About the Standards Blog
NISO Publishes Standards Tag Suite (NISO STS) StandardPress Release
NISO.org –October 10, 2017 - The National Information Standards Organization (NISO) announces the publication of a new American National Standard, STS: Standards Tag Suite, ANSI/NISO Z39.102-2017. The purpose of this "standard for standards," which will be known as NISO STS, is to define a suite of XML elements and attributes that describes the full-text content and metadata of standards. NISO STS provides a common format that preserves intellectual content of standards independent of the form in which that content was originally delivered.
This standard includes two implementations: the Interchange Tag Set and the Extended Tag Set. These tag sets, built from the elements and attributes defined in the Suite, provide models for standards publishing and interoperability. NISO STS builds upon the existing, widely used standard for journal publishers, ANSI/NISO Z39.96-2015, JATS: Journal Article Tag Suite, and a variant of JATS, ISOSTS, the International Organization for Standardization's (ISO) version of STS created in 2011. NISO STS has benefited from this robust foundation and broad industry expertise... Full StoryBrowsers Will Store Credit Card Details Similar to How They Save PasswordsCatalin Cimpanu
Bleeping Computer –October 9, 2017 - A new W3C standard is slowly creeping into current browser implementations, a standard that will simplify the way people make payments online.
Called the Payment Request API, this new standard relies on users entering and storing payment card details inside browsers, just like they currently do with passwords.
Websites will be able to use the standard to create one-click buttons that allow the user to buy a product without entering his payment details on each and every site on the Internet...
Under the hood, the Payment Request API works by providing a vendor-agnostic system for handling financial transactions.
When a user places an order, the website makes an API call to the user's browser, forwarding details about the order. The browser then takes over, prompting the user with a popup, asking for card details (if none exist) and a delivery/shipping address that is also stored in the browser's autofill section.
With these details selected, the browser â€” and not the website â€” contacts the user's payment handler, which can be Visa, Mastercard, or any of the other major credit card providers.
Once the payment has gone through, the browser sends back a response to the website, which records the transaction and moves forward with shipping the product, knowing that money is already in its bank account... Full StoryThe U.S. Senate just took the next step to creating a national standard for testing and deploying self-driving carsJohana Bhuiyan
ReCode –October 5, 2017 - The Senate Commerce Committee just took the next step in creating what could be the new national standard for the testing and deployment of self-driving cars...The bipartisan bill would establish nation-wide regulations for how companies like Uber, Tesla, Lyft, GM and others safely and legally test and then roll out their self-driving cars on public roads...Both bills would preclude states from passing any laws that would or would attempt to regulate how self-driving cars perform. State lawmakers would instead continue in their role of licensing drivers, law enforcement, crash investigations and more... Full StorySenator calls on voting machine makers to detail how theyâ€™ll prevent hacksTaylor Hatmaker
Tech Crunch –October 4, 2017 - One of the Senateâ€™s main cybersecurity proponents wants assurances that voting systems in the U.S. are ready for their next major threat and heâ€™s going straight to the hardware makers to get it. In a letter, Oregon Senator Ron Wyden â€” an outspoken member of the Senate Intelligence Committee â€” called on six of the main voting machine manufacturers in the U.S. to provide details about their cybersecurity efforts to date. The request comes on the heels of emerging details around Russiaâ€™s successful attempts to hack election systems in many states...last month the state of Virginia decertified some of its machines, moving its statewide standard to more secure voting machines that keep a paper tally of votes â€” a step the stateâ€™s board of elections undertook on its own. In January, the Department of Homeland Security added â€œstorage facilities, polling places, and centralized vote tabulations locationsâ€ in addition to voter databases and voting machines to a national list of critical infrastructure, making it easier for states to expedite requests for federal cybersecurity aid for their election systems... Full StoryIoT Cybersecurity Improvement Act of 2017: The pros and cons from a hacker
IoT Agenda –October 1, 2017 - ...The sponsors of the bill should be applauded for trying to tackle the security problems that the internet faces due to many of our internet-connected devices. They recognize that a problem exists and seek to rectify the problem with laws that address this situation.
There are obvious limitations and exceptions, but no other legislation comes close to trying to increase the security posture of such devices that we are aware of....While there are shortcomings to the bill, we feel that it is a step in the right direction. It is the first bill that we know of to address internet-facing devices specifically. It also addresses some shortcomings of the CFAA and DMCA in terms of bona fide research... Full StoryIAB Tech Lab investigates blockchain's potential with new working groupPeter Adams
Marketing Drive –September 28, 2017 - IAB Tech Lab has launched a Blockchain Working Group to investigate different applications of blockchain technology and establish standards and best practices for the digital advertising industry, according to a company blog post. As part of the project, IAB Tech Lab will solicit feedback from different industry players as it does for other successful initiatives like its Content Taxonomy Standards... Full StoryThe architecture for sharing tokens across blockchains promises tractionAndrew Silver
The Register –September 27, 2017 - In April, the Cosmos project raised about $17m in half an hour on the promise to someday let users freely share tokens among Bitcoin, Ethereum and other popular blockchain protocols...One of the problems with blockchain platforms is that there are so many â€“ from JP Morgan's finance-focused Quorum to The Linux Foundation's Hyperledger Fabric. As the wars for dominance are still young, it's not clear yet how many players will stick around, Jacob Eberhardt, a computer science PhD student at Technical University of Berlin in Germany studying Blockchain, told The Register.
Some developers are trying to find ways to join separate blockchain pieces so you'd be able to flow relatively freely from one to the other...The idea is that there would be a central hub that manages the transfer of tokens between two different protocols, such as Bitcoin and Ethereum... Full StoryDeveloping standards key to success of blockchainBrian Straight
Freight Waves –September 26, 2017 - ...Blockchain has taken center stage in 2017...[but] the extent to which this new technology realizes its potential will depend in substantial part upon how well stakeholders steward its development...there remain important open governance questions regarding both the functioning of the technology and its current and potential applications...While the blockchain itself operates as a peer-to-peer decentralized database with no single owner of any chain, standards need to be created... Full StoryNewly Launched 'Trusted IoT Alliance' Unites the Industry to Further a Blockchain-based InternetPress Release
Trusted IoT Alliance –September 26, 2017 - Bosch, BNY Mellon, Cisco, Gemalto, U.S. Bank along with Bitse, Chronicled, ConsenSys, Ledger, Skuchain, Slock.it, HCM International of Foxconn Group, IOTA, Oaken Innovations, Qtum, Chain of Things, Big Chain DB announced the official launch of the Trusted IoT Alliance, a group of companies united to catalyze the development of a blockchain-enabled, trusted Internet of Things (IoT). The mission of the Trusted IoT Alliance is to bring companies together to develop and set the standard for an open source blockchain protocol to support IoT technology in major industries worldwide.
The Alliance offers an inclusive membership model and annual events to connect Fortune 5000 enterprises, software developers, and blockchain technology companies. Its membership is focused on 'working together to advance IoT and blockchain' by leading pilots, publishing open source code, and coordinating standards and reference architecture. Members of the group have already published a common API to register 'things' to both Hyperledger and Enterprise Ethereum blockchain networks. The Alliance plans to fund small grants to support open source development and is reviewing proposals from IoT and blockchain technologists...
Secure Standardization Efforts Slowly Emerging for Fragmented IoT EcosystemPress Release
...For more than a decade, enterprise technology companies have worked to develop standards for IoT security, interoperability, scalability, and identity. Proprietary technology and competing interests made a truly open network difficult to develop. Open source is widely recognized as the solution to the development of robust IoT standards. However, organizing consortia between major industry players is complex. The Trusted IoT Alliance is a solution to both technological standards and the problem of collaboration between Fortune 5000 and startup companies.
The Alliance will house intellectual property and open-source tools and standards that support trusted digital identities for IoT-connected products. These tools and standards will allow enterprises to represent physical world "things" and "event logs" on a decentralized blockchain system.
The goal of the Alliance is the creation of a trusted IoT ecosystem that links cryptographic and registrant identities, along with metadata, to give objects the equivalent of digital, transferable "birth certificates," that can be inventoried and managed across blockchain networks.
An object or "thing" could be an internet-connected machine or product, ranging from a car to a drone, package, sneaker, lithium-ion battery, or energy meter. On top of this trusted IoT platform, the group sees potential to automate business logic through smart contracts and building a thriving Machine-2-Machine economy.
The Alliance is blockchain agnostic and will support integration across any open source enterprise blockchain or distributed ledger technology platform that has potential to become a backend for widespread commercial and industrial adoption. The Alliance aims to foster interoperability and interworking across blockchain platforms, applications, and in doing so remove barriers to broad scale adoption of blockchain technology... Full Story
ABI Research –September 25, 2017 - The IoT represents a game-changing technological breakthrough. ABI Research forecasts 48.8 billion connected devices globally by 2021. But the ecosystem is volatile, fractured, and experimental. As such, it is highly vulnerable to cyberthreats..."Standards can and will play a significant role in enabling this trust. Security standards specifically can provide a foundation for building robust and trusted IoT devices, both from a digital and a physical security perspective."...[S]ecurity standardization will take some time, but these efforts are being underpinned by a dynamic drive to develop specifications, reference architectures and other technical frameworks to address compatibility and interoperability...These efforts are advanced by a host of public and private sector players, industry coalitions and alliances, and international organizations and standardization bodies, under the auspices of working groups, technical committees, and task forces, including (but not limited to) Global Platform, ISA, IETF, OCF, OMG, oneM2M, OMA, TCG, NIST, ETSI, AIOTI, CSA, CSCC, Eclipse Foundation, GSMA, IIC, IoTSF, Linux Foundation, OTA, and the prpl Foundation, among many others...
Guidelines and standards development in the IoT security space are critical to supporting trust in the IoT, and stakeholders will benefit significantly from engaging in such efforts as they may profoundly shape the IoT ecosystem for years to come. Full Story