Comments on: Meta-Data?

By: Security Pros on Twitter (SPoT): David Mortman / @mortman – The Network View

Wed, 30 Sep 2009 19:21:37 +0000

[...] behind The New School of Information Security. Take a look at David’s most recent post titled Meta-Data? for a good read about the appropriate level of information that is required to have important [...]

By: Adam

Adam — Wed, 30 Sep 2009 05:06:07 +0000

My desire for data is pretty simple: I’d like to know what went wrong and what was being doing to try to prevent things from going wrong.

Note I said simple, not easy.

By: Jon Robinson

Jon Robinson — Tue, 29 Sep 2009 21:45:34 +0000

Ya, they say, “past performance is not guarantee…” acknowledging the induction problem, but we as consumers look at the upward sloping chart and assume it will always be so. I think that is poor decision making.

Please do post more about your thoughts on the modeling to inform on the current state…

About data requirements: I ask that because I always notice demands for data sharing. I’m just wondering if you plan on just looking at the data for patterns and assuming those will always hold (I don’t think that would be a good idea) or if you have started with some a priori axioms that dictate which type of data would yield the knowledge you seek. I guess I’m wondering what your methodology/epistemology is.

By: Russell

Russell — Tue, 29 Sep 2009 21:25:38 +0000

At the risk of appearing to be a nitpicker, there is a significant difference between the terms “aggregate data” and “metadata”.

Aggregate data are summary-level statistics (averages, sums, maximum, range, etc.) on the raw (source) data. All aggregates come from some calculation or information processing procedures (a.k.a. “models”).

In contrast, Metadata is data *about* the raw data regarding its context. Typically this includes tags such as “data type”, “format”, “confidentiality”, “date published”, “owner”, and so on. Metadata helps you make use of the data, to avoid misuse, and to maintain it.

It seems like David Mortman’s post is focused on “aggregate data” vs. “raw data”. I would second his motion for more transparent models.

By: David Mortman

David Mortman — Tue, 29 Sep 2009 17:21:08 +0000

Lots of great questions. We should totally document our demands. Induction is a problem unless it’s for cooking and you have magnetic pans, in which case it’s great. More seriously, we deal with this issue all the time in real life without too much trouble. Look at any stock or mutual fund prospectus. I’m becoming more and more convinced that modeling in general and risk mgmt in particular isn’t about predicting the future but rather about better informing on the current state of being. This is really the stuff of a proper post though…

By: Jon Robinson

Jon Robinson — Tue, 29 Sep 2009 15:53:34 +0000

Have you guys listed somewhere your data demands? If not what are they? What type of data do you require to tell the future? Once you have the data and you use it to fit a model, how to you solve the problem of induction. There is no reason the future will be anything like that which the data you collect indicates. (Or maybe there is but this is what has been on my mind lately).