Click photo for larger image
Information Security Architect, NASA
Q: How long have you been involved with The Open Group?
It is has been nearly 10 years since I attended my first meeting at The Open Group. My participation was originally on behalf of the SEWP (Solutions for Enterprise-Wide Procurement) program of NASA. Later, my participation was through the NASA ICAM (Identity, Credential, and Access Management) program, and it is now somewhat through both programs.
Q: Why did you become a member, and what does your involvement look like?
For many years before becoming a member, I was aware of all the significant work on UNIX® system specifications and interoperability that had been done by The Open Group.
My membership has been focused on security, primarily through participation in The Open Group Security Forum. I am usually active during the two or three days dedicated to security topics during The Open Group’s Conferences. During these sessions, the Security Forum usually covers a wide variety of security topics, issues, and briefings, and the discussions are often terribly interesting in themselves!
Q: How has membership in The Open Group benefited you, your organization and the industry at large?
NASA has incorporated significant solutions, primarily at a security architecture level, that are at least partly as a result of my membership. In terms of industry, vendors have brought forth new products and solutions to the Security Forum. Minimally, through participation in the Forum, vendors will be reminded that security cannot be bolted on. I hope that through feedback from the Forum, we have caused improvement in the security posture of products with security focus early in the planning and design phase.
Q: What contributions to The Open Group are you most proud of?
That is a good question for me. Unlike many other members of The Open Group who have championed, chaperoned or promoted significant standards, position papers, or whitepapers, I have not yet done this. As a customer, I have not had reason to bring focus to a particular issue or standard thus far. But as a customer member, I think this may be natural. The contributions I have made, I think, are more about attempting to give good input towards product requirements and reinforcing adherence to traditional security architectures. For NASA and the U.S. Federal Government, there are some significant security features in major products due at least in part to conversations that I have had through relationships with members of The Open Group.
Q: Why is it important for other organizations to join The Open Group?
Most organizations are now invested in Enterprise Architecture practices. TOGAF® and the Architecture Development Method are strong suits for The Open Group. The Open Group is the breeding ground for very significant industry-wide efforts. The Forums of The Open Group offer networking opportunities and avenues to work towards industry-wide adoption of solutions that will benefit your organization. For example, the number of major companies working towards adoption of standards around The Open Group Trusted Technology Framework — which is recommending methodologies for providing safety and integrity in the global supply chain — is a good example of one of these Forums. It is great to see the widespread interest and energy of this important effort.
Q: What are your hobbies?
I have been jogging fairly regularly for many years — albeit jogging incredibly short distances!
Since personal computers became available in the early 80’s, I have invested a fair amount of time into building my own devices. For the past year, Solid State Drives (SSDs) have been great techno toys to play with — I highly recommend them for your PCs!
I also like reading about NASA history—particularly during the Apollo period. So much great engineering happened during those years. The application of general-purpose computers and general-purpose operating systems to real-time solutions, like so much else of those days, was novel at that time. The demand for miniaturization of processors, displays, and memory for on-board systems had such a significant impact on our industry. I still keep a copy of the IBM System 360 “Principles of Operation” on my bookshelf to remind me of where I came from/where we came from.
Last year, I was able to take a course on NASA history from Andrew Chaikin, author of the great and popular book A Man on the Moon, which was an extremely rewarding experience.
Q: What book are you currently reading?
I really like Anthony Bourdain’s TV travelogues. I just finished his book Medium Raw. Anthony is an ex-chef, so the book is mainly about food, and the language can be a bit raw, but he is always interesting and entertaining.
Q: Any last thoughts?
I think that the mass popularity of mobile devices and the demand for availability of organizational data on these devices is now the security challenge of our times. What security tradeoffs must we make? What tradeoffs should we make?
About Dennis Taylor
Dennis Taylor is an Information Security Architect. He is a technologist with more than 30 years experience in nearly all facets of information technology. Most recently Dennis has been involved with the architecture and engineering of NASA's Identity, Credential, and Access Management (ICAM) program. Centralization to a single identity management system with a distributed directory structure and access management system across all NASA Centers has greatly increased collaborative opportunities and improved the user experience for the mobile work force, while meeting Federal compliance mandates.
His prior NASA experience was as Director of the NASA SEWP Security Center. Dennis led security research efforts for a team investigating a wide range of security topics, ranging from machine integrity attestation to identity management. Dennis has also been the Chief Architect for the NASA Goddard Space Flight Center IT outsourcing contractor.
Dennis worked for nearly 10 years in health care information technology--involved with rapidly increasing demands of information flow from mainframe to minicomputers and distributed Unix systems.
Dennis's initial IT career was as an IBM mainframe system programmer. He greatly enjoyed developing, as part of a team with two others, an original operating system for this environment.
Dennis is a CISSP. He has a number of vendor certifications, and is a GIAC GPEN. Dennis has an undergraduate degree in Computer Science from the University of Maryland.