April’s Contributions on Bright Hub

In April, I contributed two articles to the Web Development channel over on Bright Hub:

ORION/CANARIE National Summit

Just in case you haven’t heard:

… join us for an exciting national summit on innovation and technology, hosted by ORION and CANARIE, at the Metro Toronto Convention Centre, Nov. 3 and 4, 2008.

“Powering Innovation – a National Summit” brings over 55 keynotes, speakers and panelist from across Canada and the US, including best-selling author of Innovation Nation, Dr. John Kao; President/CEO of Intenet2 Dr. Doug Van Houweling; chancellor of the University of California at Berkeley Dr. Robert J. Birgeneau; advanced visualization guru Dr. Chaomei Chen of Philadelphia’s Drexel University; and many more. The President of the Ontario College of Art & Design’s Sara Diamond chairs “A Boom with View”, a session on visualization technologies. Dr. Gail Anderson presents on forensic science research. Other speakers include the host of CBC Radio’s Spark Nora Young; Delvinia Interactive’s Adam Froman and the President and CEO of Zerofootprint, Ron Dembo.

This is an excellent opportunity to meet and network with up to 250 researchers, scientists, educators, and technologists from across Ontario and Canada and the international community. Attend sessions on the very latest on e-science; network-enabled platforms, cloud computing, the greening of IT; applications in the “cloud”; innovative visualization technologies; teaching and learning in a web 2.0 universe and more. Don’t miss exhibitors and showcases from holographic 3D imaging, to IP-based television platforms, to advanced networking.

For more information, visit http://www.orioncanariesummit.ca.

Launch: Silicon Valley – Still Time for Submissions

If you plan on being in The Bay Area early this Summer, you may want to take in Launch: Silicon Valley (L:SV). From the event’s Web site comes the following overview:

In its 3rd year, Launch: Silicon Valley is now firmly established as the premier product launch platform for cash strapped startups. The event, co-presented by SVASE, Garage Technology Ventures and Microsoft, provides the next generation of emerging technology companies with the opportunity to pitch their products to, and network with, an audience of Silicon Valley’s top VCs, Angels, corporate business development executives, prospective customers and partners, bloggers and media.

Launch: Silicon Valley 2008 is designed to uncover and showcase products and services from the most exciting of the newest startups in information technology, mobility, security, digital media, next generation internet, life sciences and clean energy.

If you are a startup, you have until May 9, 2008, to submit an executive summary relating to your product offering.
Having never attended L:SV, I can only state that this looks like an excellent opportunity for all stakeholders.
(Thanks to the organizers for making me aware of their event.)

BlackBerry Rules the Back Office – For Now …

I’ve had a BlackBerry 8830 for a few months now. And I must admit, I’m getting over my iPhone envy. (iPhone’s still aren’t officially available in Canada!) The 8830 has the tactile keypad I’ve grown to love, a (two-dimensional) trackball in place of a (one-dimensional) thumbwheel, GPS-based mapping, etc. This means that built-in WiFi is about the only capability for which I find myself wanting.

But enough about the client-side device (CSD).
So much of the value delivered to the CSD is because of what’s in the back office – behind the scenes, as it were.
In writing a book review on BlackBerry Enterprise Server (BES) installation and administration, I was reminded of this aspect on the ongoing BlackBerry vs. iPhone battle.
What’s in the BlackBerry back office?
Allow me to itemize:
  • Integration – The BES integrates the CSD with the enterprise messaging platform (e.g., Microsoft Exchange, IBM Lotus Notes, etc.) and the rest of RIM’s BlackBerry universe. In addition to email and calendaring, this has the potential to include instant messaging (e.g., MSN, IBM Lotus Sametime, etc.) and more.
  • Security – Because the BES provides a single locus of control (the BlackBerry domain), it can and has been leveraged extensively to deliver an industry leading environment for end-to-end security. Encryption, authentication, plus six levels for administrative roles, are all present.
  • Policies  – To quote from my review:

The BES ships with over 200 policies that can be applied variously to users, groups and devices … The ability to administer users, groups and devices with respect to policies (including software), from a single point of control (i.e., the BES server), speaks volumes to the appeal and value that this offering can deliver to corporate enterprise environments. 

  • Provisioning – The BES facilitates provisioning of users, groups, devices as well as associated software. Software can even be bundled and targeted to specific CSDs.
The back office supporting the iPhone has a long, long way to go to catch up with all of this – if that’s even a plan that Apple has.
In fact, a far greater threat to the back-office portion of RIM’s BlackBerry universe is the ecosystem developing around Google Android.

Net@EDU 2008: Key Takeaways

Earlier this week, I participated in the Net@EDU Annual Meeting 2008: The Next 10 Years.   For me, the key takeaways are:

  • The Internet can be improved. IP, its transport protocols (RTP, SIP, TCP and UDP), and especially HTTP, are stifling innovation at the edges – everything (device-oriented) on IP and everything (application-oriented) on the Web. There are a number of initiatives that seek to improve the situation. One of these, with tangible outcomes, is the Stanford Clean Slate Internet Design Program.
  • Researchers and IT organizations need to be reunited. In the 1970s and 1980s, these demographics worked closely together and delivered a number of significant outcomes. Beyond the 1990s, these group remain separate and distinct. This separation has not benefited either group. As the manager of a team focused on operation of a campus network who still manages to conduct a modest amount of research, this takeaway resonates particularly strongly with me. 
  • DNSSEC is worth investigating now. DNS is a mission-critical service. It is often, however, an orphaned service in many IT organizations. DNSSEC is comprised of four standards that extend the original concept in security-savvy ways – e.g., they will harden your DNS infrastructure against DNS-targeted attacks. Although production implementation remains a future, the time is now to get involved.
  • The US is lagging behind in the case of broadband. An EDUCAUSE blueprint details the current situation, and offers a prescription for rectifying it. As a Canadian, it is noteworthy that Canada’s progress in this area is exceptional, even though it is regarded as a much-more rural nation than the US. The key to the Canadian success, and a key component of the blueprint’s prescription, is the funding model that shares costs evenly between two levels of government (federal and provincial) as well as the network builder/owner. 
  • Provisioning communications infrastructures for emergency situations is a sobering task. Virginia Tech experienced 100-3000% increases emergency-communications-panel-netedu-021008_2004.png in the demands on their communications infrastructure as a consequence of their April 16, 2007 event. Such stress factors are exceedingly difficult to estimate and account for. In some cases, responding in real time allowed for adequate provisioning through a tremendous amount of collaboration. Mass notification remains a challenge. 
  • Today’s and tomorrow’s students are different from yesterday’s. Although this may sound obvious, the details are interesting. Ultimately, this difference derives from the fact that today’s and tomorrow’s students have more intimately integrated technology into their lives from a very young age.
  • Cyberinfrastructure remains a focus. EDUCAUSE has a Campus Cyberinfrastructure Working Group. Some of their deliverables are soon to include a CI digest, plus contributions from their Framing and Information Management Focus Groups. In addition to the working-group session, Don Middleton of NCAR discussed the role of CI in the atmospheric sciences. I was particularly pleased that Middleton made a point of showcasing semantic aspects of virtual observatories such as the Virtual Solar-Terrestrial Observatory (VSTO).
  • The Tempe Mission Palms Hotel is an outstanding venue for a conference. Net@EDU has themed its annual meetings around this hotel, Tempe, Arizona and the month of February. This strategic choice is delivered in spades by the venue. From individual rooms to conference food and logistics to the mini gym and pool, The Tempe Mission Palms Hotel delivers. 

img_2462.jpg

    What’s in Your SOAP Toolkit?

    Your choice of SOAP toolkit may be the most important decision you make in implementing a Service Oriented Architecture (SOA) based on Web Services.

    This wasn’t always the case.

    For example, First-Generation Web Services (WS-1G) typically depicted SOAP, WSDL and UDDI as more-or-less equal players.

    ws_triangle.png

    In reality, however, UDDI was and remains (e.g., Erl, Chapter 3) a bit of a non-starter.

    WSDL remains key, and continues to evolve with version 2 well on its way to becoming a bona fide standard.

    So, what about SOAP?

    In learning more about Second-Generation Web Services (WS-2G), I continue to be struck by how much value is being driven through SOAP. In turn then, WS-2G are being driven through XML, as SOAP makes use of XML. It is for reasons like this that SOA-guru Thomas Erl states that SOAs are ultimately all about XML and not Web Services (Erl, Chapter 3, Section 3.5.4).

    And this returns us to the point made at the outset.

    Because so much value is being driven through SOAP, you must choose your SOAP toolkit wisely. More specifically, toolkit choice will determine, for exanple, which WS-2G specifications are supported via implementations. Even more specifically, as a third-generation SOAP toolkit, Apache Axis2 includes core (e.g., WS-Addressing) and extended (e.g., WS-Coordination, WS-ReliableMessaging, WS-Security, etc.) implementations of a number of WS-2G standards.

    SOAP toolkits may also reflect vendor bias. For example, IBM has championed WS-Notification, whereas Microsoft’s emphasis has been on WS-Eventing. These vendor biases at the standards level are quite likely reflected at the SOAP toolkit level. For example, it is reasonable to expect that an IBM SOAP toolkit would include an implementation of WS-Notification, whereas a Microsoft SOAP toolkit would offer one of WS-Eventing instead.

    Even though working with SOAP may initially appear a low-level detail at the outset of conceptualizing a SOA, it turns to be a very important consideration that is amplified as SOA adoption proceeds.

    NIST’s Guide to Secure Web Services

    NIST has recently released a Guide to Secure Web Services. Their Computer Security Division describes the document as follows:

    NIST is pleased to announce the public comment release of draft Special Publication (SP) 800-95, Guide to Secure Web Services. SP 800-95 provides detailed information on standards for Web services security. This document explains the security features of Extensible Markup Language (XML), Simple Object Access Protocol (SOAP), the Universal Description, Discovery and Integration (UDDI) protocol, and related open standards in the area of Web services. It also provides specific recommendations to ensure the security of Web services-based applications.

    Writing in Network World, M. E. Kabay extracts from the NIST report:

    Perimeter-based network security technologies (e.g., firewalls, intrusion detection) are inadequate to protect SOAs [Service Oriented Architectures] … SOAs are dynamic, and can seldom be fully constrained to the physical boundaries of a single network. SOAP … is transmitted over HTTP, which is allowed to flow without restriction through most firewalls. Moreover, TLS [Transport Layer Security], which is used to authenticate and encrypt Web-based messages, is unsuitable for protecting SOAP messages because it is designed to operate between two endpoints. TLS cannot accommodate Web services’ inherent ability to forward messages to multiple other Web services simultaneously.

    The NIST document includes a number of recommendations, the five of which Kabay highlights:

    • Replicate data and services to improve availability.
    • Use logging of transactions to improve accountability.
    • Use secure software design and development techniques to prevent vulnerabilities.
    • Use performance analysis and simulation techniques for end-to-end quality of service and quality of protection.
    • Digitally sign UDDI entries to verify the author of registered entries.

    The NIST document definitely warrants consideration for anyone developing Web services.