Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Tuesday, September 20, 2011

The Preliminary Specification Part XXXI (S&AC Part IV)


Looking at the security aspects of the Security & Access Control module we find that today’s technologies provide levels of security that are substantially higher then just a few years ago. With the security needs of the industry being so high, I believe the following security policies would be more then satisfactory to those needs. And it is suggested that these are the base case, as time passes we will be able to build on these specifications.

For people to be available online anytime and anywhere presents problems from the point of view of authentication. What we can do is ensure that only registered devices have access to the applications, information and data. These devices would include desktop computers, notebooks, phones and iPads etc. Where only certain registered devices on certain IP addresses are available to access the People, Ideas & Objects applications. In addition user name and password protection for access would be required. But in addition, we would require two step authentication where we text a code to their registered company phone, which would then have to be keyed into the device they were trying to log into. These three steps ensure that only authorized users were gaining access to the system.

Next we would ensure that all network traffic was encrypted. It has not been determined as of yet how the application will be presented to the users (browser or otherwise). However, once logged out of the system all data and information will be cleared from the cache and the device will have no information or data stored of the session. It should be noted that one of the advantages of the tools that we are using is that we should be able to present to the user the same desktop environment that they had left when they last logged out.

In our Hardware Policies and Procedures we have discussed how the People, Ideas & Objects application is hosted. This separate company is proposed to be jointly owned by industry, People, Ideas & Objects and Oracle. It is also proposed to be operated by the oil and gas industry primarily to meet their needs of maintaining the control they need for SEC regulatory compliance of their ERP systems. With industry having de-facto control of the “Cloud” infrastructure. This provides them with the means to maintain the physical control necessary to maintain their SEC needs. People, Ideas & Objects will be able to deliver a runnable binary of the application for them to operate without the need to be physically on-site.

And as I mentioned the other day it was an oversight that the Draft Specification initially indicated that the data storage and data base systems were not encrypted. Oracle provides high levels of encryption of both the storage medium and the database, at the data level itself. This will in turn provide no one at the industry operated cloud infrastructure with the ability to read any of the producers confidential data or information.

Implementing the technologies in this fashion will provide the industry with the security that they need to ensure that their data and information remains secure. These technologies are only the beginning of what will be implemented in the People, Ideas & Objects Security & Access Control module as they are all standard fare for the base level technologies used in Oracle. It is a simple manner of selecting them for use.

For the industry to successfully provide for the consumers energy demands, it’s necessary to build the systems that identify and support the Joint Operating Committee. Building the Preliminary Specification is the focus of People, Ideas & Objects. Producers are encouraged to contact me in order to support our Revenue Model and begin their participation in these communities. Those individuals that are interested in joining People, Ideas & Objects can join me here and begin building the software necessary for the successful and innovative oil and gas industry.

Please note what Google+ provides us is the opportunity to prove that People, Ideas & Objects are committed to developing this community. That this is user developed software, not change that is driven from the top down. Join me on the People, Ideas & Objects Google+ Circle and begin building the community for the development of the Preliminary Specification. Email me here if you need an invite.

Tuesday, April 14, 2009

Follow on to yesterday's post.

Google's new tool, the Google Insights for Search was highlighted yesterday. I was thinking all through the day what a tool like that would be like in the oil and gas industry. I felt as a result, I didn't attach enough emphasis on the implications of having the data available for the type of analysis that is available with the tools I described in the Draft Specification .

First lets go back to the situation at hand today. Data is scattered throughout the organization in a number of informal and unknown spreadsheets, databases and file cabinets. Their are production departments, accounting departments and exploration departments that use very similar data and store this data in their own file cabinets and electronically. As we know departments only speak to each other at the higher levels of the organizations. Hence the lack of communication and shared data remains an unfulfilled promise.

A lot of this data is not structured or captured in a centralized database. The advantage of using a database is that it allows different users to perceive the data in different ways. Much of this problem has been addressed by the various POSC and PPDM data models. However, not many of the software vendors or companies have been able to implement the data models in the optimal way. Consider also that polymorphic behavior which is a cornerstone of the Java Programming Language. Allows users to perceive different methods or ways of processing the data. You begin to see the flexibility and opportunity that is missing with these poor data implementations.

When we talk about the Security & Access Control Module in the People, Ideas & Objects we begin to see the importance of getting all of this data organized and accessible by the right people.

Imagine what it would be like if People were able to access the same data in the same format for the entire Joint Operating Committee. And this would apply to the entire industry. Where the employees and contractors that are authorized access to the data are all trained in the generic industry data models. Everyone would know where the data they need is, and would be able to access it from their clients in an authorized fashion and analyse it effectively for new information.

Lastly, the Technical Vision of People, ideas & Objects. Essentially laying out for the means to have an explosion of data in every corner of the producer's domain. This is not as a result of the application being built, this data will become real on its own. The tools to make it so are now readily available and a matter of time before its generally available. If the data is not organized today, when and how will it be organized in the future with exponentially more data, risk and complexity.

Technorati Tags:

Monday, March 09, 2009

Security in the Draft Specification

We are beginning to build some traffic in the Draft Specifications knol. Which is the Google service I am using for the public access to the systems definition. The first module that people run into is the Security & Access Control Module. This is for a number of reasons. 

Security & Access Control will be the first module that is built in the People, Ideas & Objects. It is necessary to ensure that the users, producers and developers in the system have a high level access and ensure the security of the interactions and transactions that are undertaken in a secure manner. 

Having this as the first module also helps us test the module in a live setting. Eating our own dog food as the developers like to say. The Security & Access Control Module is made up of the various Sun Microsystem products known as Identity Management. The strategy in this development is to have Sun, who I think have a significant vested interest in making their products work, implement and manage this modules development and support. 

In an nutshell that is the critical aspect of the beginning of this module. When operational we can then begin the difficult task of implementing the Military Command and Control Metaphor into the generic Sun Microsystem Identity Management Tools. (Also part of the Security & Access Control Module.)

The point of this entry is to suggest that the reason the boring and painful discussion at the beginning of the Draft Specification is there for a reason. The importance of the module in terms of its timing and security needs. Those that are interested in many of the oil and gas attributes should just skip the Security & Access Control Module and start with the Partnership Accounting Module

Technorati Tags:

Monday, July 28, 2008

The End of IT As We Know it

Click on the title of this entry to view an interesting Sun Microsystems Net Talk that was produced in October 2007. It has some interesting statistics and opinions on where the Information Technologies (IT) are headed.

For instance, the number of people that Sun employs is 34,500 and over 25,000 of those are not assigned a permanent office or working environment. Many work from home or work occasionally in meeting rooms. This is how I see most industries operating and particularly the oil and gas industry. The mandatory attendance in your office from 8:00 to 5:00 will change to a more flexible schedule. The oil and gas industry operates 24 hours a day and this will be reflected in people's schedules. Another reason will be the time zone changes in the area of operations of the producer. Fuel costs on the daily commute may also become a primary reason for this change.

Java has 6 million developers. One for every thousand people in the world. Java has been the number one programming language for a number of years so this is not surprising. The ability to source the numbers of developers that are necessary for this project should, as a result, be easily accommodated.

Other comments in the presentation were around the concept of the "Enterprise computing in the open network." The costs associated for each company to build the appropriate data-center for their needs is quickly outstripping what is reasonable from a cost point of view. The reason is the demand for processing during peak loads is causing the companies to source additional processing capabilities. This is the beginning of a trend that is discussed in this video. A trend that is the reasoning behind Sun making the claim that a firm will have 100% of its processing, applications and networks provided by service providers. This is also the basic assumption in the People, Ideas & Objects application.

In oil and gas having the hardware, applications and network in-house does not provide any competitive advantage. The innovative producer has the land base and physical assets augmented by their understanding and application of earth sciences and engineering capabilities. IT is a cost that is best handled on a service basis. And as the Net Talk points out, services hosted by providers on the Internet. The presenter, Bob Worrall, Sun's CIO points out that this trend will be the end of the traditional Intranet and Data-center. The role of IT within the firm will involve aggregating the relevant services and distributing them. IT will be involved in management of the service providers.

An area that Sun is addressing at this point in time is the area of access control and security. You can watch a good summary provided by Craig MacDonald. Sun Federated Identity is a component of the first module in the People, Ideas & Objects, the Draft Security & Access Control Module. A module in which we are layering the Military Command & Control Metaphor over the Joint Operating Committee participants and those that work for them. This module provides access to the IT resources necessary for People to do their jobs. Providing the producer with access and assurance that data and information are provided to only users that are authorized. This area is a key differentiating point of all other systems providers and the key reason that I have used Sun Products exclusively in the Security & Access Control Module.

Sun suggests that billing is the issue or impediment to full deployment of this changed IT environment. It is difficult to quantify and value every transaction in a service level offering. What I think is needed is an overall service that is billed, based on the size of the producer, that covers the associated costs that are incurred by People, Ideas & Objects in providing that service. This will have to be something that is discussed when we move toward the deployment of this application.

On a related theme, Cisco has a number of videos on YouTube about their new "Tele-Presence" product. Although expensive in comparison to video chat, I think Cisco has identified a market here. When you have large numbers of people needing to sit down in a meeting on a regular basis, the services of Tele -Presence would help in facilitating that communication. Although costly from the point of view of an unproven technology, I think it may pay for itself in reducing flight and accommodation costs, and increase productivity through better communications. Have a look.

Cisco Tele-Presence

Technorati Tags:

Wednesday, January 16, 2008

MySQL it is.

Sun Microsystems today announced the acquisition of MySQL database. Therefore this project will move to that database platform. The reasons are fairly straight forward and include;
  • MySQL has the Open Source community fully engaged in its development.
  • MySQL has a feature rich offering proven in both the critical web and enterprise marketplaces.
  • Sun is committed to Open Source. Java with MySQL offers opportunities for further integration.
I also am in receipt of a recommendation from one of the readers regarding the GlassFish Server. Apparently there is a version of GlassFish that is designed for light weight deployments. Named the HK2 (Hundred KiloByte Kernel) it was suggested that this could provide some significant opportunities for the developers to use HK2 on the client side with embedded MySQL.

I have revised the Draft Security & Access Control Module Specification to reflect these changes. The revised specification includes these changes reflected in blue text, and the V2 of the specification is downloadable on the wiki.

Technorati Tags: , , ,

Monday, December 31, 2007

Draft - Security & Access Control Module

I am pleased to present to this community the draft of the Security & Access Control Module. This is the first of eight modules that will be developed for People Ideas & Objects. This critical first module will provide the collaborative, security and access enabled components for the remaining seven modules development. This allows people to become familiar with the tools, processes, the means and methods of developing open source software. I am providing copies of the specification in .pdf format. Please download it from the wiki or email me to get a copy.

The process will follow this schedule:

- Open for Community submissions and nominations to Expert Group and Executive Committee until May 30, 2008.

- Final Draft approval by the Expert Group, August 31, 2008.

- Executive Committee Approval, September 30, 2008.

- Commence development October 1, 2008.

Further time-lines and deliver-ables will be specified by the Expert Group.

To participate please review the first section of the Specification entitled "Innovation in oil and gas" and review the Developer and User tasks. The community should then nominate candidates to fill the Security & Access Control Module Expert Group and the Developments Executive Committee. Review of the time-lines and commence development. I will be spending my time securing the financial resources necessary to pay for these developments. Writing the specification for the Petroleum Lease Marketplace Module. Assistance in these would be greatly appreciated.

The purpose of this process is to get as much input as possible. Please do not hesitate to ask questions of myself and the other people who will be joining. Thank you.

Technorati Tags: , , , ,

Thursday, December 06, 2007

YouTube video on Object Capabilities

An report update on the development of the Security & Access Module being developed for People, Ideas & Objects. Of particular note I want to highlight the work of Berkeley Professor David Wagner in the above noted video. (Click on the title for the YouTube video). At one point he indicates that he is very interested in securing alpha users for his research and use of "Joe-e" programming language. I will be emailing him soon and offering this module's development for consideration as an alpha-user of his research.

The Joe-e programming language is an offshoot of the Java Programming Language, just as JavaFX and Groovy are. It incorporates a higher level of "Type Safety" as no "global" or "static" variables are permitted; it is single thread safe and has a number of other enhancements that make it ideal for the development of "Object Capabilities". What are "Object Capabilities" Professor Wagner points to two excellent papers that describe in detail the concepts. I will be reviewing these as both research and development of the module.

Mark Miller "Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control." Johns Hopkins University 2005
and
Jonathon Rees "A security kernel based on the Lambda Calculus" MIT 1995
It will be worthwhile to look at the tie-in that we can make to Professor Carliss Baldwin's work on transactions. Recall the matrix's she introduced in defining the scope of transactions. And how "Vouchers" were how I would implement these elements of the transaction. Object Capability would define the access and concurrency of the interactions between users within that voucher as well.

In the process of this development it has become necessary to define the level of virtualization that is possible and needed for the operations of this application. Virtualization on Solaris provides the ability to have an instance of the OS and associated technology stack operate for one specific user-defined unit. The size of the unit could be the entire application, or I could define the virtualization level that would have each person, company and JOC have a virtualized OS and associated technology stack for each of those units. I would do the latter if it provided an enhanced level of security, and this will be determined through the research of this module.

What I hope to be able to do with Professor Wagner is to define the manner in which we layer the Military Command & Control structure of the Compliance & Governance Module over the Assets, People, Geography, JOC's, Companies, Disciplines etc. Much in the same way that the Military denotes in the "Sgt. 1st Class, Rick Emert, 1st ACB, 1st Cavalry Division, PAO". This definition is necessary for the application and the industry to function. The value and need of the end users to define these elements will be incalculable.

Lastly IPv6 is one of the cornerstones of the Technical Vision that I have put forward for this project. I want to review the impact of that technology on the policies and technologies mentioned in this post. Also, the level of encryption available in the Java Programming Language provides very high security. The cryptography available is well documented here.

Technorati Tags: , , , ,

Monday, November 19, 2007

Sun Identity Podcasts

I've recently taken the time to subscribe and listen to a Sun Microsystems Podcast stream on the topics of Security, Access and Federated Identity. Click on the title of this entry to be taken to the Sun page. This podcast discusses many of the important topics that are being addressed in the development of the "Security & Access Module" of the People, Ideas & Objects application.

If we are to provide the security needs of the producers, vendors, customers, employees, and contractors that choose to use this system, we need to offer the highest level, state of the art, Service Oriented Architecture security environment. This level of security is necessary for the purpose of our users and their needs to access accurate and timely information, where ever and when ever they need. Additional demands include the ability to search their domain for the information they want and need, based on access control. And finally, represent the resources of the user in a global network of oil and gas users. Where People will be able to market their skills to that global network. This latter point is easily attained by having Google's recently announced OpenSocial API incorporated in the user's identity.

This "Security & Access Module" is a distinct competitive advantage of this application development over the current software offerings of SAP, Oracle or Qbyte. Starting off with the security framework puts the cart behind the horse. Application modules developed with the security framework defined and built first, limits the development surprises when leaks of information are found in legacy systems retrofitted with new security environments.

Entertaining, candid and humorous, this podcast is a worthwhile summary of the risks and opportunities in this subject. In terms of the quality of the discussion it provides information about various initiatives such as LDAP, Identity Governance Framework, OpenID, OpenSSO, OpenDS, Web Access Control, Web Access Management, Federation and a number of various other cryptic acronyms. The point that I take away from these discussions is that security and access are the next big area of Java development. Companies such as Sun and Oracle are very focused here. And they are obviously moving to provide the services and infrastructure to handle, and manage the security for applications such as People, Ideas & Objects. Ultimately accessing these services as a part of a service offering that they can provide for an annual fee of $x.xx / user.

Finally two talks that highlight how the perspective of security has changed in these products. The SSO (Single Sign On) is able to guarantee that three password attempts and you out means, three strikes and the user is out on a global basis. And an excellent discussion about the scope of the role of the CISO (Chief Information Security Officer) or CIO is the CISO Leslie Lambert of Sun.

Technorati Tags: , , , ,

Thursday, September 27, 2007

Internet Scale Identity, Collaboration, and Higher Education

Click on the title of this entry to be taken to Google Video for this presentation. First off a stern warning, the topic is a difficult one to discuss and the presenters do not do a very good job at it.

Firstly Bob and Ken do not adequately describe who they are or where they are from. The Internet 2 association consists of the majority of the university and other organizations, like Google, dedicated to "Providing both leading edge network capabilities and unique partnership opportunities that together facilitate the development, deployment and use of revolutionary Internet Technologies." Bob and Ken work in the "Internet 2 mid-ware initiative". Their presentation is about identity and its importance in collaboration and determining the validity of the party you are dealing with. Extending this to the type of collaborative interactions that will eventually be held in this application, and currently being specified in the People, Ideas & Objects Security Module, how are you assured that what is represented online is factual? There needs to be a method in which people can verify their identity and carry that with them through the day to day interactions discussed here in this application. The Federated Identity is described as follows.

Federated Identity

  • Enterprises exchanging assertions about users.
    • Often identity based but can provide scale and preserve privacy through the use of attributes.
    • Real time exchanges of standardized attribute / value pairs.
  • Basis for trusting the exchanged assertions via common policies, legal agreements, contracts, laws, etc.
  • Federations offer a flexible and largely scalable privacy preserving identity management infrastructure.
As a user of this system it will occasionally be necessary to find a welder in the area that you have production. How do you engage and ensure that the welder has the correct certification for operating in H2S environments. Conceivably the ticket that was issued to the welder for H2S operations would be available from the granting agency. The welder's "Federated Identity" would have the certificate issuer represented in the welder's Identity and the certified issuer would have the right to revoke it if for some reason the welder no longer qualified. This certification is assured at the point of initial contact with the welder. If the Federated Identity were for an individual, a company or a Joint Operating Committee (JOC) one could easily assure that the conduct of online interactions were assured to be valid. The inability to authenticate would preclude the user, company or JOC from conducting any further online transactions.

This style of interaction is currently being done in manual systems. Based primarily on past history, the user will call the welder up that finished the last job of his and not much more is done. And there is not much more that would happen in this virtual environment that I am talking about here. What is different is that a level of automation that eliminates much of the time wasting processing that is done in the manual style of systems. If the Federated Identity has enough terms and conditions that are necessary for the firm to hire that welder, they should be able to complete the majority of the contract prior to the issuance of the purchase order, which of course would also be the next step in this automated process.

These types of systems are being developed now not only for Internet2 but also for participating firms such as Google in their Google Apps for Education. Since we use Google Apps for People, Ideas & Objects, this type of Federated Identity is being built in the Security Module Specification that I am working on. The interactions are also an element of People, Ideas & Objects Compliance & Governance Module specification noted here. With the effective pooling of the participating producers human resources, requiring the Military Command and Control Style of organizations, these identity based interactions will be able to take on a dynamic matching of skills and function. One other area in which the Federated Identity satisfies is on the need to know basis. Even though all participants are from different companies their is no unnecessary leakage of information that would not have been pre-authorized to any other participant, individual or JOC.

The authors noted an Apache open source software "Shib 2.0" is capable of these types of Federated Identity and Shib 2.0 has just moved into beta. Much of the Federated Identity's ability to do these is contained within the "Technical aspects of Federations".
  • Federating Protocol
  • Enterprise signing keys
  • Meta-data Management
  • IdP discovery service
  • Enterprise Identity management practices.
Accreditation and certification are needed, and also difficult to achieve. The most difficult aspect is what is referred to as "Many to many user centric identity". The presenters were wise to point out the two methods, "multilateral" and "bilateral" means of achieving accreditation and certification. By using multilateral accreditation you achieve the Many to Many user centric identity without having to accredit every transaction, query or specification as bi-lateral, or one to one, certification requires. The presenters noting "Commonly manage which identities and which attributes can use the capabilities of the collaboration tools." And "Can offer delegation, privacy management, maybe even diagnostics."

To view some of the areas in which Federated Identity is currently operating see InCommon and the Internet 2 wiki.

Technorati Tags: , , ,

Sunday, September 16, 2007

Security Module.

I last wrote about the Security Module in October 2006. Now that we have established the general framework, or the infrastructure of the system, and indeed I have begun building the parts into a usable system, I now want to formally start the software development. As I noted in the October 2006 posting the security module would be the first item of development, therefore, I can now declare on Tuesday September 18, 2007 that we are indeed in development.

A few of the bits that we will be using as our infrastructure are Google Apps for People, Ideas and Objects, and Java Web Start and Java Swing. So lets start with that and build from there.

Google Apps for People, Ideas & Objects.

www.people-ideas-objects.com is the domain (and company name) that has been selected for this project. This is now operational on Google Apps and I am very pleased with the fit and finish. Key to their offering is the ability to integrate a Single Sign On (SSO) for the entire domain. Once the user is logged in through Google apps they will have access to the collaborative environment and application specific functionality. Recently Google announced the closing of their acquisition, Postini. Google will now offer a level of security that is in my opinion second to none.

With Postini Solutions, you can secure all of your electronic communications - email, instant messaging and the web – and manage your company's communication policies from one central location. Postini Solutions can also make it easy to meet your archiving and encryption needs.

Best of all, it's all 100% hosted, so there's no hardware or software to install or maintain. Whether you're looking to transition from or enhance your existing messaging infrastructure for better control, Postini enables you to provide employees the tools they need to be productive while reducing the cost and complexity of managing those tools.
I can now say unequivocally People, Ideas & Objects has the most secure communications of all ERP systems. ;-) To my way of thinking, lets up the standard to a higher level.

As I noted in the security module definition last October, Sun's new Solaris Z File System (ZFS) and elliptical encryption would be used for all of the data and information on the server side of the system. ZFS provides a level of journal-ling that will add real value to the users of this system. Apple have integrated Sun's ZFS in their next operating system (Leopard) release. Sold as the "time machine" feature, it enables a user to look at the various iterations of the file from the beginning to the most current version. The user will then have tools that will enable them to select the best version of the file. Secondly ZFS is 128 bit, just as IPv6, allowing for an unlimited addressing capability.

These points will be the first elements that will be developed. Google Apps for People, Ideas & Objects will be upgraded with the Postini functionality, and the Solaris based server side will implement ZFS and Sun's elliptical encryption as base for all operations from the Operating Systems, Java, Network, Database and File.

Java Web Start and Java Swing

Integration of Single Sign On (SSO) between Google Apps and the server side will provide the secure collaboration environment and the secure "Cloud" based operations. This will all be wrapped in a package that the user will be able to access anywhere and anytime with any capable computer. For the initial downloading, Java Web Start, Swing and other components of the People, Ideas & Objects application will be a minor issue with the bandwidth that is available today. The "environment" this creates is one that meets the highest level of security for any and all programming environments. Java was selected for its adherence to strong typing and inherent security model. No other programming environment comes with this standard of security. Even Microsoft's .net environment cautions the user about the inherently weak security model.

Java DB

Embedded within Java Web Start and Java Swing client environment is Java DB, a relational database with a small footprint. Originally developed by IBM it was open sourced and made the default client side database for use in Java environments. This database will hold the environment and other variables of each user, and much of the client specific data the user has used, cached, collaborated or searched from their user account. Recall that we have selected the Ingress Database for the "Clouds" database. All the data from the Java DB will be replicated with the Ingress database. Additional search facilities of the server side or "cloud" environment have not been resolved at this time. Recall I was looking into the use of Enterprise Search and security firms to assist in this area.

This area is complex and daunting, however, the need for bullet proof systems in terms of reliability and security are necessary for the enterprise. Particularly in the manner and method that they are being used here. Much of this architecture has not been implemented in any industry. Lastly I would point out that if a user were to access their system on a public terminal or a machine in which they have only temporary use of, the application and data would be inaccessible to any prying eyes after the user had left. With encryption and Java, the systems variables would be persistent only in encrypted form.

IPv6

Recall we have instituted the IPv6 protocol as part of the Technical Vision for all Internet communications for People, Ideas & Objects. IPv6 is available to us through our ability to secure a Tier 1 vendor of bandwidth. Almost all computers are capable of handling the protocol. The security model of IPv6 adds elements of security at the protocol level and includes these technologies.

Specification

These specifications will be encapsulated into one Web Service where the user, upon authorization and integration into the system, will have seamless access to their information. The reason this is the first module being built is that everything will need to be built upon it. To retrofit this level of security to a current application would be more problematic and costly then it would be worth. I am pleased that I can specify this level of security at relatively little cost. (A reflection of how systems have developed in the past few years.)

The primary issue of what needs to be resolved is the restrictions on use of high-level encryption systems in countries that are unable to access and use the high level encryption algorithms. The work around may involve limiting the users to the countries that are authorized to use these types of systems. Our focus being Calgary, Texas and Aberdeen Scotland, limited issues with the systems use outside of these three countries will limit the risk of using these algorithms.

Thankfully much of today's technological development environment closely replicates Leggo, define it, get the parts and build it. Where we go after the security specification will be to adopt the data model from the Public Petroleum Data Model (PPDM), tune it and test it, and from there we can start building the Petroleum Lease Marketplace functionality.

Technorati Tags: , , ,

Sunday, April 01, 2007

Enterprise search and security.

In the User Vision I noted the ability to search the domain of the user. A far easier thing to say then it is to do. Consider for a moment the number of companies within the industry. Consider the number of Joint Operating Committee's (JOC's) they participate in, and then consider the number of users that will be involved in preparing and using corporate data. Access to the user's domain when they may fulfill different roles in different JOC's for different client companies, one begins to see the issue regarding their ability to search for their information.

The idea that search and security would be linked would have seemed oxymoronic a few years ago. How could search maintain and build upon the security of a Service Oriented Architecture (SOA) such as the one being written about in this blog. Firstly the top priority of any development and operation of any application of this type is the quality, integrity and security of the data that is being used by producers and users. At the same time search will become an indispensable competitive tool for any oil and gas producer. Access through extensive, state of the art search technologies is a critical requirement for the oil and gas producer and user. Another critical issue is the users expectation of near single shot relevancy being provided by search giant Google. A little review of the features of the technological architecture as it is proposed here is as follows.

Authorized access will be granted to users through the world wide web. Recall that the use of a private network using IPv6 provides enhanced security that is inherent in the protocol. The producers will also access their applications from the Grid that is owned and operated as a service by Sun Microsystem. Hosting of the Genesys application by Sun provides a level of third party reliability and security that is necessary for the application. Genesys will focus on research and development of systems, not compete with Sun on infrastructure.

Each producer will have a virtualized Solaris environment on the Grid, Ingress Open Source Database Instance, and Genesys Application Server all operating side by side with other producers, possibly on the same processor. This will provide, and it stands to reason that firewall and other security requirements are already in place, each producer will access their, and only their application and data. In addition each virtualized environment will have a Google Enterprise Search Appliance maintaining the access, control list, search security, and search index's. Information about Google's Enterprise Search Appliance can be found here, and their Enterprise blog here. Information on Sun's virtualization of Solaris is here.

Deciding between money, time, and / or quality, as with any system development you are entitled to two of these objectives at the expense of the third. In the case of search security, and security in general time and quality will be at the expense of money. Although the Solaris user and Ingress user accounts are free as they are open source, they do command large fees for services of operation, the Google Search Appliance is also relatively expensive.

I found a website and consulting firm that has dedicated themselves to enterprise search and security. Idea Engineering have a newsletter that provides the necessary discussion of many of the issues companies will need to address in the future. I am highlighting a series of articles they wrote in a series of newsletters that provide value for the readers here. The series of articles are here, here and here.

A couple of the assumptions that I am operating under should be stated explicitly. We have design freedom in terms of how the application is built. Secondly, we have the cost of 1 Million Instruction Per Second (MIPS) of processing power is now $0.01 (processor costs only), enabling intense, yet affordable processing capability. Think encryption, virtualization of each producer each employee, heavy and multiple indexing algorithms and access control lists, processing demand will be very high. Add the unique perspectives that are part of this blog like Military Command Structures, Single Sign On (SSO) which is a necessary feature.

Lastly the manner that I see this application being built is through the ultimate users. What I would like to see happen is that a discussion around these points fill in some of the detail and ferret out the finer points and issues. It is the users application and their involvement is being called on for this critical issue.

Technorati Tags: , , , , ,

Thursday, March 22, 2007

Another security concern.

I wrote earlier about my concern for the security risks associated with the new Zune and web phones, and that includes Apple's new iPhone. These large hard drives with wireless connectivity could be accessing corporate data without anyone knowing. The need to encrypt your network is critical these days, but it is also necessary to store your data in encrypted form. A very difficult task for a company to do. This new threat that I am writing about today will also be mitigated by high level encryption on the network and storage. I recommend Sun Microsystems Elliptical encryption technology.

The other product that has popped up that concerns me is Adobe's Apollo platform. In an attempt to "pick up where Java has left off" they have created a "run-time" that enables web applications to operate also as desktop applications. The manner in which they do this is of course is enabling Apollo to have access to the lower level operating system functions. This is where Java has drawn the line and it is the point where no Java application can access the data and systems of a client machine. Apollo takes this security precaution, throws into the garbage, and offers any user a tool that will enable anyone to provide web and desktop applications without knowing what is really going on. Behind the GUI application, another part of the same application may be copying data, destroying data or what ever it is they may want. It literally has nothing to stop the user from being entertained or distracted while it goes on its merry way through your client machine and network.

The key to solving this problem is to not download the "run-time" Difficult when you have many users. The "run-time" is necessary to run the "p" code that the applications will be distributed as. "p" code is not full binaries, but also not software code. As a result the user can not look at the code and determine what it's actually doing. Without the "runtime" when a web site uses some Apollo functionality, it will be unable to morph itself down into to the operating system level, disabling the feature of the website.

The other problem with this is the popularity that this platform will have. The demonstration that I saw was of an eBay Apollo application and included credit card numbers and access to the file systems. The users need to get the work done, and more and more that is all that the they are concerned about, and hence they will use what works, irrespective of the consequences of what they don't know or don't understand. The only people that I think are going to be interested in writing applications for Apollo are the ones who are currently writing viruses. The Apollo "run-time" doesn't let them in, it invites them in. No software vendor that is concerned with the security and reliability of the client systems will write to the Apollo "run-time", therefore it may simply be a matter of selection that the users are disallowed the use or download the Apollo "run-time". But then again, a good virus writer could probably install the "run-time" for the user.

Technorati Tags: , , ,

Monday, February 12, 2007

Greg Papadopolous of Sun Microsystems.

In what is dubbed as "Sun Analysts Summit 2007," Sun Microsystem co-founder and Executive Vice President of Research, Dr. Greg Papadopolous makes his presentation entitled "Redshift: The Explosion of Massive-Scale Systems. This presentation should be viewed by most users of computers today. An important video that details where the demand for computer processing is coming from, and where the solution to satisfying those demand resides. At 46 minutes it is a worthwhile review. So much of what I expect in this oil and gas software development project needs to be addressed from the hardware side. The demand for processing of an entire segment of the oil and gas industry is not something that can be taken likely. Recall that we have selected Sun as our key vendor for their support of the Java platform. This extends to Sun's Niagara Chip set, Solaris their Operating System, their Grid Computing offering, Crossbow their virtualization offering and finally the Java Programming Language.

Starting off with "Project BlackBox" which is a standard shipping container that provides substantial computing performance in one "BlackBox". Two rows of 19' standard racks, with each rack capable of housing 42 units of servers, blades and / or storage devices. The cooling of 200 kw of processing is the defining capacity of a project Blackbox. One should ask what / who would need to use such a large unit? That is the purpose of this talk. Many of these systems will be used by the market, and most importantly this software development project will use BlackBoxes in order to host the application for the oil and gas industry. The system we will be using will be owned and operated by Sun Microsystems and hence provides not only the solid reliability, performance, and availability of computing power but also the security that each producer knows their data is as secure and as confidential as possible.

"Red Shift" is a leading observation of Sun's marketplace of computing. The costs of computing is halving each year, yet the demands continue to grow. Where is this demand coming from? Core Enterprise demand has been satisfied by Moore's Law for a number of years. Dr. Papadopolous says that Band Width is the key driver to the current and future increases in computer processing demand. Band width has grown exponentially from 56 kilo-bites of analog capacity in 1995, to now 10 Gigabit Ethernet being available today. This band width is fueling an increase in the number of devices that are networked. It is clear that the proliferation of these devices assumes that processing is centralized in one location. This Band Width related demand is consistent with the technical vision I noted here, and the proliferation of IPv6 related devices. I agree with Dr. Papadopolous that the computer demand in the future will be difficult to satisfy.

Bandwidth is driving the increased demand for computing in far greater volumes then what Moore's Law provides. In addition to the conventional business market, the High Performance Computing market makes the demand for computing processing insatiable. Papadopolous notes demand from small and midsized firms that are using hosted services like Gmail, Salesforce.com and other web applications is a trend that he suspects will be showing up soon in large firms as well. Running an email server is an arduous task for any and all users. Aggregating the demand for email in the hands of large service providers provides economies of scale and better application functionality over the long term. A variety of customers are beginning to realize Service Oriented Architectures are the most effective and efficient means of managing these services.

Dr. Papadopolous notes that what he calls "Redshift" is a move to massive scale. Where scale and efficiency are available and afford-ably provided to users, when the users need them, wherever they may be. Sun believes RedShift will be redefining to the computing industry. Coporate strategies regarding Red Shift are of two possible scenarios. First Sun could be disintermediated such as what Google is doing in building their own servers. Or alternatively, follow the Sun school of thought that high levels of engineering are needed to build systems for today and the long term future. This latter strategy is also where strong integration of both software and hardware engineering is needed. "Efficiency and Predictability at massive scale are as Mission Critical to Redshift as Remote Access Servers (RAS) has been to the core enterprise."

Papadopolous is keen to differentiate what he means by the "Commoditization of computing" is not the "Commoditization of computers." The engineering of complex systems is necessary in this "RedShift" era. The cobbling together of many single core systems will only provide so much value. The approach of providing the City of New York with electrical power generated by a series of portable generators is inefficient, impractical and costly. This is the analogy he draws between what Sun is providing with their services and what many of the smaller service providers are doing.

Speaking on the Sun offering Papadopolous notes that computing infrastructure consists of three things. And to Sun's credit they have been able to integrate these components and provide commoditization of computing in an efficient manner.

  • Core Services and Platforms
  • O/S Instances
  • Base HW Plant (Server, Storage and Switches)
Base Hardware Plant.

What had happened in the past 20 years to distill the microprocessor down to a single chip is today what Symmetrical Multi-Processing (SMP) systems are being codified into one chip. That which was a full rack of servers in 1997 is contained on one Sun Niagara chip. Providing lower costs in almost any metric of computing power.

Taking these concepts further, Neptune, Sun's next processor will contain a 10 G Ethernet card embedded in the chip.

Operating System Instances

Solaris, Sun's open source operating system, Crossbow their operating system virtualization tool, and Java which is integrated into Solaris. "The Java RTS (Real Time Systems) + Solaris = Real time Application Server". With real time results, providing a solid application system performance that mirrors and exploits the value of their hardware. It is my opinion that both Apple and Sun's futures are brighter based on their ability to integrate their own operating systems on their own and x86 hardware. Companies such as Dell, IBM and HP are unable to compete in this arena due to their inability to provide the integration at this high level.

NetBeans which is the open source version of Sun's development tool is one of the best Integrated Development Environments (IDE's) available today. BlackBox as mentioned above defines the shape of Sun's very bright future.

Core Services and Platforms
  • Identity and Security
  • Procedural languages and scripting.
  • Service Oriented Architecture and Web 2.0
  • New Clients.
Finally Dr. Papadopolous notes a key component of Sun's open source business model is that "Open Source" does not apply to the binary or run time application. The Binary requires the use and service contract with the in this instance. Genesys will be paying for the use of Solaris and Java services, support and use agreements. This is in addition to the processing power purchased by the hour off the grid. All in all an excellent video, one that provides a vision of the future of computing.

Technorati Tags: , , , , , , ,

Tuesday, January 09, 2007

I want to reiterate my concern.

First, yes I want an iPhone as soon as possible. The networking and Mac OS / X underpinnings will make the "tool" usable by everyone and anyone.

Secondly, yes I will develop unique applications that employ the iPhone in the many ways the oil and gas users will want. Using Cascading Style Sheets, Ajax and JavaScript limit the scope of the applications that can run on the iPhone to ones imagination.


And thirdly, yes, I want to reiterate a concern that I mentioned last summer. As with any new technology the security and access privelages are becoming much more difficult to have under even reasonable control. My concern about wifi enabled pod slurping can and will be one of the greater risks to corporate security.

Technorati Tags: , ,
Photo Courtesy of Apple.

Wednesday, January 03, 2007

Enterprise Search and Security.

New Idea Engineering publish a monthly newsletter that discusses the difficult topic of enterprise search and security. They have recently published a series of articles under the heading "Enterprise Search: Mapping Security Requirements to Enterprise Search." The three articles are available here, here and here.

In terms of the technology used in this application, I have stated the architecture that will be used here. Two major additions being added to the Genesys architecture are;

  • Use of the Google Search Appliance.
  • Virtualization of a producers environment on the Grid.
These New Idea Engineering articles point out a number of very important issues that I will address when we are getting closer to the start of development.

Photo Courtesy of fox2mike
Technorati Tags: , , , ,

Thursday, July 13, 2006

A new security risk?

This is a warning to oil and gas companies regarding a new and significant security risk. Normally I don't concern myself with these, however, the following is the most prolific risk in technology today.

Pod slurping has been known to be a reasonable risk since the beginning of the iPod craze. Podslurping involves high speed copying of hard drives onto an iPod at an unauthorized location. The difficulty is having physical access to connect an iPod device to the network and then copy the disk images to the iPod for later review. With these iPod's being upwards of 60 gigabytes, significant volumes of data can be taken in less then 2 - 3 minutes. That is until now.

If as Microsoft has claimed, their new iPod killer will be wireless, then the physical access is not required. A visitor to your office may be able to access the data on hard drives wirelessly and maybe not even require physical access. I believe this may be a significant risk.

The only remedy is to encrypt literally everything so that the information is useless in the wrong hands. This can be done by ensuring all;

  • data is stored in encrypted form.
  • network connections are on a virtual private network.
  • wireless connections are encrypted, and not broadcast.
Trust Microsoft to introduce the device that brings the greatest risk to data integrity. Which brings up the other risk. The ability to load programs and other data on to a harddrive is also a concern. The ability to store something in non-encrypted form would still be a threat if it were a script or, other compromising data.

When a company of size considers how many hard drives are accessible in this fashion it gives one the willies. Each computer is essentially a potential entry point when one considers that a wireless USB port can be augmented with a 802.11 b/g or Bluetooth connection in less then 10 seconds. Permitting anyone to create a new wireless network for their own use. However, it would be fairly easy to see someone using a computer in an unauthorized fashion, the iPod could be actively downloading information during a regular meeting. The network computer and service oriented architectures have never been more justified.

Now based on Microsoft's release schedule, their iPod killer won't be out until 2015. However, Apple won't sit idly by and let Microsoft introduce any innovation that isn't on their platform first. If there is to be a wireless iPod it could be seen as early as this years Apple World Wide Developer Conference in August. The time frame therefore to encrypt one's data is now, with very little time to do it.

Technorati Tags: , , ,