The growing interdependence of our systems is driving the complexity of our systems towards the edge of chaotic systems. The choices that we make are no longer focused on finding the perfect solution. Instead, we can see many possible solutions, many of which are good solutions. The choice is then to pick the solution which builds positive interdependency and limits negative interdependency.
Fig. 1: Growing interdependency has put us at the edge of complex and chaotic systems.
In his talk at ITLP, Ron also pressed on the ever-growing rate of change. These two factors limit our ability to design and implement perfect solutions to problems. To paraphrase again:
If you take two years to design a great solution, the landscape will have changed so much that the solution may not be applicable. The level of complexity makes finding and defining the perfect solution even more difficult. The level of interdependence means that even more good solutions are available – when many systems are connected, many systems could be used to provide the solution.
Fig. 2: Impossible Route to a Perfect Solution
I agree with what Ron has come to believe. The level of integration between systems is very high. The expectation for real-time interactions has become the norm. Users expect to see real-time flight information. They expect real-time updates on openings in courses. Students can see, in real-time, the bus schedule, where they are located and the location of nearest bus stop and the location of the buses on their routes.
This interdependence has driven complexity to the point where perfect solutions are hard if not impossibly to design and deploy. Therefore, we must choose from many good solutions that exist. We need to act quickly to implement some solution to meet the rapid rate of change.
Fig. 3: Many good solutions
This is where Enterprise Architecture and the other architecture practices can help. If we look out to the future and think about the desired state, then we can begin to sift out those good solutions which move us towards that future state. For us, we had stated that Service Oriented Architecture was a strategic direction. That bounded the future state some. In the student area, we had a future state process diagram. This diagram outlined improvements to the way that students manage course data and move through finding courses to enrollment. This put another boundary on the future state. When it came to think about how we get course roster type information out to a new learning management system (Moodle), we were able to use that projected future state to pick from the possible solutions (flat file transfer, shared database connections, web services) those which moved us closer to future state.
Fig. 4: EA can help filter the good choices that move you towards the desired future state.
The rate of change and interdependency drives the importance of an architectural approach. If you have not thought about the future state, then there is a multitude of choices. To pick from many choices, you have to establish some factors that affect your selection. In a restaurant, this might be dietary restrictions, cost, the weather outside. In technology, it is often quickest and cheapest. But those factors, in this complex environment are often shortsighted and misguided. The quickest and cheapest solution might need to be replicated many times for many systems. This would increase the interdependency in a negative way and push you even closer to a chaotic system. A more expensive, slower solution might serve you well over the long haul.
Architecture can help you make those choices in a framework that is focused on the future and on the overall complexity that you are creating. Enterprise Architecture (and the other architecture practices) can help sort those good solutions and help make sure the choice you make is along the path to desired future state.
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
]]>First, on the EDUCAUSE site:
EDUCAUSE – Enterprise 2009 Site
and at Slideshare.net:
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
]]>
Soaring
I’ve been working with our CIO on the I.T. strategic planning initiative. At the same time, I’ve been working with the Technical Directors and Operational Directors on planning at the technology level. They have been creating a map of what technologies are used to support our services. I’ve had my head in the blue sky of the strategic planning process while I’ve also had my hands in the dirt of the technology mapping. I keep coming up against the issue of how to connect the blue-sky of the strategic plan with the down-in-the-dirt technology planning.
Finding a process and methodology to connect the sky to the ground has taken up a lot of my mental cycles recently. The following is my take on a method to connect the strategic planning to the technology planning.
1. Strategy to Capabilities
The first step is to take the general directives of a strategic plan and have them expressed in terms of capabilities. I see this work being done by leadership as part of a collective planning exercise. As an example, a strategic initiative might be: Classrooms and learning spaces will be equipped with a base set of instructional technologies. This strategic direction then needs to be interpreted into a set of defined and measurable capabilities. A leadership team would be charged with determining the capabilities that would meet this strategic direction. The capabilities should be measurable.
For example, the capabilities might be: Multimedia Projection, Student Response Measurement and Lecture Capture
We could survey all rooms and learning spaces and get measures of current state (for example: 65% of rooms meet the projector capability, 15% meet the student response and 10% meet the lecture capture capability). We could then decide priority – which is more important lecture capture or student response – act on those priorities and measure improvement.
2. Capabilities to Services
The next part of this to map our services to the strategic capabilities. Some services support multiple capabilities (Hosting Services, Identity Management Services for example). Some capabilities may not have a supporting enterprise service. A capability that does not have a set of supporting services might indicate a gap in the enterprise. For example, there may not be a matching Lecture Capture Service that provides the Lecture Capture capability. This might be done in an ad hoc fashion or it might be missing completely. This gap in the enterprise service would be worth evaluating to see if the capability is being delivered effectively in the current structure. If not, then we might want to look at developing an enterprise-wide Lecture Capture Service that supports all of the classrooms.
3. Services To Technical Roadmaps
This is where we use the brick diagram in our planning. The brick diagram captures the technologies that support a given service. The brick captures what is current state (those technologies currently in use), what is tactical (what will be used for the next 0-2 years), what is strategic (on the plans to use 2-5 years out), what is in containment (no new development), what is in retirement (being stopped) and what is emerging (interesting trends that may move into the tactical or strategic realms in the future).
These brick diagrams are created and maintained by the service owner – that is the group that manages the service being provided. The bricks let the service owners and the service teams grab a snapshot of their current state and their strategic plan for the next few years – what they will leverage, what they will stop, what they are watching and what they want to move to – in a simple format.
Core Planning Stack from Tech to Strategy
This set of relationships is managed by a set of governance process that define and prioritize the layer below.
At the lowest level, the service manager or service team usually defines and prioritizes the technology they use to deliver that service. This is the layer that is captured in a brick diagram. They should also describe the capabilities that are delivered by their service and which strategic directions they support.
At the top level, senior leadership should work to refine the strategic directions as measurable capabilities that want to see delivered.
The mid-level governance is a gap in our institution. It is probably filled by project prioritization processes and budget processes. I’ll talk about that in part 2 of this post.
Related posts:
- SOA – Maturity is Key Presentation, EDUCAUSE Enteprise 2009 My presentation on SOA in the Enterprise – Maturity is...
Related posts brought to you by Yet Another Related Posts Plugin.
]]>
Brick Diagram
Brick diagrams are a strategic planning tool that I mentioned in passing in my ITANA talk at EDUCAUSE. Since then, I’ve had several people ask for more information. So here it is… more information.
Brick Diagrams are used by NIH in their Enterprise Architecture planning process. You can see the NIH brick diagrams and their taxonomy for the brick diagrams on the NIH EA Site.
Other institutions use similar planning tools. Read on to see links to other places that use something similar and to download slides for a talk about Brick Diagrams that I gave to our Management Team.
British Columbia Institute of Technology uses a Technology Lifecycle Taxonomy. You can read more about it in Leo De Sousa’s article “Discussing a Technology Lifecycle Taxonomy“.
St. Louis University uses the Project Information Master which has similar categories as the Brick Diagram and the Technology Lifecycle Taxonomy.
Here is the slide-deck that I used when I spoke to our Management Team about Brick Diagrams: m-team-brick-diagrams
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
]]>This brought me back to the question in our session “Is SOA DOA?”. I was asked how you get business leaders to buy into the SOA change and how do you get campus consumers to agree to work on SOA solutions. Add to this the discussion with Karen Hanson, our Associate Registrar, on funding issues and how do we deal with costs of deploying SOA solutions.
It seems that there is a lot of interest in SOA in the Registrar’s world.
We may try to organize a meet-up after AACRAO in Chicago in April. We could have Registrars bring their Architects for discussion around uses of SOA and issues with implementing, supporting and governing SOA. It would also be good to hear their interesting Case Studies of how they are using SOA .
Things to follow-up on when I get home.
Technorati Tags: EDUCAUSE, IT Architecture, ITANA, Registrar, Service Oriented Architecture
Related posts:
- SOA – Maturity is Key Presentation, EDUCAUSE Enteprise 2009 My presentation on SOA in the Enterprise – Maturity is...
Related posts brought to you by Yet Another Related Posts Plugin.
]]>This is one of seven Key Initiatives for Enterprise Architecture.
“Failure to… change the behavior of others leads to failure itself”. You must understand the people aspects and you must sell EA to succeed.
They had 600+ clients take a maturity survey to see where they are at in the area of EA maturity. The degree to where you can develop and maintain stakeholder support was at the most-influential dimension of EA maturity. Business/IT alignment was the top EA driver.
Effective skills: communication, persuasion, marketing.
Communications Specialists, Change Management Specialists and Facilitation Staff were under-represented in EA groups. This highlights a need to bring these skills into the EA staff either through training and development or additional staffing.
Shannon/Weaver model for communications.
If you start with those basics (stimuli, purpose, receiver, channel, message); you can predict what you need in EA.
Marketing and Sales of EA.
Marketing: Identify and segment the market. It’s the enterprise. Create the products/services. Create the delivery systems. Deliver the appropriate communications to the market. Optimize the price.
EA market segments: Senior leaders. Business units. IT Leaders. IT Groups. These are all people/groups that need to change behavior. Then you need to figure out what each segment will need (to do their daily jobs with). These are your products and services. Then figure out the best delivery system of the products and services for each segment.
You need to make it such that doing EA is cheaper than not doing EA.
A Mission Statement is a fundamental part of marketing. Branding is also key for communications and positioning. You need to determine your purpose (mission statement), determine the stakeholder perception. Create a targeted message that is clear, simple an concise. Create a logo.
You need communicate success shamelessly with branding and logo. You need to manage the EA brand.
Sales: Identify leads/suspects/prospective clients (stakeholder analysis). Present the product or service. Close the deal. Provide ongoing customer service.
Sales activities: Identify targets, categorize targets, identify their issues, develop solutions to their issues, create an deliver the pitch. Close the deal.
Identify the targets and categorize targets maps to Stakeholder Analysis. His analysis includes: Name and Title, Level of Influence (Decision makers, influencers, gatekeepers, participants), Friend or Foe, Decision Style, Issues and Opportunities, Others (hobbies, idiosyncrasies).
Decision Styles from Rowe and Mason: Conceptual-big picture people, Directive-bossy ones, Behavioral-how are people feeling, Analytical-want all the data. 62% of Senior Executives are Conceptual types. You could also do Myers-Briggs analysis.
You can create a Chain of Pain: a map going up or down the organizational chart. Looking at what the stakeholders problem/pain points are. Example: Person: Director, Pain: too much change, Reason: monolithic applications that aren’t very agile.
Persuasion Skills: Dr. Robert Cialdini has a rich body of work on persuasion skills. There are a set of principles for persuasion: Contrast, Reciprocation, Scarcity, Authority/Credibility, Trust, Consistency, Liking. Contrast – this is like the current state – spaghetti map for infrastructure compared to the future state clean infrastructure map. Reciprocation – do favors, give them information, give them insight. Ask for support of EA in return. Scarcity – we are going to do EA but we only have 3 spots and this needs to be the best and brightest. Consistency – people want to know that others are doing the same thing.
Three conditions to create lasting commitments: make the commitment active (e.g. writing down the change), make the commitment public and un-coerced. You can do this through a charter. Create an EA charter, have people sign it, make if public and publish it on an EA sight.
Recommendations:
Ensure that adequate support exists. Train people in the soft skills (communications, persuasion, marketing). Hire or borrow skilled and experienced resources. Use persuasion to your full advantage. Be great at communication, persuasion and interpersonal skills.
Technorati Tags: Change Management, Enterprise Architecture, Gartner, Leadership
Related posts:
- SOA – Maturity is Key Presentation, EDUCAUSE Enteprise 2009 My presentation on SOA in the Enterprise – Maturity is...
Related posts brought to you by Yet Another Related Posts Plugin.
]]>Policy and privacy are really consideration of the human aspects and impacts of technology. Policies are: strategic direction and operating philosophy (which are usually informal and cultural), Public and Institutional policies (these are both documented and usually legal documents).
Institutional policy – a statement that reflect the philosophies and values of the project, service, organization or federation. Policies should be clear and concise, applicable across a wide range of activities and should not change very much.
Why create a policy?
- When reasonable people disagree
- To guide thinking when making decisions
- To correct repeated misbehavior
- When there are significant risks or liabilities
- In response to external forces like regulation or law
Where does the policy apply? Federation, Institution, Service
Real-life stories:
- Email Outsourcing: vendors proposed that we would do incident response and legal requests for both students and alumni. There was no policy that said they had to be in charge and n control. She took the discussion back to the original goals for the project. (1) Improve and add services for students and (2) reduce their costs. So they did not take on the incident response because that would not reduce the costs. That was the policy that helped inform the decision.
- Course Management System: they changed their course management model. They began to get incident reports because the new service didn’t match the old policies for the previous system.
- Virtualization: They moved to a new virtualized systems. The old policies where around knowing that super-hot data is on a specific machine, with a specific system admin. Now, they didn’t know what machine had the data and all sys admins might have access. Had to expand training and the understanding of how they would manage super-hot data.
- InCommon Agreement: Thought that went very well.
“A policy is a temporary creed liable to be changed, but while it holds good it has got to be pursued with apostolic zeal.” Mohandas K. Gandhi
Privacy:
Categories of privacy harms:
- Intrusions : They come into your space and contact you and tell you what to do (spam, cold calls)
- Information Collection: They watch what you are doing more than they should (tracking, interrogation, etc)
- Information Processing: They have a lot of data about you, and they do things with it. (data mining) Need to watch out for secondary use – collect for one reason then use it for another reason.
- Information Dissemination: They disclose data about you, perhaps more than you think they should. (Transferring data, true or false facts)
Fair Information Practice Principles: The FTC drafted these principles and they do enforce them. Higher Ed is not under the FTC’s jurisdiction but users are expecting these principles to be met. If we don’t
- Notice/Awareness: User should be given notice of your information practices, in order to make an informed choice about whether to provide information.
- Choice/Consent: User should be given options as to how any personal information collected from them may be used.
- Access Participation: Users should be given access to the data held about them, and ability to contest that data’s accuracy and completeness.
- Integrity/Security: data should be secure and accurate
- Enforcement/Redress: there should be a mechanism in place to enforce fair information practices and it should include appropriate means of recourse by injured parties. At a minimum, you should right the wrong.
Ken Klingenstein: Federated Identity and Data Protection Law
Good quote from Ken K: “This is an attempt to bring trust to internet via technology not just because it is just us chickens”.
EU Law Directive 95/46/EC : You can process personal data when it is required to perform contact, required to satisfy legal duty or consent.
Identity Providers must identify which services are necessary for education and research. Must inform the users. May seek users’ informed freed consent to release personal data to other services. You have to show why it is important. Should have a data process/data controller agreement with all service providers to whom personally identifiable data is released. Must ensure adequate protection of any data released to services outside the EU. We have to play by the EU rules.
Service Providers must consider whether personally identifiable information is necessary for their service or whether anonymous identifiers are sufficient. You may request personal information from users but you must inform.
There is no normalized definition of what Personal Identifiable Information (PII). There are questions about email addresses: if it is a third party email address it might not be but a .edu address might be. So the content might be more important than the field.
IP Addresses – if it is a dynamic address it is not PII. So, unless you know it is a dynamic address, then you have to treat it as PII.
EduPerson Targeted ID – this is going to the EU privacy commission this Fall. It is a 32 bit opaque identifier that is different per site visited.
OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) – just formed group. A mechanism to allow consent agreements flow with data. The first and dominant Use Case is health care. Looking for other Use Cases. Does this make consent a new service in our loosely coupled service? Do services need to be consent aware?
Report Out from Discussion Sessions:
Data Modeling Group:
Modeling person and organization data. Modeling of organization data is remarkably difficult not just in the nature of the data but also in the resistance that you get from organizations to being characterized. Multiple organization charts – financial, hr and reporting structure. The characterizations can be political. Are there pressures that will lead to the marginalization old way of doing things? Organizations that don’t want to be characterized may not get services.
Service Discovery:
What would a service description look like: what is it called, cost, how to call it, operational context (where is it physically located). Discussion about how you describe the service, how do you recognize similar services in distributed locations. Talked about the grid is doing this with their RNA.
What is happening today: people using Google to search for services and looking for a WSDL.
How do you get consent? What about promises and claims? What about a directory of all the services? What about a directory of directory? You could have a convention for naming the directory so you could at least find the directories.
DNS works for finding things.
Governance:
Domain Governance – governance revolves around an application or a data element, or attribute (student ID). These models will have to evolve to domain governance: enrollment, IdM etc.
Who owns the data especially as the data is transformed and sent along the ESB? Services are requesting the data that can then be used by other services.
SLAs – keeping tracking of who can use the use the service.
The need for a directory of services especially in emergency notification. There is also a need to know who is consuming services so you can notify on changes.
What is being done now on campuses? It is evolving on campuses. Identity and Access Management is a domain that is being governed as a domain at Penn State.
Saint Louis University has a good examples of domains in higher education that need to be governed as a domain.
Lightening Talks:
Rob Carter: Tracking and Authenticating IP in Cyberspace
We had all of our resources stored inside the walls of the institution. We now see with cloud computing and Web 2.0 applications, our intellectual property out in the cloud. How do we track the reuse of them? How do we contextualize the content.
How do we know that it is really and artifact of mine and not someone spoofing my creations?
Could solve this with digital signatures. What if we could add metadata before it goes out into the cloud. Get a signature of the object and attach the signature to the object or store it elsewhere.
How does this align with Creative Commons licensing efforts. You can search and crawl for for CC licensed objects that you use.
Loretta Auvil: Music Analysis.
Dynamic analysis of a Tom Lehrer file. Very entertaining.
Scotty Logan: IAM Services and Well Behaved Apps
If every app does its own thing, there is no real management.
Trust the container: Identity – you can get a user name from Tomcat et al, Authentication, Authorization
Have the container provider the groups and privileges as a URI
OAuth.net – a specification developed by a group to solve the “I want my Flickr protected photos on Facebook but I don’t want to give you my Flickr username and password”.
Technorati Tags: CAMP, EDUCAUSE, IT Architecture, Policy
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
]]>Infrastructure for vaporware. They are working on the infrastructure that enables cloud-computing.
Challenges in the data center: rising costs of the operations, the explosion of data, the difficulty of deploying new application and services, the difficulty in managing complex virtual machine systems. When you map the business processes, they map to a variety of systems on the data center floor.
Blue Cloud is IBM’s entry in Cloud Computing. Cloud Computing is holistic systems management. Similar to Grid or Cluster computing. A combination of “pervasive virtualization” for both server and storage. Allows for virtualization across varied hardware (I think). On demand and autonomic management and Utility Computing (Amazon’s service offering).
They gather up like systems (not necessarily identical) and manage them as a pool. The focus changes from managing the SAN or server. You let the “ensemble” manage itself and you manage the Virtual Image.
When the image moves to another system, does it move with state?
North Carolina State’s implementation is open source. All of the standards are open source. The ensembles are wrapped with SOAP/SOA interfaces. At North Carolina State Virtual Compute Lab – a student can request a XP machine to do their project. They get the machine in increments of 30 minutes. They are providing service for other institutions in their area.
Ken Klingenstein mentions a paper “The Computational Data Center: The Science Cloud”
Mark Morgan: Genesis II – Accessible, Standards Based Grid Computing
http://www.cs.virginia.edu/~vcgr
The problems: we have target grid user that are unable or unwilling to learn new programming tools & paradigms. Users want the benefit of the grid without having to know about the grid.
Anything you can put a service in front of and put on the internet, is part of the grid. Telescopes, microscopes, computing power, storage, data, sensors.
Want to share this but sharing in a mutually distrustful domain.
Genesis II implements the standards that come out of the OGF (Open Grid Foundation) to test them and vet them. Open Grid Service Architecture is part of the OGF.
Grids have been around for a long time but they are being used. People who design grids want cool features. User don’t care. Genesis II is focused on the user and making grids usable.
The Specs:
- Resource Naming Service (RNS) - maps human-readable name to web service endpoints. Supports Add, Remove, List.
- ByteIO – allows you to treat grid resources like a POSIX-like file resource.
- Basic Execution Service (BES) – interface for starting, managing and stopping computing jobs.
- WS-Naming – Endpoint Identifiers, Enpoint Resolution
You interact with the grid system in “file-like” ways. Double click on a database query, drag a job onto a server resource, etc.
They use an FTP interface to manage resources on the grid. On linux side, OGRSH acts as an intermediary between bash and the grid. Users can do “ls”, “cat”, “cp” and OGRSH will redirect requests into the grid as appropriate.
Nigel Watling: Cloud Computing and the Internet Service Bus
http://biztalk.net
Building out a new data center in Chicago. Microsoft is deploying 10,000 servers a month to support cloud computing. Amazon expects their services operation to bypass the retail business soon.
Issues that come up:
- How do I expose a service broadly?
- How do I handle identity and access control
- How do I interoperate? Between vendors? Between standards?
Connect their composite application through an ESB to the internal applications and then out to the cloud for distributed resources.
Roland Hedberg: OM2
http://www.openmetadir.org
OM2 is about representing events and moving information about events from one place to another. A publish-subscribe messaging system originally designed around IdM. Implementations in Python, Java and PERL.
Three ontologies: message, operation and object ontologies. Message is the header like for mail. Operation describes the actions (Miro ontology) which includes if-then-else as well as the usual add, modify, etc. Objects describe the objects.
Messages are based on RDF/XML. Includes support for Dynamic delegation Discovery System (DDDS, RFC 3401-3).
“Ontology Driven Application Development.”
Example applications:
Eduroam (http://www.eduroam.org) : allows you to travel between universities throughout Europe and use your local credentials to authenticate to the wireless network.
Bologna Process: supporting the movement of students between universities. Any student should be able to go another university and take a class then come back. Has admissions control and grade reporting.
What OM2 does: Transport the information to the correct address at all time by the use of DDDS, by the transport protocol of the receivers choice.
Brian Busby: ESB at UW-Madison
Talk about our use of the ESB and experience with SOA.
UW-System has been looking at SOA for years (4 or 5 years). We got to where we were going to buy a commercial SOA suite but we passed on the purchase. SOA went into hibernation. Then two projects came along:
- Course Roster Information Service
- Course Guide
We made a decision to take advantage of a license for the Cape Clear ESB. We can take advantage of this.
Interesting impact: people suddenly had to change their discussion to be around services that they need not big data loads or APIs and they made the change.
Issues:
- Right-sizing the environment – we don’t know how many people are going to be using the ESB or the load on the services.
- ESB as a service hosting facility
- Collaborate development teams (Integration Competency Centers)
- What aspects of integration should the ESB handle – do you put all the business logic in the ESB, etc
- Support of the loosely coupled environment
Organization Issues:
- Governance
- Ownership of the services, orchestration, operational data stores
- Security policies
- Web services granularity
- Data representation – what XML should we use to represent data
- Service Level Agreements
- Service definition & re-use
The fact that we got the ESB in place is driving the conversations that we were having years ago forward finally.
Technorati Tags: EDUCAUSE, IT Architecture, Jim Phelps, Service Oriented Architecture, SOA
Related posts:
- SOA – Maturity is Key Presentation, EDUCAUSE Enteprise 2009 My presentation on SOA in the Enterprise – Maturity is...
Related posts brought to you by Yet Another Related Posts Plugin.
]]>The theme that came out was the needs around service discovery in higher education. Discussions will cover CyberInfrastructure for Humanities, Cloud/Grid, SOA, ESB. Discussion groups on data models, governance, service discovery and <your topic here>.
Workshop Format: Each participant should offer (at least): 1 opinion, 1 rant, 1 hope, 1 keen observation.
The problem space: SOA is happening across academia in variety of ways varying from Web2.0 apps, mash-ups, messaging. It happens intra and inter-institutional. This impacts how we offer a variety of services and raises a set of questions:
- How should digital tools and data for scholarship be made available?
- What metadata should be recorded about them?
- How can metadata be globally aggregated and searched?
- What operational and security environments should protect them and enable their appropriate use?
- how should their semantic relationships be codified and maintained?
Mark comments: connecting metadata to the object and having it persist and stay attached as the object moves around and is copied is a difficult area to address.
Jill: SOA is also talked about traditional administrative system but do people think about this
Why would academics would want to store their content in a central system? It might be about the ability to add metadata and re-use the content in multiple places.
Loretta Auvil: SEASR
http://seasr.org/
Goal was do develop a software environment that would allow for the reuse of software components focused on data mining applications for the humanities. Looking at text analysis and music analysis doing genre analysis, mood analysis.
The components and descriptions of those components are very web centric based on SOA and Semantic Web. They are talking about a Semantic Enabled SOA. The components are written in RDF.
Looking at interesting ways of searching: Tag Clouds, Link Flows
Working on a workbench using Google Web Toolkit. Allows you to do a mash-up of the components into flows.
Example Applications: MONK – it has a custom UI that calls SEASR as a service. NEMA – music analysis service that does 10 second slices of an MP3 looks at the genre and mood.
Steve Masover: Project Bamboo
http://projectbamboo.uchicago.edu/
Flickr and del.icio.us tags: projectbamboo
Asking the question: How can we advance arts and humanities research through the development of shared technology services?
Areas of focus:
Discovery and Analysis
Annotate and manage – including the idea of Folksonomic tagging with identifiable levels of authority.
Need to support serendipitous discovery. Search is not useful if it limits serendipity and foraging. Intellectual Property pain and accelerating interdisciplinary are motivate “commons-based peer production” (cf. Yochai Benkler) . There is impatience with copy-write. There is desire to support inter-scholar relationships. Community / Networking that support a “lattice of interest”. Legal and institutional policy are trending towards advocacy around fair use in law.
Emerging aspects of scholarly practice include: shared standards and services, social and scholarly networks, deep consortia across disciplines and national borders. There is need for a chain-of-credibility in mash-ups.
Looking less on service/tools developments and more on standards-profiling and services to facilitate interoperability. One area that they might focus on the sharing / tracking of reference use: who used a resource in what context and for what purpose, who provided the resources to the commons.
We are moving from a wedding cake stack (data and repository, middleware, application on top) to a three-side figure with mash-ups and tools on edge of the triangle.
Ken K – we heard from an English scholar that he is does not do “team english. He is a cat and he does not want to be herded”.
There is a tension between scholars wanting to know “who is using their stuff” and but not wanting to their activities monitored.
Daniel Davis: Fedora Commons
http://www.fedora-commons.org/
Now a 501-3c organization. Moving from an internal grant-funded project to a community project.
Much of the work is focused on integrated services from other projects rather than re-writing code that already exists.
Splitting into multiple projects:
- Fedora Repository – original Fedora Project,
- Middleware – looking at seamless integration between other groups’ services,
- Akubra Storage – new storage plug-in architecture, transaction file system,
- Topaz – core components for semantic-enabled apps currently publishing several journals mostly in medical research,
- Mulgara Triplestore – highly scalabel triplestore.
Relevant technical trends: SOA, Web2.0, RDF, OWL and OWL-S
There are two paradigms that we are dealing with: the lightweight Web model with little trust / security and the Enterprise model where you have deep trust / security models (think HR systems). A repository can bridge these two worlds. You can easily repose content then add a trust model and policy driven controls for adding scholarly information on top of the content.
The Enterprise paradigm need to support near ACID (atomicity, consistency, isolation, and durability) semantics and a strong security and trust model.
Question: The idea that there is a difference between Federated Identity and Federated Repositories and how that would work. They are different aspects but related. There are discussions about shared information between the repositories like User Accounts. In one repository, that person might be an account. In the other, they might be a reference. How much do you share between the two repositories.
Jens Haeusser: Kuali Student
http://www.kuali.org/communities/ks/index.shtml
Keys: Modular, standards-based student system. Community Sourced rather than open source in that their is a board who sets direction and manages the roadmap. It is a person centric system – focused on meeting the needs of the users of the system. SOA-based.
Traditional ERPs – you tend to implement twice. Once, when you try to make it meet your current practices and then again when you accept the best practices as defined by the vendor.
Functional Vision: Support the end users by anticipating their needs. Support a wide range of learners and learning activities (traditional students but also life-long learners, distance learners, exchange students et al). Design to make it easier to change business processes. Reduce time staff spend on routine tasks.
Technical Vision: SOA and Web Services. Not delivering an application as much as they are delivering a framework for you to deploy your business processes. Using the Web Services stack: Standards-based, adhere to Educational Community License (ECL). Building the system in Java. Open Source reference Implementation.
Guiding Principles for the KS Technical Architecture as a PDF
The functional design team is gathering input from a broad range of players from both within an institution as well as between institutions.
The first thing they are working on is Learning Unit Management. Treating it more like SKUs. You can compose them together to make larger units. They have learned that the current way many systems define courses isn’t very good.
Technical Recommendations as a PDF
Database: Apache Derby
Orchestration: Apache ServiceMix, Sun OpenESB, Kuali Enteprise Workflow (KEW)
Created a standard development environment that includes a submission environment. Maven and Subversion, Google Web Toolkit (UI). Business Rule Management System (BRMS) to store and search for business rules includes a UI for business users to define the rules. Looking at the Fluid Project for support of accessibility/usability requirements.
They are using different ESB for different aspects of the framework.
Technorati Tags: EDUCAUSE, Humanities, Jim Phelps, puppy, Service Oriented Architecture, SOA
Related posts:
- SOA – Maturity is Key Presentation, EDUCAUSE Enteprise 2009 My presentation on SOA in the Enterprise – Maturity is...
Related posts brought to you by Yet Another Related Posts Plugin.
]]>Completed a 10 year Strategic Plan which worked because they connected money to it. You couldn’t get funding unless you showed how your project connected to one of the 71 strategic initiatives. Completed a 10 year tactical Telecom Plan. Instead of replacing 1/4 of the switches every year for four years, they want to replace all switches in one year so they can take advantage of new features.
802.11X access solution based on MAC addresses or logins. Getting to automated, policy-based network access. What is the value of this and what have people done in this area? What are the policy zones? This can flip it over so that we are both protecting our network from devices as well as protecting devices from our network.
This group could develop some design templates that schools could use in discussions with vendors.
UW-Madison
Should there even be a Security Architecture? Shouldn’t security be embedded in all of the groups and users? When Stefan started in 2001, he always was asked, “Why” about security items. Why do I need to use a firewall? Why should I have logging turned on? Set a set of principles:
- Security is Everyone’s Responsibility
- Security is Part of the Development Life Cycle
- Security is Asset Management (classifying the information)
- Security is a Common Understanding
We have a five step process for doing a risk assessment. First we agree to the assessment scope, then conduct the assessment, develop a draft report, communicate the findings then re-assess as needed.
Risk = (Impact X Likelihood) / (Mitigation Controls)
Impact is related to costs. How do you monetize reputation? You can ask how would you spend to prevent this from happening. This is a Risk Prioritization process.
How do you balance the security principles against the development principles (scalability et al).
Technorati Tags: EDUCAUSE, Enterprise Architecture, Internet2, IT Architecture, ITANA, Jim Phelps
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
]]>