Architecture + Strategy

Musings from David Chou - Architect, Microsoft

October, 2007

  • Architecture + Strategy

    SOA Security - Enterprise Architecture Perspective

    • 5 Comments

    This week I had the opportunity to speak at the IT Architect Regional Conference in San Diego, on the subject of architecting enterprise SOA security. It is an interesting event, with speakers from Microsoft, IBM, Oracle, TIBCO, Fair Issac, and many other organizations. We even gave away a brand new XBox 360 and a Zune!

    In a nutshell, my presentation was intended to point out the security aspects of planning an enterprise SOA, and a few topics that don't seem to be covered very often, and with an emphasis towards the future and navigating the organizational and cultural issues.

    A brief overview -

    Slide4

    Basically, some of the fundamental changes in SOA, such as:

    • Moving from low-volume batch-oriented data replication architectures to highly interactive real-time architectures between connected systems
    • Plus the migration towards Event-Driven Architectures (EDA) means an exponential growth in real-time (though asynchronous) communication, as each event can potentially trigger off a number of downstream events which can trigger off more events being sent across the network
    • All this moves the security concerns from the traditionally isolated infrastructure and application groups, into the integration layer that becomes a cross-cutting concern for everyone involved
    • SOA can also magnify existing issues such as identity management (or the lack of), and create new issues such as exposing mainframes directly to web traffic (for sake of real-time access into legacy applications and data)
    • The ideal state of "everything talking to everything in real-time" also means a breakdown of traditional physical network zones/perimeters, where DMZ becomes more like a reception/lobby area instead of a quarantine area, and data centers can no longer be considered locked down
    • Lastly, the threat environment has also evolved from single PC attacks, to DoS system attacks, and to today's application and data-level attacks, with lowered complexity and lowered barrier of entry (facilitated by vastly improved competencies in using XML)

    Then of course, these changes also bring along many questions. Particularly many that represent conflicting approaches and each organization may come up with different solutions based on varying trade-offs.

    Slide5

    For example,

    • Trust vs. impersonation/delegation. There are many security groups that believe enterprise network environments are inherently unsafe (which is agreeable), and thus all systems will need to require end-user authentication (regardless whether they are user-facing or intermediaries or downstream producer systems), and that "trust" cannot be trusted
    • From a different perspective, this debate is also centered on the concept of implementing end-to-end vs. peer-to-peer security contexts
    • There is also a lot of recent discussion on moving security intelligence (w/ centralized management) into the endpoints (laptops, mobile devices, etc.), or moving intelligence into the network (like recent advances in NAC)

    In my opinion, trust-based architectures are much more flexible and scalable, and implementable by today's technology standards. And we couldn't completely eliminate trust in an impersonation/delegation model anyway. For example, a connected node/system has to "trust"  service wrappers, agents, and/or local system components to verify user credentials against a centralized repository (such as Active Directory, LDAP, etc.) anyway.

    On the other hand, having end-to-end security contexts is indeed conceptually more secure, as it can help better address the man-in-the-middle attacks, but in an SOA with a number of intermediaries between consumers and producers, there is still not an effective solution in managing public keys to support end-to-end message-level data encryption.

    Slide27

    It's always interesting to try to take a peek at what may be possible in the future.

    • Most SOA discussions still seem to be focused on implementing "SOA in the enterprise". While that is very important, as enterprise architects we should also start to look at the growing trend of becoming more open on the Web, to an environment where enterprises essentially have no physical perimeters and security zones, largely due to the increasing number of direct and real-time connections into an enterprise (for sake of facilitating transactions with business partners).
    • Plus at that time we would also need to be concerned with the connections going from inside an enterprise out to the Web, as more and more internal systems becoming service consumers themselves
    • Thus a potential trend is moving away from trying to secure one large environment for the entire enterprise, migrating to a model where numerous (and potentially overlapping) smaller logical partitions (or zones) can be implemented to be provisioned with more targeted and effective security solutions (depending on data sensitivity). Rationale behind this is that it'll be more effective to try to protect smaller attack surfaces, even from a systems architecture perspective
    • Another interesting trend already underway is the growing centralization of data and content. Instead of consolidating everything into one or a few large enterprise content management deployments, organizations are creating smaller islands of data and content using collaboration platforms such as SharePoint. The point here is moving from mass distribution of data and content, and smaller islands seem to be lower hanging fruits at this point

    Slide28

    Finally, some overall talking points. One important and interesting point that was kind of new to many people is that security in SOA has to be planned and designed just like another process layer. If we overlook security and not plan it carefully, we may end up creating tightly coupled elements in the overall architecture, and impacting the agility we intended to create.

    The most visible example of this is trying to implement message-level encryption for the sake of data integrity (message digests) and confidentiality. In order to establish an end-to-end security context (so that intermediaries, including the ESB, should not be able to decrypt sensitive data on transit to the destination), both the intended consumer and producer have to know exactly how to encrypt and decrypt data. And that depends on a previous exchange of public keys, which in this case had to occur directly between the consumer and producer endpoints. That in a way is tight coupling, as the consumer and producer endpoints have to know about each other, and are required to establish a one-to-one, peer-to-peer relationship in terms of public keys exchange used for encryption/decryption. To alleviate the situation, a centralized public key infrastructure can be implemented in an enterprise so that the management and decisions on public key usage can be externalized from endpoints and centralized. However, enterprise solutions in this area are still evolving, and we haven't yet seen effective solutions for doing similar things beyond the enterprise and on the Web.

    Lastly, the most important point is that, just like SOA governance, security is also a huge factor of the organization and corporate culture. We have to take a process-first approach to the problem (instead of technology-first), then weave in the technology delivery part of it.

    For those interested, the entire slide deck I used can be downloaded from my Windows Live SkyDrive. If you don't have Office 2007, you can download the free PowerPoint Viewer 2007.

    Share this post :
  • Architecture + Strategy

    Thoughts from the WebbyConnect Summit

    • 2 Comments

    I had the opportunity to attend the WebbyConnect Summit on October 3-5 at Laguna Beach. It was a series of non-technical panel discussions on the various growing trends on the Web, and their social and cultural impacts, especially with respect to the media and internet industries. Topics discussed include:

    • Web as an essential media channel
    • Convergence of online and traditional media
    • Convergence of minority expert knowledge and mass collective intelligence
    • Disruptive innovation in organizations
    • Privacy vs. piracy on the Web; cultural impacts on the next generation
    • Convergence of the Web and physical worlds
    • Emergence of social networks and online media as political platforms
    • Importance of brand and storytelling on the Web
    • Web 2.0 as a customer engagement platform
    • PR’s transition from absolute control to dialogues with consumers

    It was a very insightful event, as the various very notable speakers presented their thoughts on how media and social trends are impacting the evolution of the Web, and vice versa.

    Some highlights:

    • General theme of “convergence” between extremes; emerging focus on “and” and away from “either/or” debates; best of both worlds and hybrid models instead of one dominating/replacing the other. For example,
      • Traditional TV media and online media
      • Computers and devices
      • Online and offline
      • Inherent openness and selective filtering / segmented privacy
      • User generated content and high production value content
      • Mass collective knowledge and expert editorial
    • Summit opened with Tommy Means’ (Creative Director, Mekanism) overview of the “Clarifications” campaign for Microsoft Windows Vista launch
    • Rei Inamoto (Global Creative Director, AKQA) provided an overview of the “Iris” alt-reality game (ARG) and “Believe” campaigns for the Halo 3 launch
    • Amanda Kelso (Executive Producer, DBH) – Mentos Intern “Trevor” campaign
    • Nick Bergstrom (Creative Director, FarFar) – Diesel “Heidies 15MBs of fame” campaign
    • Ricardo Figueira (Creactive Director, AgencialClick, Brazil) - Motorola RAZR2 campaign
    • Rob Master (Director of Marketing U.S., Skin, Unilever) - Dove webisodes and AXE campaigns
    • Arianna Huffington (Co-Founder, The Huffington Post) mentioned during her keynote address: "stop the debate of either/or", and "Get connected to figure out how to get disconnected, then reconnect with ourselves"
    • Michael Eisner (Founder, Tornante; former Chairman and CEO of The Walt Disney Company) mentioned during his keynote address, that change is the constant theme (based on what he has seen in the media industry over the years), but the ability of great storytelling and expert editorial remains essential
    • Vinton Cerf (Chief Internet Evangelist, Google) mentioned trends of convergence and mobility ("I P on everything!"), and that client-side software is still relevant. Also interesting was the observation on challenges of the digital age, where information preservation (for thousands of years) will become a major issue due to the rapid advancements in technology

    My thoughts:

    It was very refreshing to hear from the thought leaders in the social Web and media and advertising agency spaces. Particularly many campaigns that worked wildly successfully, by leveraging many social elements of Web 2.0. For example, “Trevor” as world's intern where anyone can schedule Trevor's time and ask him to do things (like sending a heavy metal birthday gram), effectively used a combination of user-generated content, viral advertising, live web feeds, instant messaging, video streaming, community establishment in Facebook and Myspace, etc., that drew an extremely popular response on the Web. The campaigns discussed were just about the most effective use of Web 2.0 platforms I've seen.

    To me it boils down to brand management, and the emergence of using Web-oriented techniques to drive a new breed of brand campaigns on the Web. However, a few principles remain the same (lessons for a technologist such as myself, but obvious to people working in these areas):

    • It's about storytelling and not product placement
    • Fun and humor (one layer of connecting at an emotional level), but also be able to poke fun at oneself especially if concepts are parallel to public perception of the brand to begin with
    • It is comparatively less effective if a brand tries to uphold itself by fighting against public perception; as after all, brand *is* perception

    On the general trend of convergence:

    This was my biggest takeaway from the summit, as it was clear that the pendulum has swung back away from the extremes, in many different areas. As noted earlier, online and off-line, traditional media and online media, collective intelligence and expert editorial, etc. Basically people are no longer claiming the absolute dominance of one extreme over the other, but are seeing trends that hybrid and combinatorial models work much more effectively. In the technology world, the focus is now shifting towards bringing information and access to the users in a seamless and consistent manner, but with targeted user experiences for different platforms.

    Coming back closer to home, from a technology architecture perspective, I found all these trends of convergence are very analogous to the core of Microsoft's "Software Plus Services" (S+S) strategy (and moniker). I akin S+S to Microsoft's vision of the future, in response to all the recent innovation and mindshare on SOA, Web 2.0, SaaS, etc. I will leave the details of my thoughts on S+S to another post, but just briefly here - it's an architecture of "AND", where both local software and cloud-based services work together to provide the most targeted user experiences. Vinton Cerf noted a similar thought in his keynote, that the internet is still largely a transport that is agnostic of the context and data that traverses it. We still need software to interpret and visualize the information in meaningful ways. And the fact is, the dominant players in the online space, such as Google, Yahoo, eBay, Saleforce.com, etc., are all moving towards this middle by providing client-side software. It seems their current approach can be categorized as "Services Plus Software" where cloud-based services are augmented by client-side software, compared to Microsoft's approach of "Software Plus Services" where client-side software is augmented by "Web as features". It is arguable which approach (or direction) is more relevant, but I think in general the macro-trend that is occurring is that of convergence between software and services.

  • Architecture + Strategy

    Microsoft releasing the source code for the .NET Framework libraries

    • 1 Comments

    ANNOUNCEMENT - 2007.10.03:

    • Microsoft is releasing the source code for .NET Framework libraries under the Microsoft Reference License.  This license allows viewing of source code, but not modification or redistribution. The source code will be downloadable and viewable by anyone who accepts the license agreement. 
    • Microsoft will introduce a capability in Visual Studio 2008 to allow .NET developers who are debugging applications, to debug not only into their own source code, but also into .NET Framework source code using Visual Studio. 
    • This release falls under Microsoft’s Shared Source Initiative, which encompasses a spectrum of source code offerings, complementing the company’s other activities around sharing source code.  This is another example of Microsoft’s continued commitment to increasing transparency and addressing developer needs.

    My thoughts:

    This is truly a step in the right direction for Microsoft, and an especially good thing for the .NET developers community. When I work on the Java side I enjoy having access to all the source codes to the various editions (standard, enterprise, mobile, etc.). It provides us developers better insight into the behaviors of our code when needed, and in many cases, the source code provide really good code samples on how certain tasks can be accomplished.

    Now this is Shared Source (not open-source), meaning we have access to the source code for reference purposes (and thus the "Reference License") but we cannot modify and rebuild the code. Of course, we still have the opportunity to contribute suggested changes to the source code (via the product feedback process), but for the majority of developers building solutions on top of the .NET Framework, being able to step through the source code and debug applications with full transparency can significantly improve productivity.

    More information:

  • Architecture + Strategy

    Silverlight at Break.com

    • 1 Comments

    Break.com, a popular online video destination (August 2007 stats were approximately 500M video clips, 17M unique users/month, and 1.3M unique users/day who consume 15M videos/day), best characterized as a channel catered to guys aged 18-35, worked with BLITZ agency to launch a "spatial search" application built using Silverlight 1.0. It is an interesting visualization of search results and related hits in a "non-linear" presentation.

    SpatialSearch

    The spatial search application provides a next-generation user experience for search, adding to the traditional HTML list-based search results display. The idea came from an observation that it is difficult to effectively distinguish direct hits and related hits in the traditional one-dimensional search results list type of presentation. There are many different ways of visualizing these data relationships today, such as popular ones to draw out three-dimensional representations of connections, (like ThinkMap's VisualThesaurus). The project team here decided to use a remarkably different approach which elegantly enhances the video preview experience by not presenting the user with too many choices, while at the same time simplifying the technical requirements on loading the amount of results to be displayed. The resulting application is intuitive and easy to use, and adds to the "fun" factor.

    The project team used Expression Blend to create the user interface and the interactive design elements (animations, timelines, transitions, etc.), and Expression Encoder to handle the large-volume video transcoding jobs. The technical implementation was actually remarkably simple - a combination of XAML generated by Blend, JavaScript code, some HTML integration, and some static images. The deployment did not require Break to make any changes in the server infrastructure, other than publishing the applications and videos as new content released on the website.

    In addition to the spatial search application, the project team also built a full-featured video player using Silverlight.

    Player  Player2

    It allows the user to resize the player dynamically (dragging the lower right corner), find other content while watching the same video clip, as well as many other neat features. Here the project team took a different direction on user experience design - more functional than "next-gen".

    The project team released a video describing the application sand their development process (hosted in the new Silverlight player). Also check out BLITZ at www.blitzagency.com and their blogs at http://labs.blitzagency.com

    A few more interesting live Silverlight applications:

  • Architecture + Strategy

    Southern California ArcCouncil Events - November 2007

    • 0 Comments

    The next set of SoCal Architect Councils is a “plain old technology briefing” covering the upcoming versions of Visual Studio, Windows Server, and SQL Server.

    This event will be held in San Diego on November 28th and Irvine on November 29th.

    Please register for the location that works best for you. The event starts at 11:45 AM and includes lunch.

    Wednesday, November 28: La Jolla - Lodge at Torrey Pines
    Register here: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032356126&Culture=en-US
    Thursday, November 29: Irvine - Microsoft Technology Center
    Register here: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032356127&Culture=en-US

    Plain Old Technology Briefing

    In early 2008, Microsoft will launch Visual Studio 2008, Windows Server 2008, and SQL Server 2008.  The focus of this Architect Council is to provide a preview of these products and to answer your questions.

    Agenda

    11:45 AM  Arrival
    12:00 PM  Lunch and announcements
    01:00 PM  Visual Studio 2008 and .NET 3.5, Mickey Williams, Neudesic
    02:30 PM  SQL Server 2008, Steve Muise, Neudesic
    04:00 PM  Windows Server 2008, Mark McReynolds, Microsoft
    05:15 PM  Raffle and close

    Visual Studio 2008, http://msdn2.microsoft.com/en-us/vstudio/aa700830.aspx
    Windows Server 2008, http://www.microsoft.com/windowsserver2008/default.mspx
    SQL Server 2008, http://www.microsoft.com/sql/2008/default.mspx

    Locations
      The Lodge at Torrey Pines
      11480 North Torrey Pines Road,
      La Jolla, CA 92037
      Phone: 858.453.4420
      Website: http://www.lodgetorreypines.com/

      Microsoft Technology Center
      Three Park Plaza, Suite 1600
      Irvine, CA 92614
      Phone: 949.263.3000
      Website: http://www.microsoft.com/about/companyinformation/usaoffices/southernca/orangecounty.mspx

Page 1 of 1 (5 items)