Wednesday, July 29, 2009



My Son Eric received his very first plaque for his outstanding work at Time Warner.

I am very proud of him.

Thursday, July 23, 2009



Designed this for GHN - Good Health Network, Inc.

Good Health Network (GHN) and the GHN Security Service is a socially responsible healthcare technology company focusing on patient/consumer privacy and confidentially by protecting their electronic personal health data. GHN provides both an identity management service and a Personal Health Record (PHR) program.

GHN is a Credentials Service Provider (CSP) that empowers individuals with their digital identity by allowing one to electronically document their confidential information and to securely share data such as protected health information or financial records with others via the Internet.

GHN is a CA or Certification Authority with a specific focus on healthcare. A CA is defined as a trusted entity that issues and/or revokes any public key certificate which is a digital file issued and digitally signed by the private key of a certification authority that binds the user name to a public key. The user is identified in the certificate as the one who has sole control and access to the private key.

As noted above GHN verifies an individual’s identity through an electronic authentication process known as e-Authentication. This process establishes a confidence level in a user’s identity when used over the internet. The e-Authentication process presents a variety of technical challenges in verifying one’s identity over a network. In order to establish a strong ID management process GHN embraces and follows the Electronic Authentication Guideline for federal agencies, NIST Special Publication 800-63 Version 1.0.2 . This guideline, published by NIST, establishes four assurance levels with Level 1 being the lowest and Level 4 being the highest

GHN functions as a CSP and is considered a trusted entity that issues electronic credentials and/or tokens to subscribers. Individuals who elect to enroll in the service undergo an identity proofing process in which their identity is first validated and then bound to an authentication certificate. The certificate is embodied into a token that the user either has (token) or controls with secret information such as a password which when used authenticates their identity.

Privacy - protecting the personal information from unauthorized use or intrusion.

Security - specifically addresses procedures and functions of how PHI is managed, shared, protected and stored in an electronic environment.

Confidentiality - a process by which personal information is kept private. In doing so, controlled access to protected health information is not available or disclosed to unauthorized persons. The information stored on a system is protected against unintended or unauthorized access.

Authentication - the process of determining whether someone or something is, in fact, who or what it is declared to be. Most systems have a unique verification process using biometrics and multi-factor credentials for validating an individual’s digital identity. e-Authentication is the same process over the Internet.

Identity proofing - a process used by a registration authority to validate sufficient information to uniquely identify a person ((FIPS 201and Real ID).

Tuesday, July 21, 2009

In case you have not heard, Amazon was forced to recall two eBooks that it had sold via its web site for use on the Kindle eBook Reader that Amazon developed, markets and supports. Amazon WhisperNet is the wirelss distibution method they use to send and authorize eBooks, so when people logged into Amazon, these two books were simply removed (deleted at the Amazon server) - which meant they were then removed and deleted from the users Kindle account.

This has cause a HUGE uproar with Knidle users, many of them very very upset.

I personally believe that Amazon would have done this without being forced to. I still can't understand the vile and hatred. The two books that this effected were by George Orwell - Animal Farm (published in 1945) and 1984 (published in 1949) are a hardly new books, but very popular and not yet in the public domain, so the publisher still retains copyright in the USA where Amazon/Kindle does business.

One can purchase either of these books almost anywhere used for 10 cents. This recall was not about money, as they were sold for .99 cents - it was not about control, as they are a distributor - it was about their publishing partner Penguin telling them that Penguin own the rights, and that Penguin did not provide the rights to Amazon to distribute these as an eBook, and asked their distribution partner Amazon to please fix this mistake.

Think of this from another perspective - J K Rowling would never ever ever release a Harry Potter book in eBook format if Amazon had no method to recall an unauthorized copy.

Amazon made a mistake, but had a system clever enough to fix it. Authors, artists, musicians, Electronic Game designers, movie makes and any digital publisher are protected using this approach. The same is NOT true with Apple iTunes, BTW.

This was an very interesting a public demonstration of a superior technology. And you probably hated it. And yes, people whom have created things that are digital and have had them pirated and in awe going "wow, that was ugly, but it WORKED!"

People are thieves. Personally - I have no problem with these sort of hiccups. No one lost an eye or a limb. If you really really need an eBook from Orwell, it can be had unfortunately or fortunately, and that attitude would vary largely on if you are on the copyright protection team at Penguin Publishing or not.

But TRUST me on this one, Amazon made no money and had NOTHING to gain by doing this except prove it was a reliable partner for eBook distribution.

That's all I have to say about that.

I will update this blog post if it turns out that my take on this is incorrect.