Technology: May 2007 Archives

Joel Smith from CMU is leading this discussion.

There's a bunch of activity in Educause and other forums around this topic.

Strategies around specific emergencies could be very different depending on the nature of the emergency.

A quick survey of the membership: 84% of the respondents said there have been situations in recent years calling for emergency communications, including environment and weather, environmental health risks, dangerous or damaged facilities, etc.

How long does it take to send messages? Fastest is web posting, email is pretty fast, and text messaging is the least deployed. Joel notes that composing messages is not something that is built into our emergency processes and it's difficult to do in many circumstances. At Columbia it took them eight hours to compose a message to inform people that the campus was closed in a snowstorm. It can also be hard to get hold of the right people to post and send messages.

Berkeley deployed PeopleLocator (http://peoplelocator.berkeley.edu/ )

Much is predicated on having good data, like cell numbers.

Bill notes that at Stanford they have an incident response team that's separate from the emergency operations process.

Joel notes that it's important to put the time that the next communication will take place in each emergency notification, in order to keep people from overloading the channel just to see if there are any updates.

MIT is looking very seriously at being able to send SMS messages. There's some concern that you have to work closely with vendors to not have mass SMS messages classified as spams.

A few institutions in the room have some cell contact information for students, but nobody claims to have good directories of cell information.

Texas students had brought Mobile Campus on campus - but it peaked at about 7,000 students (out of 50,000) and appears to be on its way down - they think it's because they get spammed with ads from them.

MIT is going to try some tests of emergency communications, asking people to respond if they receive the test messages. They are using mir3, which was contracted originally to contact emergency responders, but they expanded that to try to contact everybody. They hope to be able to use that test to gauge how good their contact info is, as well as how long it takes to get messages out. They'll try sending both voice and text messages.

At Wisconsin they're adding text asking people to update their contact info when they register for classes.

Several campuses have been updating PA systems on campus in the wake of recent emergency events.

Technorati Tags: CSG, CSG-Spring-2007, emergencies, emergency-notification, emergencies, notifications

Charlie Leonhart is leading off the morning with a discussion of identity management. He's asking the crowd who's running their first generation ID management system as opposed to as second or third generation system. Paul points out that their approach at MIT is more incremental, changing and adding to the original system every year, so it's more of a maturing continuum rather than generations. Georgetown's original ID management was a directory built for provisioning accounts in different systems.

RL Bob says that Internet 2 and MACE point to different products that handle this kind of thing, but there is no significant open source shared product in the space of core identity management and provisioning, as the institutions that have built these systems have done it in ways that are embedded so deeply in their systems that it's hard to share.

Several people have used commercial products in their identity management - Indiana uses Microsoft's identity management server, and it's working very well. Brad thinks we need to get better at federated identity - maybe 2008 will be the year of federated identity. Gary says NYU uses Sun's identity management products, because they didn't want to have to build it themselves. Michigan is going to go with the Novell services because they didn't want to build it themselves and the connectors to Peoplesoft and other systems were already there. Duke is also using Novell. Colorado is going with Sun. Georgetown has picked Oracle, primarily to automate feeds from backend systems and for provisioning and de-provisioning. De-provisioning is particularly challenging - the ability to do ubiquitous de-provisioning is important.

How much convergence is there with digital identity and physical id control. At Chicago the card office has always been part of central IT, and they're working on merging that system with card system, and they're working on a common system across the hospital and the campus.

How centralized is the process of creating identities - how many are taking feeds from departments to create identity? Tim says that at Harvard the issues are around SOA kinds of things - changes in data formats, scheduling, etc.

RL Bob says that we have a local community college that we share facilities with that needs NetIDs, and we are working with the Cancer Care Alliance who needs NetID. In both of those cases they run Active Directory and we've been using a federated approach, using Shibboleth - which raises some policy issues of what kinds of things they then might get access to.

At Stanford they're setting up a guest account service. Bruce also notes that the owners of the Peoplesoft and Oracle systems are likely to start asking about what value the separate registries bring, instead of just using the purchased systems.

Klara talks about Duke needing to create the ability for affiliates to create accounts in a delegated fashion. Charlie characterizes this as the "Martian" user issue - visitors, people who come just for the day, etc. Michigan is setting up a sponsorship system where departments can set up temporary identities for visitors.

Brad says to look at the strategic issue, the University is not going to be a fortress any longer, but will need to be much more porous. He cites the issue of the library which was using access to a University digital identity as a surrogate for meaning "faculty, staff, or student" to grant access to subscriptions.

Tom is talking about people who are "non-affiliated patrons", like those who have library privileges but no other connection to the institution. They're creating a separate store of identities for these folks. It was much easier to not bring those back into the main identity store and deal with all the policy issues, etc.

Phil Long notes that business process has to precede identity management.

At Wisconsin they have a formal decision making body for identity management that reports to the Provost. Just this month that committee has announced that they'll add two faculty members and student representation. Federated research has made this an academic as well as administrative issue.

Berkeley has a signle-sign-on management model, but there's not a good funding model - they've been considering some sort of identity-management tax on new system development projects.

At Georgetown they have a tax on all money transactions on their cards to fund the card office operations - 4% on internal purchases (like soda and candy machines, etc), more for external vendors (like local restaurants, etc).

Texas has multiple assurance levels of identity - for high assurance you have to show up in person with photo ID.

Technorati Tags: authentication, CSG, CSG-Spring-2007, digital-identity, identity-management, identity

Jim Phelps from Wisconsin is kicking off the workshop by talking about the ITANA group, which had its first f2f meeting yesterday. Over 20 people attended that meeting, where many people said that there was a lot of discussion about what IT architecture actually is and who is an architect (Jim characterized the discussion as "navel gazing").

Now we've got a panel representing different practices in IT architecture and governance at different institutions. Bruce Vincent from Stanford notes that we have quite a range of practices reflecting the structures and cultures of different institutions. The panel includes Tom Barton from U Chicago and our very own RL Bob Morgan in addition to Bruce and Jim.

Bruce says IT architects are working as influence peddlers - that's in a discussion of governance. Most at ITANA agreed that influence is more practical than formal governance. Influencing architecture early is critical - bringing it in late (like an architecture review board) dooms it to failure.

Tom notes that Chicago is not big on process, and they're not sure what architectural process is. But it should result in simpler more sustainable services, and a more common infrastructure. To do that some of the challenges are that people aren't connected enough to be aware of or comfortable with leveraging other people's work. At Chicago they've done several things to try to move this. One is that they've started having meetings of the chief technical people in each of the directorates. It's been good contact, but hasn't resulted in tangible outcomes. The enterprise architect has been involved with purchasing of new software for the institution, to do some vetting of security and integration in new packages - result is they're not shooting themselves in the foot quite as much. They recently formed an architecture group, which includes senior decision makers and senior tech people - 12-14 people. Aim to get buy-in and resource commitment. The idea is to make "more harmonious" decisions - e.g. what kinds of operating systems can be run in the data center. Engaging in a virtualization strategy using that group.

How services get advertised and shared is a problem. The "IT Ecosystem" is a web database that is designed to help people know who to talk to and characterize the mess.

RL Bob starts off by saying that he's here to represent the incoherent view, which both he and his institution are well suited for. One of the roles of the architect is to get everyone else to think like an architect, to think about the long-term, sustainability, etc. We don't have a single person respsonsable for architecture or an architecture office. Bob describes the attempt at UW to have an Architecture group, which tried to list architectural principles, which ended up not being entirely successful. Much architecture ends up working as advice and engagement in specific projects, which might imply roving bands of architects engaging in lots of projects. But not all projects take advantage of seeking out architectural advising (nor would that scale too far). The development of the product and service lifecycle has been more successful, and while it's not specifically about architecture, it at least has touch points where architecture can be considered.

Bruce talks about Portfolio Management - architects are asked to give an idea of relevant amount of investment and how long it will last - there's relatively little in the way of formal structure for this. At Stanford they have a body called the Systems Governance Group, which controls project money in large. Annually large projects have to come and "defend their right to exist". There's also a faculty subcommittee on computing that they've used successfully to gauge faculty support for efforts. Stanford has a Technology Architecture and Strategy Council, which has practitioners who are the lead technologists in various areas and have to "put up or shut up" on strategic direction and think about how their areas integrate and overlap with each other.

It strikes me that this conversation really represents a classic industrial style of "architecture" as a controlling system that can prescriptively decide what's correct at an institutional level. I tend to think of a post-modern concept of architect as a bricoleur (see quote below), working in more of an ad-hoc manner to build structures that use the materials at hand to respond to ever-changing needs.

In response to a question I asked about whether any of these architecture review boards include people from outside the central IT groups, Paul Hill noted that MIT's architecture review board has included people from across the institution that have reviewed projects on a regular basis, but that recently the non-central-IT folks requested that the central organization do the detailed reviews and report back to the whole group instead of having everyone involved.

The 'bricoleur' is adept at performing a large number of diverse tasks; but, unlike the engineer, he does not subordinate each of them to the availability of raw materials and tools conceived and procured for the purpose of the project. His universe of instruments is closed and the rules of his game are always to make do with 'whatever is at hand', that is to say with a set of tools and materials which is always finite and is also heterogeneous because what it contains bears no relation to the current project, or indeed to any particular project, but is the contingent result of all the occasions there have been to renew or enrich the stock or to maintain it with the remains of previous constructions or destructions. The set of the 'bricoleur's' means cannot therefore be defined in terms of a project (which would presuppose besides, that, as in the case of the engineer, there were, at least in theory, as many sets of tools and materials or 'instrumental sets', as there are different kinds of projects). It is to be defined only by its potential use or, putting this another way and in the language of the 'bricoleur' himself, because the elements are collected or retained on the principle that 'they may always come in handy'. Such elements are specialized up to a point, sufficiently for the 'bricoleur' not to need the equipment and knowledge of all trades and professions, but not enough for each of them to have only one definite and determinate use. They each represent a set of actual and possible relations; they are 'operators' but they can be used for any operations of the same type.

Technorati Tags: architecture, IT-architecture, CSG, CSG-Spring-2007

There's been a lot of general head nodding on the web in reaction to Paul Graham's essay titled Microsoft is Dead.

Paul's assertion is not that Microsoft is out of business, of course, but that it's not a serious contender in the development of new technologies that matter.

After some of the things we've seen in the last couple of weeks my opinion is that, like Mark Twain, the reports of Microsoft's demise may well be greatly exaggerated, though I do have to agree with Tim O'Reilly's comment that MS's recent assertion that Linux violates 235 Microsoft patents without being willing to name them is totally reminiscent of Senator Joseph McCarthy's famous claim about communists at the State Department, and Tim's right-on when he says: Whether or not it's true, citing such a number without providing any detail is such a classic FUD move that, to me at least, it just makes Microsoft look ridiculous.

Last week we had George Moore and Walter Harp from Microsoft out to talk to our campus web services discussion group. George is the group manager of the Windows Live platform, and Walter is the Product Manager for Windows Live@edu (Microsoft's online offering for universities). George showed recently announced developments, including Sliverlight, a new platform for developing rich Internet applications. If I understand it correctly Silverlight combines methods for combining video (including high definition video) and interactivity controls into applications that render within a browser - think of it as a competitor to Adobe's Flash. It's use requires a browser plug-in, which Microsoft has made available for Firefox and Safari as well as IE. In addition to the base technology, MS is also offering the Silverlight Streaming service, which offers 4 GB accounts for free to host Silverlight applications, with outbound streaming quality of up to 700 Kbps. That speaks of a very hefty investment of resources by Microsoft.

The best explanation of Slverlight I've seen so far is the post in Scott Guthrie's blog. Scott also talks in this post about the implementation of a Dynamic Language Runtime to .NET that allows people to program >NET apps in popular dynamic languages. Microsoft is releasing DLR support for Ruby, Python, Javascript, and something new they're calling Dynamic VB. Perhaps most interesting, the DLR can be used in cross-platform Silverlight application in the browser.

As Tim O'Reilly notes (in a different post than the one I quoted above):

The RIA game really is heating up. Macromedia (now Adobe) started evangelizing this idea a long time ago, but it was Ajax that made it on the tip of every industry strategist's tongue. It's going to be very interesting to watch whether Silverlight and Sun's JavaFX make headway against Flash and Ajax in this space, or whether it's already game over.

In addition to showing us Silverlight, George also demonstrated some of the APIs to Microsoft Live services and the easy-to-use drop-in controls they're making available that build on those controls. The idea is to make it easy for people to build mashups of the various Live services. One of the most interesting controls is one that allows you to see your Live Contacts (think buddy list) dynamically within a web poge.

The very next morning after George and Walter were on campus Microsoft released the Popfly alpha. Popfly is a new service that allows you to visually construct web mashups within a browser by dragging controls onto a canvas and connecting the dots with a mouse. George kindly arranged for me to be invited to the alpha. I haven't had time to play with it much yet, but I did walk through the excellent tutorial, which walks you through creating a mashup that displays the location of new Twitter posts in Virtual Earth. I then tried to create my own mashup of showing where the closes Metro bus was in relation to my house, but I couldn't get it working in the fifteen minutes I had available to mess around so far. I was, by the way, working in Popfly in Firefox on my Mac, which worked fine. Popfly strikes me as similar in concept to Yahoo! Pipes, and it will be interesting to contrast the two and watch them both evolve.

So while I haven't always been a big fan of either Microsoft's software nor its business tactics, I do think that there is evidence of a whole new generation of talented people there who really get the Internet and Web 2.0 and are working hard to create some new and truly useful and interesting software there. While it's undoubtedly harder to refocus the huge corporate empire of Microsoft than it was in 1995 when Bill Gates issued his famous Internet Tidal Wave memo, I think there are definite signs of new energy emanating from Redmond. There's some life left in the old corporation yet!

Technorati Tags: business, mashups, microsoft, popfly, strategy, WindowsLive@edu

This might be of interest to lots of folks - I know my garage and basement tend to fill up with old electronics.

Spring Cleaning? Responsibly recycle your old electronics!
E-waste recycling event to take place at Rainier Community Center in South Seattle.

Seattle, WA - On Saturday, May 19th, 2007, individuals, small businesses, and community organizations are invited to recycle computers, monitors and TVs.

WHAT: Responsibly recycle used computers, monitors and TVs! All computer boxes (CPU's), computer monitors, computer peripherals and TV's will be accepted at the event. Computers, monitors and all TVs will be charged recycling fees ranging from $5 for computers to $25 for TVs. These fees are comparable to or less than the fees charged by the city and other recyclers. Working computer and monitor d onations are tax deductible.

WHEN: Saturday, May 19, 2007 from 9 AM - 4 PM. Rain or shine.

WHERE: Rainier Community Center
4600 38th Ave S, Seattle WA! 98118
(The center is located one block east of Rainier Ave S & S Alaska St)

WHY: Computer boxes (CPU's), computer monitors, computer peripherals and TV's all have heavy metals and are illegal to dispose of with regular garbage service. Proceeds and computers from the event will benefit the RecTech Coalition and InterConnection in their effort to steward the environment and provide computers to underserved areas throughout the world.

For event details visit: http://www.computers.interconnection.org/ecyclerainier/

For more on RecTech, see http://www.seattle.gov/parks/Centers/labs.htm

Technorati Tags: recycling

I spoke briefly about what we're up to in C&C Emerging Technology on Tuesday at a meeting of UW computing support staff. There were several hundred staff attending, and we managed to get some good suggestions from the participants about issues we should be investigating. We'll list those suggestions and have a space to add more of them over on our Etech blog site. In the meantime, my slides from the meeting (pdf) are here.

It was great to see everybody at the meeting!

Technorati Tags: UW