September 2013

The US Department of Commerce's National Institute of Standards and Technology (NIST) announced more than $7 million in grants to support the National Strategy for Trusted Identities in Cyberspace (NSTIC). The funding will enable five US organizations to develop pilot identity protection and verification systems that offer consumers more privacy, security and convenience online. These new pilots build on the successful launch of five NSTIC pilots awarded in 2012.

The grantees include the following:

• Exponent (CA): $1,589,400 -- The Exponent pilot will issue secure, easy-to-use and privacy-enhancing credentials to users to help secure applications and networks at a leading social media company, a health care organization and the U.S. Department of Defense. Exponent and partners Gemalto and HID Global will deploy two types of identity verification: the use of mobile devices that leverage so-called "derived credentials" stored in the device's SIM card and secure wearable devices, such as rings and bracelets. Solutions will be built upon standards, ensuring an interoperable system that can be easily adopted by a wide variety of organizations and companies.
• Georgia Tech Research Corporation (GTRC) (GA): $1,720,723 -- The GTRC pilot will develop and demonstrate a "Trustmark Framework" that seeks to improve trust, interoperability and privacy within the Identity Ecosystem. Trustmarks are a badge, image or logo displayed on a website to indicate that the website business has been shown to be trustworthy by the issuing organization. Defining trustmarks for specific sets of policies will allow website owners, trust framework providers and individual Internet users to more easily understand the technical, business, security and privacy requirements and policies of the websites with which they interact or do business.
• Privacy Vaults Online, Inc. (PRIVO) (VA): $1,611,349 -- Children represent a unique challenge when it comes to online identity. Parents need better tools to ensure safe family use of the Internet, while online service providers need to comply with the requirements of the Children's Online Privacy Protection Act (COPPA) when they deal with minors under the age of 13. PRIVO will pilot a solution that provides families with COPPA-compliant, secure, privacy-enhancing credentials that will enable parents and guardians to authorize their children to interact with online services in a more privacy-enhancing and usable way. Project partners, including one of the country's largest online content providers and one of the world's largest toy companies, will benefit from a streamlined consent process while simplifying their legal obligations regarding the collection and storage of children's data.
• ID.me, Inc. (VA): $1,204,957 -- ID.me, Inc.'s Troop ID will develop and pilot trusted identity solutions that will allow military families to access sensitive information online from government agencies, financial institutions and health care organizations in a more privacy-enhancing, secure and efficient manner. Troop ID lets America's service members, veterans, and their families verify their military affiliation online across a network of organizations that provides discounts and benefits in recognition of their service. Today, more than 200,000 veterans and service members use Troop ID to access benefits online. As part of its pilot, Troop ID will enhance its current identity solution to obtain certification at Level of Assurance 3 from the U.S. General Services Administration's Trust Framework Providers program, enabling Troop ID credential holders to use their solution not only at private-sector sites, but also when interacting online with U.S. government agencies through the recently announced Federal Cloud Credential Exchange (FCCX). Key project partners include federal government agencies and a leading financial institution serving the nation's military community and its families.
• Transglobal Secure Collaboration Participation, Inc. (TSCP) (VA): $1,264,074 -- The TSCP pilot will deploy trusted credentials to conduct secure business-to-business, government-to-business and retail transactions for small and medium-sized businesses and financial services companies, including Fidelity Investments and Chicago Mercantile Exchange. As part of this pilot, employees of participating businesses will be able to use their existing credentials to securely log into retirement accounts at brokerages, rather than having to obtain a new credential. Key to enabling these cross-sector transactions will be TSCP's development of an open source, technology-neutral Trust Framework Development Guidance document that can provide a foundation for future cross-sector interoperability of online credentials.

Miranda Henely spends four hours in front of the television every day -- yet she doesn’t spend a dime on cable or satellite programming. Henely, 23, instead watches shows and movies streamed from Netflix, Amazon or directly from broadcasters’ websites, using a computer hooked up to the TV in her home. She’s known in industry parlance as a cord never, meaning she hasn’t ever subscribed to pay TV: channels from a cable company, such as Comcast, or a satellite provider like DirecTV, or phone companies -- and she doesn’t ever intend to. Henely is part of a generation of technology-savvy, budget-conscious consumers who are taking advantage of the availability of high-speed Internet connections and the proliferation of smartphones, tablets, lower-cost TVs and other gadgets that make it easy to consume downloadable shows in a snap. T

he shift in viewing habits is putting pressure on cable, satellite and phone companies by pinching subscriber numbers, which may have a knock-on effect on revenue growth. The impact on the $80 billion pay-TV industry is already being felt, with 2013 on pace to be the first year ever that total U.S. Pay-TV subscriptions will decline, falling to 100.8 million from 100.9 million last year, according to researcher IHS.

A fundamental shift from data to content has actually changed the infrastructure of the Internet -- and the change isn’t over yet.

That’s the view of Craig Labovitz, cofounder of DeepField. And if anyone should know about the “plumbing” of the Internet’s core, it’s Labovitz; he’s studied it for more than 15 years. Through 2008, Labovitz says, the “core” of the Internet meant 10 to 15 companies handling the long haul backbones. They incurred most of the cost for the core at that time, but provided most of the value and delivered the majority of Internet data. That started to change in 2006, however, thanks to an explosion of content. “By 2010 Google went from 1 percent of traffic to 6 percent due to the YouTube purchase,” he noted, requiring changes to the core: Content shifted to data centers, which required massive investments. In 2009, about 150 companies accounted for 50 percent or more of Internet traffic. By 2013, just 50 companies deliver more than half of all Internet traffic, and they do so using a smaller number of data centers and Content Delivery Networks.

As users have become both more aware and wary of cookies — the technology that tracks browsing activity for advertising purposes — Google has started experimenting with new tracking methods that don't use cookies. But how might that work?

Google did not clarify the exact technology it was working on. "We and others have a number of concepts in this area, but they're all at very early stages," a spokesperson said. One of those "concepts" includes fingerprinting, a technique that "allows a web site to look at the characteristics of a computer such as what plugins and software you have installed, the size of the screen, the time zone, fonts and other features of any particular machine.”