Wednesday
Aug072013

The API Economy and Enterprise IT

An excellent HBR article on the implications of the API in Enterprise IT.  Among the companies referenced as models include Netflix, Salesforce.com, Facebook, Twitter, Google and eBay. But, do these companies really represent enterprise IT? It's when the likes of the healthcare, insurance, and supply chain logistics take on the 'API economy' that the real disruption.

Move Beyond Enterprise IT to an API Strategy - Thomas H. Davenport and Bala Iyer - Harvard Business Review:

the IT function's focus has been inside the enterprise. They might allow some occasional website browsing by employees (though many sites are banned), and perhaps an inbound website or intranet for customers to enter an order. The focus, however, has been on protecting a walled garden of information transactions.
We think the emphasis should instead be external. Toward this end, we increasingly see sophisticated organizations competing in an "API economy" in which application programming interfaces are the primary approach to inter-organizational collaboration and information exchange. APIs, which are specifications or protocols for how to exchange information or request online services from an organization, are already booming in online businesses. As more companies realize that information is key to their product and service offerings, and that they need an ecosystem to provide those offerings, APIs will grow further in popularity. Many of today's ecosystem members are coders and app developers, and APIs are how they interface with a provider organization.

 

Wednesday
Aug072013

NASA Cloud Contracts Get a "No-No" from Auditors

The 'clouderati' who, among other themes, like to promote the idea that cloud computing has a bit of the 'outlaw', going around the restrictions set by 'the Man' (usually corporate IT) may have to stop, look and listen.  NASA's Office of the Inspector General that while the organization is 'all in' with respect to cloud computing, a lot of NASA centers have been playing way too fast and loose.

NASA Cloud Contracts Slammed By Auditor - Cloud Computing - Platform:

NASA has scored low marks from its own auditor on its progress in adopting cloud computing technologies. In a report published Monday, the NASA Office of Inspector General concluded that weaknesses in the body's IT governance and risk management practices have "impeded" it from gaining the full benefits of cloud. For example, several NASA centers moved systems and data into the public cloud without the knowledge or consent of NASA's Office of the CIO (OCIO), while it struck deals with suppliers using contracts that "failed to fully address the business and IT security risks unique to the cloud environment."

 

Wednesday
Aug072013

Does advance in mathematics threaten security?

It's always interesting to see what does (and does not) get picked up by the technology press each year after a Black Hat Conference. This work from Alex Stamos of Artemis has not been widely reported, but that's mostly because the threat is not imminent.

Math Advances Raise the Prospect of an Internet Security Crisis | MIT Technology Review:

Alex Stamos, chief technology officer of the online security company Artemis, led a presentation describing how he and three other security researchers studied recent publications from the insular world of academic cryptopgraphy research, which covers trends in attacking common encryption schemes. “Our conclusion is there is a small but definite chance that RSA and classic Diffie-Hellman will not be usable for encryption purposes in four to five years,” said Stamos, referring to the two most commonly used encryption methods.

 

Wednesday
Aug072013

OSI and the Internet: Gone but not without influence

This is one of the best 'historical' pieces on the Open Systems Interconnection (OSI), some of the people who were involved, and how much of what the 'internet way' of defining and deploying protocols does, in fact owe to the efforts of the OSI community.  

If you have 10 minutes, and want to understand how current 'standards' wars (...yeah, I'm lookin at you OpenStack and AWS…) bring knowing nods from those who went through the TCP/IP - OSI tussle, read this.  It's worthy technical history.

OSI: The Internet That Wasn’t - IEEE Spectrum:

By the mid-1990s, the Internet had become the de facto standard for global computer networking. Cruelly for OSI’s creators, Internet advocates seized the mantle of “openness” and claimed it as their own. Today, they routinely campaign to preserve the “open Internet” from authoritarian governments, regulators, and would-be monopolists.
In light of the success of the nimble Internet, OSI is often portrayed as a cautionary tale of overbureaucratized “anticipatory standardization” in an immature and volatile market. This emphasis on its failings, however, ­misses OSI’s many successes: It focused attention on cutting-edge technological questions, and it became a source of learning by doing—­including some hard knocks—for a generation of network engineers, who went on to create new companies, advise governments, and teach in universities around the world.
Beyond these simplistic declarations of “success” and “failure,” OSI’s history holds important lessons that engineers, policymakers, and Internet users should get to know better. Perhaps the most important lesson is that “openness” is full of contradictions. OSI brought to light the deep incompatibility between idealistic visions of openness and the political and economic realities of the international networking industry. And OSI eventually collapsed because it could not reconcile the divergent desires of all the interested parties. What then does this mean for the continued viability of the open Internet?