The Role of Open Systems in Innovation Management Hochschule St. Gallen, Reihe Innovation und Führung 14. April 2008

Transcription

1 The Role of Open Systems in Innovation Management Hochschule St. Gallen, Reihe Innovation und Führung 14. April 2008 Dr. rer. nat. Hellmuth Broda Spokesperson and Individual Contributor, Liberty Alliance; Individual Member, VP Scientific Advisory Board, Swiss Academy of Engineering Sciences (SATW)

2 Vision: From Information to Participation Everyone and Everything Participating on the Network

3 The Massively-Connected Era Rapid Evolution Technology Promotes Connection In just one decade the world has become massively connected Device proliferation, growing bandwidth, service oriented architectures many dimensions/layers of relationship Fractal Architectures We are moving to networks of networks 3

4 We Are Massively Connected... DIGITAL IDENTITY OPEN SOURCE SERVICE ORIENTATION SUBSCRIPTIONS NARRATIVE ENGAGEMENT 4

5 Re-Thinking Total Cost of Ownership ROI Acquisition/Entry Operation Cost of Exit Exit Barriers Test question: Why do you still run your expensive mainframe systems?

6 (IT) Evolution Customize Standardize Utilize

7 Computing Is a Commodity, Computing Systems Aren t Oil Deepwater Platform Electricity Power Plant Computing Network Data Center

8 The Context: All Industries Move from Custom to Utility Models Price Customize Ubiquity Standardize Utilize

9 What Everybody Tells You

10 Three Faces of Open Open Source = Opportunity (for developers) Open Systems = Interoperability (for industry) Open Standards = Choice (for users)

11 Who Benefits? Open Source = Opportunity (for developers)

12 What is Open Source? Using Shared Resources to Solve Needs and Create Wealth Distribute binaries and source code Freely modifiable and re-distributable Non-discriminatory Consensus driven projects Meritocracy Peer review and public discussion OK to make money - but not for access to code

13 Joy's Law Innovation will happen, and it will happen Somewhere Else Bill Joy Aspen Institute

14 Myths About Open Source 1.Open Source developers will build your project for Free 2.Open Source is anti-business 3.Open Source projects are hostile to corporate developers 4.Open Source software never really ships on time (or at acceptable quality) 5.Nobody really makes money

15 Truths About Open Source 1. 45% of CIOs in the Fortune 2000 are looking for an alternative to proprietary OS 2. Linux: massive worldwide deployments 3. Open Source no longer synonymous with free or no/low value technology 4. 55% of Open Source developers at OSDN are paid to work on at least one Open Source project 5. Venture capitalists are investing in open source companies 6. Companies can redistribute open source software and charge for different value-added services

16 Open Source Monetisation Two Golden Rules: Collaborate over what does not differentiate Compete by innovating on the commodity base Monetise Ubiquity at the Point of Value

17 Open Source in a Nutshell A community of developers Learning from each other Sharing a code commons Protecting the commoms Creating wealth from the commons Enriching the commons in the process The guild model re-discovered? Using the commons, the young can stand on the shoulders of the elders Wiki for software

18 And This Is Happening Bundles of software are under Open Source license Earning money with support Open Office in 50+ languages since open

19 But... Open Source relies on Open Systems (and Open Standards) for Interoperability

20 Who Benefits? Open Systems = Interoperability (for industry)

21 What are Open Systems? ``We use state-of-the-art building blocks for both hardware and software. Our open systems philosophy enables easy integration of third party products to enhance and extend the system s capabilities.

22 What Are Open Systems? Published interfaces enable interoperability Third parties can compete with a different implementation permit different implementation of identical functionalities enable some degree of exchangeability can be manufacturer specific use of the interface can require royalty payments to the manufacturer

23 Characteristics of Open Systems Everything necessary to do the job is defined and published No need to escape to use proprietary facilities No undocumented features, no insider tips & tricks Modules can be exchanged (integrateability)

24 Why Not Closed Systems? Locked into one vendor's offering Unpublished program interfaces inhibit third party extensions and adaptations Customers depend on one vendor no best of breed approach possible Customers are forced to follow the upgrade path and licensing model of the vendor

25 But Open Systems Are Not Yet the Full Monty Owned by a single party or small group Interface subject to change without much prior notice Intellectual Property situation sometimes complex Cannot be influenced easily by third parties or the public

26 Who Benefits? Open Standards = Choice (for customers)

27 What are Open Standards? Specifications that Define & describe interfaces, file formats, protocols, etc. Outline agreed-upon conventions Allow and encourage multiple competing implementations without undue constraints Enable diverse programs to work together (interoperability) Developed and managed in an open process Subject to extensive public review

28 Standards in Other Infrastructure Projects Railroads have standards for rail gauges Roads need standards to ensure smooth traffic Ports have standards to ensure smooth flow of ships Airports have standards to ensure aircrafts do not crash Even the sewerage system has a plethora of standards including the size of the manholes

29 Freedom of Choice Choice of solutions from many vendors Open Source Software implementations Conformity with widely accepted industry standards Public specifications, with unrestricted access for everybody, create an even playing field

30 Open Standards are Open if they: Are created and modified through open participation in a widely-recognized vendorneutral industry forum, Are available to anyone for implementation and use on a royalty free basis, and Have no intellectual property encumbrances on their use.

31 So What to Use When? When you want to change the radio in your car do you need the blueprint? (Open Source)

32 So What to Use When? If you have the blueprint will you be able to install your new radio? What you might need is a standard published interface (Open System)

33 So What to Use When? But for custom changes you will need the blueprint (Source Code)

34 Example for Open Standard Liberty Alliance for Identity, Trust, Privacy 150 members in a publicprivate partnership

35 Who Is the Liberty Alliance? Consortium developing open standards Develops open specifications that anyone can implement Liberty does not deliver specific products or services Conformance testing & certification to ensure interoperability For federated identity management In coordination with other standards groups 30+ Liberty-enabled products and services currently available Addresses business & policy issues of identity Guidelines, best practices documents, checklists Support for global privacy regulations built into specs

36 Who is the Liberty Alliance? About 150 diverse member companies and organizations representing leaders in IT, mobility, government, service provision, system integration and finance from across the globe Management Board and Sponsor members include:

37 How We Can Build Trust The biggest concern of the principal/patient/customer is privacy Privacy does not mean that nobody knows nothing about me It is about managing the faith of the principal/patient/customer by adhering to the agreed scope and holding the information in trust Customers are afraid of Purpose Creep What could an architecture for privacy and trust management look like?

38 Security Management Identity Management Architecture for Trust Management Policy Authorization Authentication Identity Definitions A combination of business and technology practices which define how a relationship is conducted and services are performed A set of rules governing decisions about what the user can do: access to information, services or resources Assertion of validity of a set of credentials. Credentials express a person s identity. A Yes/No answer Basic set of information that creates a unique entity (a name with a corresponding set of attributes)

39 Security Management Identity Management Architecture for Trust Management Policy Digitally Speaking Business practices to manage risk, enforce security/privacy, provide auditability. Authorization User, customer preferences, history, personalized services, 3. Determination of access rights to systems, applications and information: Match credentials against profiles, ACLs, policy Authentication Identity 2. Log on with a UID/PW, token, certificate, biometrics etc. A process that demands the prove that the person presenting them is indeed the person to which credentials were originally issued. accept or reject 1. User, customer, device facts, e.g., name, address, ID, DNA, keys; credentials, certificates that were issued e. g. by a Certification authority

40 How People Will Trust Policies Policy and its audit have to be guaranteed and certified by a approved public or private independent organization, e. g.: Federal or State data protection agency TÜV (private institution) Audit firm Chamber of Commerce Postal Service or other basic service provider,... This can be achieved with defined processes and responsibilities similar to ISO 9000 Trust is based on policies and the audit of those -- not just on security

41 Liberty's Structure Promotes Privacy and Security Federated structure means no single centralized data storage that would be vulnerable to attack End user has more control of data because permissions travel with data, guiding its use No global identifier--model protects against unauthorized data sharing

42 The Liberty Advantage Wide-spread adoption Convergence with other standards Works with existing legacy systems and future development plans Privacy & security best practices No central point of failure Built on standards e.g., SAML2.0, Shibboleth Federated authentication model 1 billion identities under Liberty protocols Multiple vendor competition Freedom of choice Create trust for all participants Conformance testing & certification Provides for multi-product interoperability

43 Accomplishments The de-facto standard for Identity Federation foundation and Web Services Over 1 billion federation-enabled touch-points Numerous case studies of successful deployments annual IDDY awards Global membership representing: enterprise deployers, vendors, governments, and non-profit organization Published Business and Policy guidelines for best practices in legal, privacy, and business deployments World-recognized Liberty Interoperable test and certification program.

44 Liberty Directions Educate the market Addressing Identity Management needs for a Web 2.0 Environment including: Full range of Identity Management use-case scenarios individual to enterprise Anonymous-to-strongly authenticated credential standards and privacy policies Worldwide privacy and government liaison Web-scalability smallest-to-largest systems Open and heterogeneous solution requirements Rich IdM client functionality for flexible deployments Help drive adoption

45 Need to Bring Together Disparate Identity Efforts New identity-related technologies are entering the market The development of generic web services standards has lagged behind identity web services standards Participation in open dialog between leaders followed silo development Despite recent convergence trends, only Liberty technologies have a certification program

46 Through an Open Approach Drive interoperability throughout the Internet Identity Layer Open the doors to collaboration Open up meetings Open up public forums & lists Grow liaison relationships with new communities Publish a huge inventory of previously confidential material The Concordia Program A public call for interop use cases for heterogeneous environments Expand certification program to meet the requirements

47 John Pugh, Member of Parliament (UK), On Open Standards: Utility of Open Standards is even more important than the utility of Open Source. Parts of industry are moving away from Open Standards and Open Source. That is an extreme step backwards. Without Open Standards there is the danger of lock-in to one single vendor, having to follow him for decades for good or for evil.

48 Special Case of Open Standard: Open Format = Access (For Posterity)

49 The Problem Let us learn from the disasters affecting the Library of Alexandria Where we lost the knowledge of the world from that time Fires and other destructions have been reported from 48 BC (Cesar), 275 AD (Aurelian), 391 AD (Theophilus), 642 AD (Muslim conquest) Source: Wikipedia

50 What is OpenDocument Format (ODF)? Open standard specification for displaying and storing data files Only available open, vendor-neutral, standardized format for office applications Can be implemented by any document processing application vendor Provides access to documents, independent of the applications that created them Approved by OASIS in May 2005 Approved by ISO for international standardization on May 4, 2006

51 Government as Record Keeper Obligation to provide ongoing access Lack of choice = lack of control Lack of control = lack of access Lack of choice = lack of competition Lack of competition = lack of innovation Interoperability is key to connecting silos

52 Why ODF? Long-term reuse of and access to data No lock-in to proprietary tools or undocumented formats Competitive data processing products Reduced costs Increased reliability, because more data automation Platform independence Interoperability

53 Benefits of ODF to Governments Improved stewardship of public records, currently and in the future Consistently applied appropriate privacy and security protections Better IT governance through interoperability Improved quality and accessibility of information and services Eliminate information stove pipes

54 ODF Adoption Momentum OpenDocument Format ODF Alliance: More than 450 companies and organizations: Sun, IBM, Oracle, Red Hat, Novell, Corel, Software AG, Google, etc. OASIS OpenDocument TC: Adobe, IBM, Intel, KDE, Novell, Sun, OpenOffice.org, etc. ODF-supporting applications: OpenOffice.org, StarOffice, IBM Workplace, KOffice, Textmaker, Abiword, Gnumeric, Writely...

55 ODF Adoption Momentum OpenOffice.org/StarOffice More than 500'000 OpenOffice.org downloads per week (1.5 installs per download according to an OpenOffice.org survey) #2 office suite based on unit numbers Free download of StarOffice via Google Packs OpenOffice.org/StarOffice market share estimations by analysts 19% (Yankee Group, 2005)

56 An Open Format is OPEN if it is: Based on an underlying open standard Developed through a publicly visible, community driven process Affirmed and maintained by a vendorindependent standards body Fully documented and publicly available Without proprietary extensions

57 Expect the Unexpected Bright, well-known people contribute code regularly Community finds new uses Jini network technology and Orbitz JXTA and National Retail Federation OpenOffice.org localized to 45 languages, ported to six platforms

58 THANK YOU FOR YOUR ATTENTION Dr. Hellmuth Broda