Click here to close now.


@CloudExpo Authors: Carmen Gonzalez, Cloud Best Practices Network, Liz McMillan, Pat Romanski, Kevin Jackson

Related Topics: @CloudExpo, Agile Computing, Government Cloud

@CloudExpo: Blog Feed Post

Building Canada’s Cloud Identity Ecosystem

These various developments will enable all kinds of opportunities for service providers

With the government promising delivery of the long-awaited Digital Economy strategy by the year end, this prompts a review of what role the Cloud industry can play in this strategy.

This then further encourages us to identify what particular segments of the Cloud Computing industry we might specialize in, with a view to concentrating in areas where Canada has strength so that start-up ventures can be better focused towards niche opportunities.

Best practices – Cloud Privacy By Design

At the top of my list is the best practice known as ‘Cloud Privacy-By-Design‘, developed by the Privacy Commissioner of Ontario.

This is such a hot topic. As Andrea talks about in this earlier blog the mention of Cloud Computing is usually quickly followed by concerns about the USA`s Patriot Act. Fears are that as soon as you upload your data to the Cloud the American Government will be free to access and spy on it.

Therefore as the name suggests Cloud Privacy-By-Design offers a best practice framework to enable private as well as public sector organizations to safely use Cloud services with these concerns in mind.

Given how few have yet to actually make this move it`s therefore going to be a huge global growth area for new consulting skills, and it demonstrates how the Government can play a role in creating these best practice assets as a means of stimulating and supporting economic growth this way.

The team at the OPC office kindly sent me a number of new updates to these best practice materials:

  • International Working Group on Data Protection in Telecommunications (IWGDPT) April 2012: Working Paper on Cloud Computing – PDF file
  • EC Article 29 Working Party July 2012: Opinion of the European Commission Article 29 WP on cloud computing – attached – PDF file
  • Office of the Information and Privacy Commissioner of British Columbia: Cloud Computing Guidelines for Public Bodies – PDF file

The Cloud Identity Ecosystem – Framework for ‘Personal Clouds’

The sheer mammoth scale of this market opportunity is expanded even further when we consider the broader development of what the USA Government has defined as the ‘Identity Ecosystem‘.

This could also be thought of as the ‘Privacy Web’, as this ecosystem is fundamentally a set of controls to be distributed throughout the many different systems where Identity related data about you is stored.

So far we have mainly approached the Cloud in terms of it being an environment to host and run virtualized applications, but as the above concerns highlight we also think of it as a universal data network too.

This ecosystem is explained in this report from the World Economic Forum – Personal Data : The Emergence of a New Asset Class (40-page PDF), and where this overlaps with Cloud Computing it’s called ‘Personal Clouds’.

This refers to the ‘Personal Data Stores’ of information we store about ourselves with different online providers, from email through to social networks and photo stores. As well as the Cloud storing the files and data, there will also be protocols and standards for linking these ‘fragments’ together into one holistic digital persona.

Venture Acceleration

This expertise and focus helps us to more effectively fast-track new start-ups. These requirements and best practices set the context for the new technology that is needed.

For example vendors like Perspecsys provide on-premise devices that encrypts information before uploading it to Cloud services like The Ontario Privacy Commissioner describes:

PerspecSys’ cloud solution advances the essential principles of Privacy by Design -privacy by default, end-to-end security, and strong accountability- by enabling enterprises to automatically encrypt (decrypt) data locally and on-the-fly when using third-party cloud service applications, with no loss of functionality. Maintaining control over encryption and decryption processes is an excellent approach to safeguarding personal data, regardless of where the data resides. – Ann Cavoukian, Ph.D. Information and Privacy Commissioner of Ontario, Canada

The value of this technology is immediately apparent to the industry giants like, who have already bought up a similar vendor to enable their Data Residency Option service.

Open standards are also key to this acceleration. This ecosystem will take many years to fully evolve and includes core building blocks such as OAuth which enables “Social Sign-on”, a means of joining up web sites via usernames and passwords, that vendors like Janrain cater for.

It then extends from here right through to a sophisticated ‘dataweb’ where these foundations facilitiate sharing of all kinds of personal data. Frameworks for enabling and managing this data flow include the Kantara Initiative UMA program, and the OASIS XDI protocol, which provide the mechanisms for sharing the Privacy controls.

As explained in this research, and this Open Identity Exchange presentation, Kantara and UMA builds on core Identity building blocks like OpenID Connect to facilitate Identity-enabled secure data sharing between remote systems, facilitating the Personal Identity Ecosystem.

This presentation explains these core mechanics, and this one maps it to Government Privacy policies.

We’re continuing the process of developing a new Kantara Initiative working group, which will build a program called ‘Kantara Cloud Identity and Security best practices’.


These various developments will enable all kinds of opportunities for service providers, ranging from simply managing the authentication process as a service, like Verizon, through to “data as a service”, where banks, utilities and other key organizations provide data for online real-time web services.

As well as general purpose file sharing this Personal Cloud ecosystem will evolve to cater for various industry-specific functions, like a ‘Personal Cloud EMR’ – Electronic Medical Record.

This is what players like ZenVault can offer. ZenVault is a downloadable app that allows you to personally hold and control your own EMR, and provide it to doctors as and when needed. Personal Cloud services, in combination with dataweb control mechanisms, will make the ideal combination possible – Very easy sharing of information between patients, GPs and other key process stakeholders, but in an entirely secure and controlled manner.

In combination these provide the foundations for a plethora of new ventures, and we will help entrepreneurs launch and fast-track these businesses.

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@CloudExpo Stories
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi's VP Business Development and Engineering, will explore the IoT cloud-based platform technologies driv...
SYS-CON Events announced today that Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, will keynote at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. Migration to cloud shifts computing resources from your data center, which can yield significant advantages provided that the cloud vendor an offer enterprise-grade quality for your application.
Developing software for the Internet of Things (IoT) comes with its own set of challenges. Security, privacy, and unified standards are a few key issues. In addition, each IoT product is comprised of at least three separate application components: the software embedded in the device, the backend big-data service, and the mobile application for the end user's controls. Each component is developed by a different team, using different technologies and practices, and deployed to a different stack/...
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
SYS-CON Events announced today that Machkey International Company will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Machkey provides advanced connectivity solutions for just about everyone. Businesses or individuals, Machkey is dedicated to provide high-quality and cost-effective products to meet all your needs.
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively.
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and li...
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Achim Weiss is Chief Executive Officer and co-founder of ProfitBricks. In 1995, he broke off his studies to co-found the web hosting company "Schlund+Partner." The company "Schlund+Partner" later became the 1&1 web hosting product line. From 1995 to 2008, he was the technical director for several important projects: the largest web hosting platform in the world, the second largest DSL platform, a video on-demand delivery network, the largest eMail backend in Europe, and a universal billing syste...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC converts the entire network into a ubiquitous communications cloud thereby connecting anytime, anywhere through any point. In his session at WebRTC Summit,, Mark Castleman, EIR at Bell Labs and Head of Future X Labs, will discuss how the transformational nature of communications is achieved through the democratizing force of WebRTC. WebRTC is doing for voice what HTML did for web content.
The IoT is upon us, but today’s databases, built on 30-year-old math, require multiple platforms to create a single solution. Data demands of the IoT require Big Data systems that can handle ingest, transactions and analytics concurrently adapting to varied situations as they occur, with speed at scale. In his session at @ThingsExpo, Chad Jones, chief strategy officer at Deep Information Sciences, will look differently at IoT data so enterprises can fully leverage their IoT potential. He’ll sha...
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
The modern software development landscape consists of best practices and tools that allow teams to deliver software in a near-continuous manner. By adopting a culture of automation, measurement and sharing, the time to ship code has been greatly reduced, allowing for shorter release cycles and quicker feedback from customers and users. Still, with all of these tools and methods, how can teams stay on top of what is taking place across their infrastructure and codebase? Hopping between services a...
As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ability. Many are unable to effectively engage and inspire, creating forward momentum in the direction of desired change. Renowned for its approach to leadership and emphasis on their people, organizations increasingly look to our military for insight into these challenges.
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
DevOps and Continuous Delivery software provider XebiaLabs has announced it has been selected to join the Amazon Web Services (AWS) DevOps Competency partner program. The program is designed to highlight software vendors like XebiaLabs who have demonstrated technical expertise and proven customer success in DevOps and specialized solution areas like Continuous Delivery. DevOps Competency Partners provide solutions to, or have deep experience working with AWS users and other businesses to help t...
Nowadays, a large number of sensors and devices are connected to the network. Leading-edge IoT technologies integrate various types of sensor data to create a new value for several business decision scenarios. The transparent cloud is a model of a new IoT emergence service platform. Many service providers store and access various types of sensor data in order to create and find out new business values by integrating such data.