[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pmrm] Publically-Accessible Smart Grid Use Cases
Michael and all,The landlord/tenant use case is described in the Privacy Chapter of the NISTR document published last year. The NISTR privacy team focused on one/two use cases that had definite privacy issues associated with them so that the group might focus on highlighting the key issues. There was no actual formal use case from which we did our analysis, rather a description of the situation and an application of the FIPPs to the situation.I do agree that with this material, we have some solid starting points.Also, I have been reflecting on our call yesterday while making edits to the Methodology Template and have the following thoughts to offer up:1. First, Privacy by Design (PbD) has changed the name of the game, especially with it's principle #2: Privacy as the Default Setting. It is no longer just FIPPs, but FIPPS + PbD. These must be integrated into our Methodology Template http://www.ipc.on.ca/images/Resources/7foundationalprinciples.pdf2. Second, compliance is now much more than FIPPs, PbD and policy. It includes detail regulations, standards and industry best practices to at name a few.3. Third, the focus on accountability and enforcement is increasing globally4. Fourth, the PMRM analysis process will need to work at multiple levels. It will need to produce policy; guidelines; standards; controls, innovative designs and other privacy mechanisms. It also will also need to work for multiple environments, such as an organization, its vendors and sub-vendors; a government agency, it's sister agencies, other agencies and the public; and so on5. Fifth, as we have discussed, it is recursive6. Finally, it might be best to focus on testing out what was so eloquently produced, being careful not to revise the PMRM analysis process before testing it.That said, I offer up a set of charts recently developed by an intensive research and analysis process at Nymity in conjunction with its global customers and contributors, to define Demonstating Accountability, separate and apart from Understanding Compliance Criteria and Privacy Program Tools (attached)I am also going to finish the Methodology Template revisions, focusing on the observations above. The revisions will include
- upgrades to the Scope section to define the purpose, objective and deliverables of the PMRM Analysis (eg policy, controls, or privacy as a default design)
- a change to the title of 2, to Prepare for the PMRM Analysis Effort, as it will not necessarily be to begin with a set of Use Case(s)
- adding to section 2 the accumulation of the additional Compliance Criteria necessary carry out the PMRM Analysis Effort
- the very BOLD step of creating ONE recursive process that takes us directly into exercising the PMRM Analysis using the original ISPTA model, with the idea that perhaps Actors/Touch Points are in part one and the same type of thing and Policy and Controls are as well. Actors and Touch Point both 'touch' the data. They both do so using the Agreement. Perhaps the one key difference is that the recursive nature of the process might allow us to set aside some of the Actors/Touch Points for a recursive round. I do this because I think it is important to refine the model, embrace the terminology, establish synonyms that make it more useable and understand how to use it at multiple levels to produce different results.
I may be wrong about this so I welcome your thoughts.Meanwhile, enjoy the charts and if you have any feedback, please let me know.Best, Gail
--On Fri, Apr 15, 2011 at 10:14 AM, Michael Willett <mwillett@nc.rr.com> wrote:
Michele - wow!
That certainly is a LARGE set of Use Cases, sub-dividing
the Smart Grid domain into focused use cases.
Even better, the Use Cases are expressed in a formal "structure"
that explicitly provides the interactive 'requirements' needed
for input to the PMRM part (operational) of our Methodology.
Gail: You referred to the "landlord/tenant" Use Case?
I browsed the several use case categories, but did not see
one that sounded like that. Would it be a composite?
Or a transform of the given use cases?
The formal structure seems to provide a similar setup of the Smart Grid
use cases as does Scenario Diagrams that Dawn referenced for Emergency
Net: We seem to have the necessary prerequisites for proceeding
with either/both Smart Grid and/or Emergency Responder.
-----Original Message-----
From: micheledrgon@dataprobity.com [mailto:micheledrgon@dataprobity.com]
Sent: Thursday, April 14, 2011 7:28 PM
To: pmrm@lists.oasis-open.org
Cc: micheledrgon@dataprobity.com
Subject: [pmrm] Publically-Accessible Smart Grid Use Cases
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
Gail Ann Magnuson
Mobile: 1.704.232.5648
Residence: Chardon Ohio 44024
Mailing Address
11224 Mayfield Road
Chardon, OH 44024
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]