We the librarian

Dan Gillmor coined the phrase "we the media" in his book of the same name, to capture the sense of the shifts that blogging and other web-based publishing tools are gradually creating in the world of journalism. Globally-available news, analysis and comment are now not only available through the traditional "broadcast" channels; anyone (in theory, at least) can add their voice and have their say. One easy-to-see symptom of this shift is the increasing use of camera phones by regular citizens to augment major news stories - capturing images of floods, accidents, and crimes in ways that centralised news gathering organisations can't.

At IBM's Lotusphere conference in Orlando last week, the company unveiled a collection of online "social software services" called Lotus Connections. If the company succeeds as we suspect it might, this release is ushering in a new phenomenon: "we the librarian".

All five of the service components of Connections are intertwined, adding value to each other. Central to the value of all, though, is a social bookmarking service called Dogear which is designed for use within organisations. Employees use Dogear to tag resources that they want to bookmark, for later recall. These tags are defined by each individual, according to their taste (as is the case with established "public" services like del.icio.us). As is also the case with del.icio.us and other similar services, each individual's set of personal tags can be made available to the rest of the organisation. What's interesting is that Dogear goes further, offering suggestions for tags as you start to enter your own choice. You can plough your own furrow, in other words: but DogEar shows you how other people are tagging their information, gently encouraging you to share common tags for common ideas.

What no-one is saying is that what's really going on here is a reinvention of knowledge management that turns traditional thinking on its head. Traditional knowledge management relied on the skill of a privileged team of "knowledge architects" a priori defining information taxonomies, which organisations had to try and conform to in their day-to-day information creation and searching activities. The problem is that information is very rarely the kind of beast that's happy to be tamed and confined within static structures: its structure and importance morph over time. Most "traditional" knowledge management efforts failed to deliver business value. They created environments that were too brittle, and people quickly became disenchanted. The cost of knowledge contribution and categorisation was just too high.

Social bookmarking technologies like Dogear provide a tantalising way to rediscover the potential of knowledge management. With a system based on social bookmarking there is no central librarian, locked away in an office, creating taxonomies that are dead before they're even used; there is only a group of individuals, collaborating on creating a common understanding of important business information that can be shared by all, at low cost (no tedious or complex information categorisation or search tools are involved). We just tag as we go, and the tags light our way. We are the librarian.

Labels: collaboration, ibm, social bookmarking

posted by Neil Ward-Dutton @ 5:24 PM 1 comments permalink

Interesting developments in open source user-centric identity

A couple of interesting stories related to open source user-centric identity came my way, courtesy of CNET. The first concerns a donation to the Higgins Project from IBM and the second is about some important interoperability announcements to come at this week's RSA Conference.

The Higgins Project, which I have been following closely for the last year or so, is under the auspices of Eclipse and sets out to provide a platform- and identity protocol-independent software framework to aid in the development of user-centric identity management solutions. IBM has donated the results of some work, the Identity Mixer, carried out by its Research Lab in Zurich focussed on enhancing user privacy. Identity Mixer exploits advanced cryptographic techniques so that individuals do not have to provide "real" data to service providers. Instead, they can provide pseudonyms and other credentials which the service provider can verify directly or indirectly to provide the service. So, for example, in an online commerce transaction there is no need to provide a credit card number. Instead, the individual provides an encrypted credential which the service provider sends to the credit card issuer for verification. The credentials are single use in much the same way that the likes of Citigroup and PayPal issue one-time credit card numbers.

This will necessitate changes to the way that service providers, credit card issuers work. However, I think the potential barriers to adoption will reduce as user-centric identity initiaitives mature. As more immediate problems, such as the proliferation of usernames and passwords and inconsistent user experiences, are addressed then issues such as privacy assurance will take on a higher profile and individuals will come to demand it.

On a related note, I came across this post from Bill Barnes (a product manager for Microsoft's CardSpace) discussing another potential barrier to adoption of such privacy enhancing techniques: the fact that they introduce additional transaction steps. Bill discusses how CardSpace could help to address this. When a CardSpace user selects an information card associated with their credit card issuer, a credential representing the credit card could be sent to the service provider alongside other information required for authentication and authorisation.

The second story also concerns Higgins, together with the closely related Bandit Project (which I first discussed here). The story is a little light on details but it seems that there will be some demonstrations of interoperability scenarios involving CardSpace and the Liberty Alliance protocols. Definitely something to watch out for.

UPDATE: If you're interested in learning more about the Bandit/Higgins interoperability demonstration then take a look at the description of the reference application: Media Wiki server with Bandit and Higgins components which has been CardSpace-enabled for authentication; Bandit Role Engine using XACML (eXtensible Access Control Markup Language) for role-based control of access to Wiki pages (read, edit, administrator); Bandit audit and logging facilities; LDAP-based identity repository; support for the creation of CardSpace info cards; and security token interoperability based on Higgins and the XMLdap project.

Labels: identity

posted by Neil Macehiter @ 9:37 AM 0 comments permalink

Defeating versionitis: making things better in small ways

James Governor forwarded me a note from Duane Nickull the other day pointing to the Wikipedia entry on SOA. It seems like our anti SOA 2.0 petition - in a small way - helped to make the IT industry a less bonkers place.

We got to 480-odd "real signatories" (there were, unsurprisingly given my very hasty scripting of the petition page, a few spambot-generated entries too) and that was a hell of a lot more than I was expecting.

As a consequence the "SOA 2.0 or Advanced SOA" section on the Wikipedia SOA page seems to be tending towards a dismissal of the term "SOA 2.0" as a cynical marketing ploy. (Which of course it was).

It's a small step forward, but Wikipedia is a pretty widely read source so it'll do for me.

Now we have to think of another cause to fight for! Any ideas?

Labels: SOA, SOA 2.0, wikipedia

posted by Neil Ward-Dutton @ 2:43 PM 0 comments permalink

We're hiring!

Since starting MWD in February 2005 we’ve managed mostly between the two of us. However as we enter 2007 we’re seeing demand outpace our ability to serve our customers, and we’re very much in need of some extra resource. So we’re looking for one, or maybe two, people to join our small-but-perfectly-formed IT advisory outfit.

You’ll be a great fit for MWD if:

• You have real understanding of software technologies, deployment best practice and the capabilities of the main suppliers in one of the following areas of the IT industry: information management (master data management, content management, search, information lifecycle management, information integration); collaboration management (portals, messaging, unified communications, “groupware”, and ideally emerging social computing environments); IT systems and service management (think ITIL plus some more business-focused management competencies); or business process management.
• You have a love of learning, and of sharing what you learn with other people.
• You have real commercial awareness, and will be able to prove that you can sell your expertise and yourself as an industry expert.
• You have excellent communication skills – being able to demonstrate significant experience of both writing and presenting in English for a variety of technical and (very importantly) non-technical audiences.
• You have experience as a consultant – ideally to both adopters of IT, and IT suppliers.
• You’re a dynamic individual with strong organisational skills, who can thrive in a small but fast-growing team and who can manage their own time and prioritise their work effectively in a demanding environment.
• You’re passionate about IT and its value to business, and you’re the kind of person who enjoys being challenged about their ideas, as well as challenging those of others.

Ideally we want people who have at least three years or so of experience as an IT industry analyst. Having said that, it’s by no means mandatory, if you’re a good fit in other ways.

Why would you want to work with a very small company like MWD? The answer is that we have a lot of ambition, skills, experience, expertise and influence in our area. We’re passionate about what we do and we have fun doing it.

What’s more we have a lot of opportunity for growth. People who come to MWD will have the opportunity to grow with us - and will be rewarded accordingly. Being small has its challenges, but we are growing 50% a year and our expectation is that business will continue to grow that quickly, or even more so, in the coming years.

If you, or someone you know, looks like they might have the kind of skills and experience that would fit our needs – and would be up to the challenge – please let us know. posted by Neil Ward-Dutton @ 5:32 PM 3 comments permalink

Sustainable SOA and "closed loop" thinking

Todd Biske of Momentum has a great blog on SOA and EA, and one of his recent posts chimed particularly with something we've been talking about for quite a while now - sustainability. This is a theme that NeilM and I and Jon (and also Dale, our partner at Freeform Dynamics and book co-author) - have been developing throughout 2006 for our book on IT-business alignment.

The idea of sustainability isn't really rocket science but it's a vital touchpoint in the process of strategic IT thinking. What it means is that it's not enough to think about technology in the context of solving a problem or addressing a need that you have today. To deliver sustainable value from IT you have to think about how technology will continue to address your needs going forward. Arguably this was a key challenge that contributed to so much disillusionment surrounding the Enterprise Application Integration (EAI) boom in the late 1990s and early 00s: EAI technology was great at fixing tactical and existing problems (how can we synchronise key customer data across these x systems? etc) but because of its sometimes esoteric (and certainly non developer friendly) nature a lot of the technology couldn't really support a strategic shift around how *new* capabilities should be developed to make integratability a "baked in" feature. A better balanced forward-looking approach to integratability (not just integration)is of course one of the things that makes SOA so interesting.

Todd's post is talking about how IT so often looks at things from the point of view of a set of discrete and disconnected events - and one particular piece grabbed my attention in the context of SOA:

"IT produces solutions, and then forgets about them unless a user complains or some alarm goes off. If an organization takes on SOA, but still operates with this mentality, the only thing that has changed is that they are producing services instead of applications."

It's more fundamental than that though.

A focus on service delivery (which for us is what SOA is really about) is a focus that is predicated on closed-loop thinking. A service is something that is experienced over a period of time by a consumer, not just a capability that you've built. I'd say, then, that if you work with the mentality Todd talks about then you're not even producing services - you're producing itty-bitty applications. The concept of "service" - a consistent experience provided to a consumer - is what underpins that evolved, closed-loop view. Without it you're not doing SOA.

This means that SOA is only possible when you consider the whole lifecycle of services over time as they are created, changed and (yes) retired. And that's where sustainability comes in. If you're not thinking ahead to how you will deliver that consistent experience you're not thinking in a sustainable way. You're thinking about point projects, point applications, point functions, and that's how we got into the mess we're in.

Importantly this shift in mindset to think about how to deliver sustainable business value from IT takes us well beyond the world of technology product procurement. It's all about process, practice, organisation and culture and nothing to do with whether you bought the blue or the red ESB.

Without this understanding at the top of your mind as you embark on SOA or indeed any other IT initiative (unless it's responding to a *very* opportunistic and short-lived requirement) entropy will always win. If you're always looking backwards then the reality of business requirements and the reality of IT capability will quickly diverge in unwelcome ways.

Labels: book, SOA, sustainability

posted by Neil Ward-Dutton @ 4:54 PM 1 comments permalink