in the pipeline that tend to affect people roughly the same in clinical trials. As research begins to understand more about proteins and SNPs, based on massive sequencing efforts in bioinformatics, some very specific information is now available about potential problems that may occur to genetic defects that are specific an individual. While this information can not be legally shared with Insurance companies, to the best of my knowledge, it is not something that most people want to be made public. Of course there are exceptions, such as the brave volunteers of the Personal Genome Project.
Scientific advancements will lead to more targeted and personalized drugs (with the advantage of higher efficacy and fewer side effects) in the next 5-20 years. This also means that people may be at higher risk also, thus requiring higher security for participants in clinical trials, and from drugs which might aggravate a specific condition. People may be taking multiple forms of medication, and thus need to partner with their pharmacists and doctors to avoid problems.
Continue reading "Medical Privacy, The Specifics"
Calendar
|
|
|||||
| Mo | Tu | We | Th | Fr | Sa | Su |
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 | ||
