Gotze.eu

Tag: Web services

  • Project NemFORM

    The Danish Government Business Reference Model – FORM (in Danish) – is an overview of what the Danish public administration does, which services it provides, and which legislation that regulates these services.

    I have been ‘playing around’ with the dataset FORM makes up. In the blog menu, you will find links to pages about Project NemFORM.

    To demonstrate how the reference model can be used, I have created this simple application (autosuggesting services; reference), which can also be used on a mobile device (tested on Android only, so far).

    If you are interested in the geeky details, read about my experience with FORM XML, and JQuery-empowered FORM usage. You can also read about my implementation of the new FORM widget from Digitaliser.dk.

    My project is mentioned in a news story on Modernisering.dk, the Ministry of Finance’s website for digitization of government (and owners of FORM). ‘Innovative use’, they call my project. How nice of them 🙂

    Full disclosure: The Ministry of Finance is a client of EA Fellows. NemFORM is however a private project of mine.

  • Microsoft and Danish Government in New Identity Deal

    A year ago, my former collegue Søren Peter Nielsen wrote, on behalf of the Danish government, a letter to Microsoft. Seems he got a response, and I’m sure it’ll interest XMLGrrl and many others, that an announcement was made yesterday: Agreement between the National IT and Telecom Agency and Microsoft: Agreement concerning partial support of the SAML 2.0 standard.

    “The ongoing dialog between the National IT and Telecom Agency and Microsoft has resulted in an agreement on partial support of the SAML 2.0 standard in Microsoft’s forthcoming version of their federation product named Active Directory Federation Services 2”, the agency writes.

    The text agreed upon is as follows:

    “The Danish public sector has chosen SAML 2.0 as their federation standard. Microsoft products use WS-Federation and WS-Trust as the foundation of their federated identity architecture. The Danish government has agreed that the SAML 2.0 token format is sufficient to provide basic interoperability between WS-Federation and SAML 2.0 environments as a common assertion format, without loss of authentication integrity.

    To support interoperability between WS-Federation and SAML 2.0 based products Microsoft has agreed to support the SAML 2.0 token format in the future release of Active Directory Federation Services code-named Active Directory Federation Services “2”. Microsoft will provide the Danish public sector Centre of Service Oriented Infrastructure with pre-release code to help analysis and planning of solutions for integrating WS-Federation-based clients in the Danish federation, and to collect feedback on the feature implementation.

    In addition, the co-authors of WS-Federation (including Microsoft) have submitted the specification to OASIS for standardization. This step further enables interoperability between federated environments that deploy SAML 2.0-based products and those that deploy WS-Federation-based products.”

    In commenting the agreement, the agency writes: “With this agreement a possibility for inclusion of Microsoft based clients in a common public SAML 2.0 based federation has opened”, and notes:

    The integration will require the standard based login solutions to be expanded with a special integration code. The solution is therefore a pragmatic tactical integration solution, but with the above-mentioned partial SAML 2.0 support from Microsoft it is expected that the integration can be done without influencing the individual “Microsoft Active Directory Federation Service” user organizations.

    The agency notes that more iinformation on the concrete possibilities will be published as the National IT and Telecom Agency’s Centre for Service Oriented Infrastructure receives pre-release code from Microsoft that can be integration tested.
    The agency elaborates a bit more on the deal:

    It is still desired, that Microsoft support all of the SAML 2.0 standard in their products, but the above-mentioned agreement are a good first step towards more convergence among standards for transverse user management.

    The National IT and Telecom Agency also sees the filing of the WS-Federation (WS-FED) specification for standardization in OASIS as a step that can promote convergence among federation standards.

    It should be stressed that it does not mean that the WS-Federation specification is recommended equally to SAML 2.0 for common public solutions.

    When the results of the standardization with WS-Federation become available (expectedly in the end of 2008) it might be relevant to do a new assessment but for now the SAML 2.0 it is still the only standard, which is recommended as a federation standard for Danish common public solutions.

    So, there we have it.

    I want to congratulate Søren Peter on a job well done. Stand firm on SAML 2.0, the open ecosystem needs it. And thanks to Microsoft for listening to customers (but why only partial support?).

  • Conference Time

    I’ll be attending a few conferences as a member of the Press in the coming weeks, so if you’re there too, and want to meet up, do get in touch.

    On Sunday, I’ll leave for Vienna for SAPPHIRE 2007. “Business at the speed of change“. It’ll be interesting to hear more about where SAP is with SOA and much more, but frankly, the presentation I look forward to the most is the one by Geoffrey Moore, on Business Network Transformation to Create Competitive Advantage.

    Then in June, I’ll go to Orlando for the IBM Rational Software Development Conference 2007. “What Keeps Me Rational?”. I think I’ll focus on architectural issues, and it seems there will be talk about both SOA and EA. It’ll also be interesting to hear about where Danny Sabbah is with Jazz.

  • Standards, Security, and Sectors

    OASIS Adoption Forum

    I’m going – are you? The third annual OASIS Adoption Forum is held in London on 27-29 November. The forum is themed Enabling Efficiency between Government, Business and the Citizen: Managing Secure Interactions in Sector Applications, and the list of presenters is very impressive. Also note that a Workshop on the State and Future of PKI has just been announced being part of the event. There will be sessions about adoption of OASIS standards such as SAML, XACML, and WS-Security.

    OASIS Adoption Forum “seeks to educate and expose security leaders and professionals to the tools, standards and implementations that are transforming security interactions and relationships between citizens, businesses, governmental institutions and agencies. With increasing threats encompassing everything from hacking to identity theft, providing a secure environment must be a major objective for companies, governments, and organizations worldwide. The success you enjoy tomorrow depends on the security decisions you make today”.

  • Standards – A Critical Frontier for Research

    The esteemed scholary journal MIS Quarterly has issued a Special Issue on Standard Making.

    The introductory article by the editors Kalle Lyytinen and John Leslie King, Standard Making: A Critical Research Frontier For Information Systems Research, is freely available, as are abstracts for all articles, but you need access to a research database to get online access to full-text articles.

    It is great to see the emerging scholary interest in standards. Kudos to Lyytinen and King for the initiative to the special issue, which I understand has been underway for several years.

    The seven articles in the special issue cover a range of issues. In Lyytinen and King’s words:

    … the accepted papers embody a rich variety of approaches to account for standardization processes and outcomes. Studies focusing on standard creation draw mainly upon institutional analyses, power analyses or collective action theory and associated action dilemmas (e.g. prisoner’s dilemma). Standards choice draws from economic theories of network effects, path dependency and switching costs. Standards impact embodies theories of how firms at the industry level can mitigate against increased transparency and lower barriers to entry created by open standards, as well as sociological analyses that try to explain why expected benefits of standardization orders did not emerge. The papers overall exhibit a significant variation in levels and unit of analysis, from individual firms to industries to types of standards or standardization outcome, and research methodology, from modeling and simulation to ethnographic studies of standardization processes. This shows how IS standardization research is likely to benefit from multiple research methodologies that also promote cross-pollination of ideas.

    I found the paper by Jeffrey Nickerson and Michael zur Muehlen, The Ecology of Standards Processes: Insights from Internet Standard Making, particularly interesting. Nickerson and zur Muehlen analyze the emergence of new web service choreography standards, and trace a decade of workflow standardization processes as “a set of legitimizing moves where actors, ideas, and institutions constantly and randomly collide to create a standard, which is technically acceptable and institutionally ‘forceful’ for future adoption”. The analysis shows that “institutional ecologies associated with Internet standards are not driven solely by economic calculus but that other norms and values, like elegance, design spirit, or technical wizardry, count in making ecologies viable”.

    Standard-making in the IS field involves at least 400 standards bodies and consortia, and many thousands standard-makers. In itself a huge ecosystem with many “species”. As the recent years’ developments around XML-based document formats show, there is a lot of competition within the ecosystem, or between various ecosystems.

  • Digital Identity Management – Challenges and Benefits

    Amir Hadziahmetovic has published his MSc in IT thesis, which he made under my supervision. It is in English and is called Digital Identity Management – Challenges and Benefits (Download PDF). Besides giving a nice introduction to and analysis of Identity Management, Amir makes some interesting observations about the identity management situation in Denmark. I recommend everyone to read this good thesis.

    I’ve extracted a few central paragraphs introducing the project:

    The main research problem is how to find the optimal model that will solve Digital Identity (DI) management and the data interchange for electronic business in new network economy. The problem lies in unknown path of how to make choices for interoperable DI, and how to find the optimal strategy to implement chosen model. The research will commence with exploring the area of general Digital Identity Management, continue with analyzing platform for interoperable management and exchange of DIs, including implementation challenges, and end with listing the benefits of having such a platform implemented.

    Imagine the sewerage management of a bigger city where each building block has a container for waste waters instead of a city-wide sewerage system. Without drain-pipes connecting the containers, every now and then a container would fill up, and for emptying a pump-trucks would be needed. They would pump out the content from a container, and spill it out at some depot outside the town. This would be very complex system of containers and trucks, difficult to control and manage. Some of the containers would certainly get overfilled, causing flooding and bad smell. With the growth of the city, the system would get even more unreliable. Therefore the majority of today’s cities have outspread sewerage system, which connects the depots, automating the spill of waste waters.

    The similar problem modern business has with today’s DI management: Identity data in containers, filling up quickly; the system unable to exchange data with other systems; difficult to maintain and automate the spill of data. To enable development of electronic business, more reliable system for DI management is required.

    Business trends today push organizations toward strengthening of cooperation and linking of business processes between them. Many companies and governments are tending to expand their activities by integrating online services and systems, and letting external users access internal data. Individual users want comfortable Web experience, and minimal effort in getting tailor-made products and services. Inability of today’s IT systems to match these trends is choking present development of business. Strengthening of cooperation and linking of business processes is putting pressure on IT systems and belonging infrastructure, requiring that Digital Identity data is created in unified fashion, and safely exchanged between organizations.

    Digital Identity Management (IM) is a fundamental part of integrated company systems and online services. It defines who has access to what in some cases, and identifies customers and users of the services in other cases. IM architecture of today has to evolve from predominantly silo to common, interoperable architecture, based on open standards. This kind of architecture is a fundament for Federated IM, where identities are safely exchanged.

    This project will try to look at Digital Identity Management, technology and architecture in relation to business goals and strategies. The main concepts of Digital Identity Management will be addressed i.a. concepts like Federated Identity, Single Sign-On (SSO), and Open Standards. The report will present a study of business and technical implications of Federating Identity, where Identity management is the central issue.

    An analysis of the practical as well as architectural aspects of Federated Identity will be covered. An analysis of open standards for interoperability will be covered, especially those advised by Danish National IT and Telecom Agency and their Reference Model for Identity. The report will focus on standards from the Model such as Role-Based Access Control (RBAC), Security Assertion Markup Language (SAML), Lightweight Directory Access Protocol (LDAP) and Public certificates for electronic services – OCES Digital Signature, but also will discuss alternatives. Finally privacy issues will be considered.

    The fundamental objective of any enterprise IT system must be full support to business flexibility and agility in ever-changing business environment. The ultimate goal of this project is to perceive the challenges of the IM evolution path, and to show how Identity Management supports connection between the systems and the processes, providing users with better web experience.

    Method: The project will list general theoretical issues, comparing different views on these issues, and presenting own reasoning.

    The obstacles in relation to acceptance of Reference Model for Identity will be analyzed. The analysis will be based on empirical research including feedback from involved organizations, interviews with individuals from selected organizations, conferences, and forums.

    Again: Download Amir’s thesis (PDF).