Thursday, December 27, 2007

A Cellular Service company's SOA implementation

A leading Cellular network company in Israel, Partner Communications Company Ltd., provider of the Orange network in Israel, presented its SOA implementation in December 26th meeting of the SOA Forum of the Israeli Association of Information Processing.
I am moderating the forum since its imitation on March 2005. The forum meetings take place once in a month. The forum is opened for anyone involved or interested in SOA activities. Most of the meetings included presentations and discussions. The 16th meeting was exceptional: experts' panel on SOA Governance.

The presenter was Iddo Rachlewski (Infrastructure Applications Development Manager). Aharon Winder Partner's CTO, who joined us, answered the toughest questions asked by forum members.

Background
The Telecom service industry business model and technological infrastructure is changing due to Web based IP phone services, Wireless & Cellular communication and the need to transfer new types of data in addition to voice.
The trends may be summarized in the following highlights:


The traditional Telco services are the leading candidates for reduced revenues. , as result of this threat they are forced to innovate. SOA is a key innovation enabler.
The new Telco companies (e.g. cellular services companies) are relatively new companies therefore their computing environments are relatively new so the technical difficulties of SOA transformation are less severe in comparison to Banks, Insurance Companies and the traditional Telcom services providers. These companies should innovate and work more efficiently due to the increasing competition.
No wonder that Telephone suppliers sector is one of the leaders in SOA implementation including some successful implementations (e.g. Verizon, Sprint-Nextel).

Partner's Service Bus Implementation

Partner's implementation is named Information framework (IF).
It is a Service Bus. The SOA implementation includes other complementary components.

The following bullets highlight the key elements describing the Service Bus:

  • Current version is based upon Tibco's EMS (JMS/RV) components with proprietary services developed in-house.

  • The IF is an evolving framework. Current version is 5.1 in production since April 2006. The first version was entirely proprietary and originated in 2001.

  • Approximately 400 services are using the IF

  • The Bus supports Synchronous interaction (Send-Receive) and Asynchronous interaction (Send and afterwards Receive). Most of the interactions are Synchronous. Asynchronous services are used for multiple requests.

Service Bus Architecture
The following image, included in the presentation depicts the Enterprise Service Bus (ESB) architecture








  • Every application (in-house Legacy applications, Oracle ERP, Oracle's Seibel CRM, Billing, oracle's Vantive, etc.) could consume and provide services via the Service Bus.


  • Consumers interface is by proprietary Wrappers. For each service there is dedicated wrapper written in the same technology as the service (Java, DotNet's C#, COM, C, PL/SQL) Tibco BusinessWorks is also a Service provider and Service Consumer. A Wrapper is a collection of code libraries. An encrypted configuration file is also included in each Wrapper. The configuration file identifies the consumer.

  • A SOAP interface and HTTP interface were added for standard based integration. Currently it is used by Application Packages using technologies for which no wrapper exists.

  • The internal architecture of IF includes "Application Server", DB Server and Management Server.

  • The DB Server includes two Oracle DB Engines. A proprietary mechanism is used for updating and synchronizing both databases. Oracle RAC was not an option when IF implemented due to unavailability or immaturity.

  • The internal architecture of the "Application Server" includes: Service Broker (SRB), Dynamic Service Interface (DSI) and a Token Manager (TM).
    Service Broker is responsible for registering service consumer requests, parsing inbound and outgoing parameters (if needed).
    SRB transfers the request to DSI. A limited prioritization is achieved by deciding which DSI instance will take care of the Consumer request, based on Encrypted Configuration file identifying the Consumer.
    DSI pass the request to the Service Provider.
    The TM is responsible for workload control. In case of no available token the Consumer request waits until another Consumer request release its token upon completion.

  • Management Server Components: Monitoring (Performance, Response Time, Load partially monitored by Tibco and in-house developed components and the information is passed to HP OpenView), Administration (e.g. defining new service), Statistics (by a Dashboard of Microsoft SQL Server 2005) and Logging (e.g. errors recording) connected to the company's central Log.
  • Multiple instances of each component are Deployed in order to avoid Single Point of Failure and for Workload Balancing (additional instances invoking or suspension of instances is dynamic, with no need to stopping IF).

  • Multiple Logical TEST environments are invoked in one Physical TEST environment by assigning different Configuration Files to different DSIs

  • Transferring definitions from TEST environment to Production environment is by pressing single key.


    Other Components
  • The process of defining new Service or changing a Service is based on a form filled by the applicant and approved by IF Administrator. It is possible to define relations between entities.
    The form is inserted in a company wide repository for asset management build in Visual Basic and Oracle database.

  • Run Time Service definitions are part of IF. It is an application developed in JSP under Tomcat Web Server

    Limitations:

  • Data feeds to both Repositories are manual

  • Usually not all Service Users are registered in the Inventory (the first user identity is fed during service definition)

    My take:

  • SOA is not a one time project it is a journey. Expect for a gradual evolution.
    In Partner's case the evolution is manifested by the large number of versions (approximately one version each year). Each version enhancing the previous by functionality and some versions also improve Scalability and Performance.
    Partner is planning architectural, technological and functional changes for next versions.
    The evolutionary journey is not unique to Partner. For example, Standard Life one of IBM's noted SOA success stories architecture was changes significantly during different stage of their SOA implementation.

  • Leading Age is also Bleeding Age
    Early Adopters may not be able to use standard products because they were not mature enough. It is a trade off between gaining competitive advantage by using the new architecture versus more resources allocated for development and maintenance and a possible conversion to standard tools after they mature.
    In Partner's example planned next steps includes implementing additional Tibco's EMS components as well as a standard Repository or Registry.
    A known SOA Early Adopter is Credit Swiss, which deployed a CORBA based SOA in the 1990s. Credit Swiss is converting its Repository to a standard UDDI based and extended registry: Centrasite co-developed by Software AG and Fujitsu.

  • The implementation is technical with no Business people involvement. One consequence is Technical Services instead of Business Services.
    The services granularity could be less coarse granularity then needed. Due to the low granularity the number of services is high; there is more Complexity and management overhead increased.
    More importantly, Business and IT alignment is limited.
    Partner is in the beginning of a process of deploying tools for supporting Business Services and possibly Business Processes. Currently a limited function of supporting Composite services (termed IFBL) is implemented. Expended IFBL functionality could enable definition of Business Services.

  • The architecture is mainly SOA Integration architecture
    Mapping current applications functionality to Business SOA Services and gradually implementing Service Applications Architecture is an important missing part.

  • Enterprise Wide Processes deployment support by current Partner's technology is limited
    Addressing this issue is a future direction planned by Partner.

  • Application Server (in Partner If's terms) is an Integration Broker
    The term Application Server is not used for an infrastructure applications components container (e.g. IBM WebSphere, BEA WebLogic) but for Integration Broker). That the reason why I wrote "Application Server" and not Application Server in describing it.
    No wonder that Tibco tools were selected for SOA Integration, because Integration is Tibco's focus and strength. Tibco, the largest of the three EAI dedicated leading solutions (the other two WebMethods and SeeBeyond where acquired by other companies because of their SOA tools and capabilities) developed new generation of integration solutions which are SOA Integration tools and not a complete SOA framework.

  • I suspect that Reuse rate is not high
    My first impression is that Reuse rate probably is not high due to lack of dedicated SOA Registry and due to low Services Granularity.

  • Proprietary DB engine Fault Tolerance is not a preferred solution
    The tradeoffs between Oracle's RAC and the proprietary mechanism are more resources needed for maintaining the proprietary solution vs. the total independence between the two DB Engine instances in the proprietary solution. In my opinion database reliability is high and it will be higher in the future, so the trade off is in favor of the standard solution.

  • Despite the Considerations the implementation is impressive
    The technical architecture and implementation is impressive, especially if we take into account that it was originated in 2001 and based on In-House development. As far as the organizational maturity is concerned definition of Service management roles, Processes and culture is a significant milestone in the long road towards complete SOA implementation.

Saturday, December 22, 2007

Definig SOA

Many years ago I read a Sufi tale about an elephant coming to a town in which all residents were born blind. No one of them have the slightest knowledge about elephants because no one ever traveled outside that town and this elephant was the first of his specie paying a visit to that town.
The blind people touched the huge elephant and disputed about the question: What this object is? A blind man/woman who touched the elephant's leg thought it is a pillar. Another one touching his ear thought it is a big fan. The third blind man thought it is a pipe because he touched its trunk etc. The blind people argued and argued and could not agree upon a common definition of that object.
The context of that tale is philosophical. However, when we look at SOA definitions we find partial definitions from the viewpoint of Developers, Architects, Analysts, System Administrators and Business people.
Business people may describe SOA as a collection of Business Services and Business Processes.
For Administrators, SOA is an infrastructure mainly Enterprise Service Bus (ESB).
Therefore some SOA initiatives are ESB projects with no additional implementations.
From Developers' perspective SOA could be seen as Web Services or Application Logic accessed from multiple End User Devices or an integration functionality connecting various applications or data sources.
The Architects could refer to SOA as an abstract Enterprise architectural style composed of multiple layers including Services, Interfaces, Processes, Data architecture and Metadata.
The System Analysts may refer to SOA as an application functionality relating to Business user requirements.
Do not assume that all Architects will agree upon a common definition. As example for Architects disagreements upon a definition see Arnon Rotem-Galoz 's blog.
If you think of agreement between non-architects playing the same role (e.g. Developers, Business People etc.), you will surely be disappointed: many Developers definitions will be found as well as many Administrators definitions are available.
Truly, the definition spectrum is narrowed when identical role holders define SOA, but still no consensus exists.
There are many disputes about what SOA is, corresponding to the argument of the blind people about the Elephant's definition.

The results are:
· Multiple definitions and sometimes contradicting definitions
· Partial definitions, which may describe some SOA attributes
· Different kinds of initiatives called SOA, but describing totally different real world implementations.
· Non-SOA implementations classified as SOA. A good example for Non-SOA implementations labeled SOA could be found in my previous post SCS and SOA.

Returning back to the Elephant and the blind people tale, probably no Value could be found for the blind people in any of the definitions: No blind man could use the elephant as fan or as a pillar and a combination of very cooperative elephant; very imaginative blind man/woman and available water source are necessary for using the elephant as an inefficient pipe.

The analogy is not complete: the partial SOA definitions could or could not have real Value for the definer or his organization. For example a developer may develop effectively a useful service using his partial definition. In one hand an architect may create good enterprise architecture or a good data model which may lead to real measured value. On the other hand the incomplete architecture may cause damage.

Even if the incomplete definitions are valuable still an enterprise needs at least someone who is not SOA-blind and can see the "Elephant" and understand the following aspects:

  • What an elephant is? - What the Enterprise architectures and architecture elements are and what is the relationships between them (including both business and IT architectures)?
  • What are the elephant's capabilities? - Organizational and technological maturity.
  • Which discrete tasks could be performed by the elephant? - Services
  • Which assignments composed of series of tasks could be performed by the elephant or the elephant together with a human being? - Automated Processes and partially automated Processes including human tasks (e.g. a process of approving and giving a loan which includes some non-automated approval tasks)
  • What kind of elephant training is required so he can fulfill the tasks? - Which training is required for employees (including Business people, Managers, Technical IT staff etc.)?

Enterprises with no previous SOA experience are in a way like the blind people in the elephant tale. Usually the group or SOA Competence Center should include experienced consultant who knows what SOA is and could lead or mentor the internal participants at least in its early stages of the SOA initiative.

In summary:
1. Select a practical SOA definition (not a theoretical one which may not applicable for the enterprise)
2. Probably the definition should be adapted for each enterprise.
3. It should be a complete definition including elements related to real measurable value.
4. The perspective required for a complete definition is wide and probably requires cooperation between experienced consultant and internal experts with deep knowledge of the organizational business, organizational culture and technology.

Friday, December 7, 2007

SOA and SCS

The presenter in the 15th meeting of the SOA Forum of the Israeli Association of Information Processing (June 2007) was Brent Carlson, Founder and CTO of LogicLibrary who was named to InfoWorld’s ranking of the Top 25 CTOs in business today.
His presentation topic was: Service Lifecycle Governance: Principles and Best Practices.
Unfortunately, he was stuck in a traffic jam, so I talked to the forum members until his arrival.
I discussed the current status of SOA implementations in Israel. The two main points were:
1. Only few enterprises have a significant SOA production implementation
2. I am able to identify two enterprises that will surely fail in their SOA imitative just
by a short discussion with them.

One of the participants argued that my first point is not valid. He said that he is aware of enterprises implementing hundreds of Web Services.
I answered that implementing hundreds of Web Services is not necessarily implementing SOA.
Unsurprisingly, Brent Carlson's opinion was similar to mine when asked the question about these enterprises having hundreds of ungoverned Web Services. Brent named the ungoverned hundreds of Web Services: A Bunch of Services (ABOS) and not SOA.
I use the term So Called SOA (SCS) for describing initiatives which may be called SOA, may include Services (usually Web Services) Interfaces and Processes but do not form coherent Architecture.

The following attributes are common to these SCS implementations claimed to be SOA implementations:

1. No measurable Business Value measured by Return On Investment (ROI) or other criteria.
2. No Business and IT alignment
3. Low or no Reuse
4. No Agility or Flexibility for Business driven changes

Linking the last paragraph to my second point in the discussion about the initiatives I mentioned in the second bullet, I would say that I identified these two initiatives as SCS. However, there are a lot of definitions to SOA and SCS may be classified as SOA according to some of them.
When predicting that these enterprises will fell I did not predict that they will not complete SOA projects, I predicted that their implementations if realized, will be characterized by the four attributes of SCS cited above, especially the first attribute.
SOA initiatives costing more than returning in Long Term are failures.

The following characteristics of SOA initiatives may serve as "red lights" (warning) alerting creation of an SCS implementation:

1. Information technology (IT) only initiative.
No Business management involvement in the initiative.

2. Inadequate Organizational Maturity
Organizations which lack the required maturity level should postpone their SOA initiative and try to achieve adequate maturity level.
Do you expect an Enterprise which did not succeed in building any Enterprise Architecture to succeed in paradigm shift to abstract and layered SOA architecture? Of course not, a thousand miles walk begins in a single step.

3. Too ambitious effort
Big Bang style projects or three or four concurrent SOA pilots could be an indication for a doomed to failure initiative.

4. No usage of external expertise
"We do not need consultants" attitude of an organization which never implemented or planned SOA may result in creating non-SOA architecture e.i. SCS architecture.

5. Too Technical initiative
The term too Technical refers to the point of view that SOA is only collection of technologies. It is not. The result of the SOA initiative could be installation of SOA infrastructure products (ESBs, Registries, Application Servers etc.) without significant Services usage.
An example is an enterprise with multiple ESB's tools from various vendors, with no production SOA implementation. I let some of their leading experts know about another Infrastructure SOA tool installed in that enterprise.
How did I know about a SOA software product installed in that enterprise?
Well, I read a White Paper and asked the vendor for additional information. The vendor told me that although they do not have yet official distributor in my country they already installed the product in that enterprise.

Two questions related to this post will be discussed in next posts:
· Defining SOA
As there are many SOA definitions (some time incompatible and contradicting) the discrimination between SOA and SCS could be related to the SOA definition selected.

· What are the Worst Practices of SOA?
Worst Practices could lead to SCS failures as well as to other failures.

Tuesday, December 4, 2007

Web 2.0 For Dummies - part4: What is Web 2.0?

This post is the forth post in the "Web 2.0 for dummies" posts, based on my Web 2.0 presentation in a conference.

The following image depicts the Meme map build in O’reilly’s brainstorming.
This is the first and original Web 2.0 Meme map.
It should be noted that the model is a developing model with no explicit boundaries.








The central part includes the gravitational elements which are definitely the core of Web 2.0.
The Web as a platform mentioned in the previous post is one of that gravitational elements and not just one of the elements but a very important element.
The lower part in near to purple color includes principles, ideas and concepts.
The upper part (dark green) includes services examples and principles related specifically to some of them.
O’reilly’s model is not the only model. There are other Meme Maps.
Analyzing and comparing different Meme Maps is beyond the scope of this post. However, the multitude of models together with the flexible boundaries enables many vendors to label their services and products as Web 2.0, although in some cases they are very far from the Web 2.0 model.
Some of the main characteristics of Web 2.0 are cited in the following bullets:
  • Uncontrolled (by vendors) Standards Based Platform
    The standards of the Web platform are not controlled by any infrastructure vendor or Web 2.0 vendor. As result of this characteristic Web 2.0 communities,companies and service providers use standards based solutions applicable to most of possible infrastructure solutions in the Web. Usually the technologies and architectures used for Web 2.0 services are relatively less complex.

  • Social Computing

Many Web 2.0 projects and services context is social. Such as professional or social networks. Other Web 2.0 initiatives includes social interactions as well.

  • Sharing Communities

Sharing could be the most important aspect of Web 2.0: Community members are contributing content, comments, voting, alerting about improper content etc. Notice that contributing is not limited to publishing content or code, but to other participation activities, such as rating.

Each Community has its interaction rules and patterns. The Community creates and improves "products". The cost model of building the "products" is a model which includes minimal or no costs for human resources. A community process is more democratic and more chaotic than a directed and controlled process within a company. This difference is reflected in the products: more innovative and creative but more volatile.
The notions of Community and Sharing imply trust in community members (sometimes without a known identity). It also includes build in Sharing ethics.

  • The Hyperlinks are the Network

In a paraphrase of the old Sun slogan "The network is the Computer" we can say that "The hyperlinks are the network". Use of hyperlinks is one of the foundations of navigating between pages in the Web2.0 cyberspace or the global network.

  • The user controls his data

From the vast amount of scattered data the user choose his data and controls it as part of his content or services. This it a two edges sword: In one hand the user has high degree of freedom, but on the other hand he has more responsibility and may use incorrect or outdated data.

other important concepts which will be introduced in future posts are Mashups and Longtail.


Potential for a lot of innovation, creativity, collaboration and cooperation is embedded in the culture of Web 2.0. However, there are many considerations: improper behavior, breach of trust and technical issues. The actual realization of breach of trust is varied according to the specific Web 2.0 project, service and community type.
The following problems are common to Web 2.0 projects:

Potential for a lot of innovation, creativity, collaboration and cooperation is embedded in the culture of Web 2.0. However, there are many considerations: improper behavior, breach of trust and technical issues. The actual realization of breach of trust is varied according to the specific Web 2.0 project, service and community type.
The following problems are common to Web 2.0 projects:

  • Intentional improper content insertion
  • Copyrights issues
  • Unintentional wrong content or code insertion
  • Intentional commercial bias
  • Criminal acts
  • Incomplete data or solutions
  • Non Systematic and not fully robust implementations

The next posts will focus on specific Web 2.0 projects. The patterns for creating value in each of them are different but share common attributes.
There is also commonality between problems different Web 2.0 communities face. The specific manifestation of that problems and specific mitigation varies.
Please keep in mind the common attributes and considerations, while reading the next posts.

Sunday, December 2, 2007

SOA & BPM

The topic of the meeting of the Israeli SOA Forum of November 29th was: BPM & SOA.
This is the 17th meeting of the SOA Forum of the Israeli Association of Information Processing.
I am moderating the forum since its imitation on March 2005. The forum meetings take place once in a month. The forum is opened for anyone involved or interested in SOA activities. Most of the meetings included presentations and discussions. The 16th meeting was exceptional: experts' panel on SOA Governance.

The presenter was Gilad Rothschild (ARIS product manager of Seker the local distributor of IDS Scheer's products).His perspective is Business Process Centric and mainly ARIS centric (and therefore focused on the modeling part of the Process Life Cycle). The view point of someone who is not a SOA expert, but rather an expert in business processes, as they are perceived by Business people instead of the usual IT people talking to IT people.

The following bullets highlight the key elements included in his presentation and/or the discussion:

  • SOA and BPM which were two separated initiatives are converging
    The demonstration reveals an IDS Scheer SOA tool called ARIS SOA Architect, aiming at connecting the modeled Business Processes with the technical SOA implementation. The connection is by automatically generating BPEL diagrams, serving as a skeleton which is supplemented by additional BPEL code for execution under the leading Application Servers. According to a recent Aberdeen Group study 4% of the Best In Class (BIC) plan "to deploy BPM suites that don't provide SOA interfaces"

  • Processes have Life Cycle from Modeling (including Business Process Analysis (BPA)) Implementation or Deployment, Monitoring (BAM), Improvement

  • ARIS gateway between Modeling and Implementation is by pressing a button, which is the trigger for generating the BPEL. The gateway is bidirectional i.e. it is possible to generate the process model from BPEL code.

  • The BPM tool Repository and its relationship with the Enterprise Service Repository and the Enterprise Service Registry

ARIS is a leading BPA tool according to Gartner's Magic Quadrant, but also by its selection as the preferred partner by the applications giants (SAP and Oracle and now also Microsoft).

Open issues discussed during the meeting:

1. Are there any BPM tools providing integrated solution for the whole Process Life Cycle? One of the participants argued that Lombardi and Agile Point tools cover the whole Life Cycle.


2. Dynamic Gateway between Process Modeling and Process Implementation vs. Manual or Half Automatic Gateway (as implemented by ARIS)
The notion of dynamic gateway refers to automatic update of the model due to changes in implemented process as well as update of the BPEL model in case of changes in the Business Model.
The discussion focused on two issues: is Fully Dynamic Gateway a realistic approach? And if it is realistic is it a better or worse than the Half Automatic approach?

3. The need to supplement the generated BPEL as a possible source for incompatibilities between the Business Process Model and The Business Process Implementation.

My take:

  • SOA is not technology it is architecture of Business and IT alignment, so the view of BPM as a Business model and SOA as a Technical model is incorrect. Both SOA and BPM include Business view and Technical view. SOA Business view is the Business Architecture. Properly defined Services are defined as Business Services.

  • The SOA Services may serve as building blocks of Processes. This approach may reduce the amount of supplemented code (Open issue 3) and narrow the gap between the Process Model and Process Implementation.

  • The Bidirectional Gateway between model and code is analogous to the Bidirectional Gateway in CASE tools for Object Oriented: The generated code from UML design is just a skeleton, which should be supplemented by Object Oriented code same as the generated process code should be supplemented by additional code. The implication is that it should be easier to update a model from coed than to update code from a model. The implication may be valid for both Processes (BPA and BPM) and Program Functionality (CASE tools).

Friday, November 23, 2007

Web 2.0 For Dummies - part3: Background

This post is the third post in the "Web 2.0 for dummies" posts, based on my Web 2.0 presentation in a conference.


In year 2000 there were three leading operating systems families:
Mainframe - The most robust and scalable platform, which was able to execute heterogeneous workloads, UNIX and Windows. The third was the least mature and the least scalable and robust platform. As an experienced expert in IBM Mainframe operating system, I was able to identify Windows 2000 Data Center weaknesses and to think of an add-on product for overcoming some of Windows' limitations. The theoretical solution targeted both Data Centers and Web. I applied to a Seed Venture Capital which checked the document describing the problems and the proposed solution.
The Venture Capital rejected my start up proposal. The only reason for immediate rejection was: "It is not pure Internet solution" i.e. the reason for rejection was possible applicability to Enterprises Data Centers.
I am not arguing that the rejection was false (I checked other start ups ideas for Venture Capitals before my start up proposal. The first question I would ask someone applying with similar idea to mine would be: Do you have access to the Windows operating system source code? I probably would reject the startup idea in case of a negative answer), I am just describing the Dotcom over Hype or illusion prevailed in those Web 1.0 or Dotcom days.


Unsurprisingly, the Dotcom failed or collapsed (that was the reason for choosing the YouTube Domino Fall Down clip to be included in my previous post The taste of Web 2.0).
The fall of Web 1.0 enabled the Web 2.0 phenomena as described in the following images and text.








In year 2001 DotCom collapsed. Many DotCom companies disappeared or shrank dramatically. However, not all Dotcom companies were harmed significantly.



The companies appearing in green in the image above were not harmed significantly by the DotCom collapse.
For example, Google was established in 1998 and still succeeding.
The companies appearing in red were harmed significantly by the DotCom collapse.


The silde above hughlights the key questions discussed in that brainstorming.


The last bullet depict an example of historical new generation: Software Centered model instead of Hardware Centered model. Some companies did not survive the model change. The most known example is Digital one of the biggest players in the computers industry.


O’reilly is a company which publishes books and e-books and organizes conferences. The participants in this brainstorm were O’reilly experts (including Dale Dougherty the creator of this term) and MediaLive employees.



Netscape is the representative case of Web 1.0 companies.
Its business model is similar to business models of non-Web infrastructure software companies. The company was acquired by AOL prior to the DotCom collapse of 2001
The following images present the classical representative of Web 2.0: Google. The differences between their model and the classical software vendors model as well as Netscape model can be found easily.


The image above highlights Google model.
The main concept is the Web as a Platform model. No platform control wars as in NetScape model, but adapting to Web infrastructure technologies.
The bullets or parts of bullets marked in red relate to concepts deviating from traditional software vendors' model.
Page Rank is a Recursive Mathematical Algorithm developed by Larry Page as a student in Stanford University. The idea is to assign rank to a page during a search. The rank is based on weighted index. The index takes into account two factors: the number of references to that page and importance.
.
Open Social API is a new initiative by Google for common Application Programming Interface (API) accessing Social Networks and communities' sites.
MySpace, Linkidn, Bebo, Plaxo and Orkut joined to Google.
Non-pure Web 2.0 vendors Oracle and Saleforce.com also joined.
The forth post will describe the ideas, concepts and models of Web 2.0.

Web 2.0 For Dummies - Part 2: The taste of Web 2.0

This post is based on my presentation on Web 2.0. It is a continuation to Part 1: WOA, posted few days ago.

For tasting Web 2.0 I am presenting four videos appearing in YouTube a Web 2.0 site for videos
I choose deliberately a video on collapsing (Domino Fall Down) by search engine available in YouTube. The reason for my choice will be discovered in the next post of my Web 2.0 for Dummies posts to be appeared shortly.


The Domino Fall Down Video slide shows a typical YouTube screen including:
• The video was created by FlippyCat, probably an amateur and not a media expert.
• Statistical information about FlippyCat
• Options for the viewer e.g. adding to PlayList, downloading etc.
• Flagging option in case of improper content or a content violating Copyrights. Flag is an alert for YouTube to delete the content.
Flagging option illustrates a problem of partial content control by Web 2.0 projects. The YouTube's community's help is needed for discovering improper content.
A recent example of an improper content is a video posted by a high school student in which he was shooting with a gun and declaring that he is going to kill his school teacher.

The YouTube site could be perceived as a stage for every amateur to create multimedia content. It could be compared to a “Star was Born” style TV programs. The participants in these programs are non professionals performing publicly. The differences: internet communities are larger than TV audience and the content is accessible anytime

















The second video (in the left side) does not look like an amateur uploading content for a community.It looks like a political initiative by Obama's headquarters and not an innocent supporter publishing her political view. It is not the only political video. The right side video includes the URL for Hillary Clinton’s response to Obama Girl song. Videos of politician presenting their views are available in YouTube as well. The point is that politicians think that YouTube is a valid channel for persuading voters to support them. For the younger generation the Web may be the most effective channel.


The forth video is neither an amateur post and nor a political post.
This is one of a group of real training films (black and white) during World War II.
The purpose of these films was to explain to people how to protect themselves against the unknown atomic bomb. Ridiculously, the protection method was “duck and cover”. We should remember that no atomic bomb was yet available. This specific film was designed for children.
This is an example of a video post that may have historical value.


In this post we tasted part of the variety and richness of content created in YouTube one of the Web 2.0 initiatives. The next post will present the background for Web 2.0 emergence.

Tuesday, November 20, 2007

Web 2.0 For Dummies - part1: WOA

I presented in a conference of mixed audience: IT professionals and non IT professionals. The topic was: Web 2.0: The New Internet generation.



The presentation was an introductory: describing and experiencing by navigating through examples of Web 2.0 services and discussing their attributes and the cultural and technological differences between them and traditional IT companies and products as well as Web 1.0 services and product. As SOA is the major topic of this blog, I am discussing the links between SOA and Web 2.0 before posting the rest of the presentation. The main links between SOA and Web 2.0 are as follows:



  • Mashups and Services share the same vision: non-IT people assembling services for creating an application.
    The results are Reuse of these services, Agility and fewer resources in comparison to previous Application Development methods. It should be remembered that assembling Services in an Enterprise or Virtual Enterprise context requires robustness, control and management. These requirements are not part of the Social Context of Web 2.0.

  • Web 2.0 technologies are used as part of Enterprise SOA architecture
    Technologies like Ajax, REST and Wikis are used in enterprises including enterprises transforming their architecture to SOA. This usage is reflected in the SOA architecture.

  • End Users (Consumers and Service Assemblers) User Interface patterns used in SOA architecture should be the same patterns used in these users Social interactions which are changing gradually towards Web 2.0 Rich Internet Applications (RIA) patterns and User Interface. Therefore the SOA Enterprise includes the robust managed and governed Service side, which should be integrated with the user friendly, easy to build Consumer and Services Assemblers side. The integration is established by using middleware which should link between these two totally conceptually different components. This task is quiet difficult. Leading Integration infrastructure vendors and startup companies are in the beginning of development of these new middleware solutions.

  • Web 2.0 Services and Communities as a Distribution Channel
    SOA includes common Distribution Channel and End User devices architecture, enabling independence between the Consumer end and the Service. However, Web 2.0 communities are conceptually and technologically distinguished from other channels.
    Advertising and presenting SOA vendor technologies in Web 2.0 sites


  • Vendors develop Innovative concept of advertising SOA products and solutions in Web 2.0 communities.


SOA related slides appearing in my presentation are appended to this discussion. Next posts will include the other slides included in the presentation in sequential order. Each group will be appended to a discussion of its subtopic.














Thursday, November 1, 2007

Microsoft Data Protection: Home and Mobile users excluded

I read a new Aberdeen Group research titled: "Encryption and Key Management" (August, 2007). The article depict the changes of Data protection architecure and mechanisms and highlights current trends. The basic change is from data protection architecture which centralize all critical data in one place and denies unauthorized access to it to a more distributed data architecture.

Aberdeen conclusion was based on a survey. However, many people can reach the same conclusion in less methodological approach: Data quantities, formats and locations are growing massively. users preserve data on PCs and on removable devices (e.g. Disk On Keys and CDs) as well as on multiple servers placed in multiple locations.

The data protection approach of the DOD's Orange Book of the begining of the 90's is no longer realistic. Aberdeen Group basic findings can be summarized in three bullets:


  • Critical and sensitive data should be indetified and protected. Probably not all other data could be protected.

  • The trend is towards encrypting critical data, wherever it is located including End Users devices and removables.

  • Key Management becomes complex, so organizations are moving gradually from manual management to automatic management such as Public Key Infrastructure (PKI)

The trend of encrypting data is the link between Aberdeen Group research and this psot's title.

Microsoft's environment was known as relatively less secure environment than competing environmnets (mainly due to binding between infrastructure and applications). However, few years ago, the company decided to improve the Security of its infarstructure solutions by building trusted environmnets. The compnay's ability to excute is well known (some of us still remeber MSN as an alternative to the Web and "the internet is a fade" attitude until 1995 and the impressive up side down change towards internet solutions), therefore the missing encryption capabilities in Vista Home editions (including Premium) could hardly be explained. Microsoft already developed an encryption solution, which is part of the enterprise editions, so technical issues are not the obstacle towards build in encryption component. Many neccessry as well as unneccessry Security dialog boxes are part of the Home editions Vista (The High granularity of the Security levels prevents elimination of the unneccessry dialog boxes without exposing your system to additional threats), so it seems that lack of emphasys on Security issues is not the reason for this missing component. To me it looks like an unsuccessful marketing decision.

Third party Omnipass solution (at least in my Lenovo mobile computer) is not fully integrated with the system and problems determination involving both the OEM and the vendor is difficult. As an experienced IT professional I succeeded to circomvent an unsolved problem. could the non-IT professionals home users bypass such problems?

Many Home edition users expose their systems to the Web. Web access may expose them to Security thteats including access of their data on their own PC. As most of these users are less aware to Security threats in comparison to corporate users, so critical data (e.g. passwords, Bank account details, credit card details etc.) may be stolen. These users may blame again Microsoft for its non-secured systems.

Aberdeen group's report points at encryption as a mean for reducig threats.

I do think that Home Vista users should help Microsoft to overcome this erronos decision, by asking the company to include build in encryption support in the next Service Pack home editions Vista.

Public Cloud Core Banking: Hype or Reality? - Revisited

  More than 4 years ago I was asked if Public Cloud Core Banking is a Hype or a Short Term Reality? If you had read the post, you would prob...