externalization trend

Externalisation – The Next Principle for Information Sharing?Can We Apply Web Principles to Corporate IT?

The Open Group Enterprise Architecture Practitioners Conference

Paris, France ~ 23-25 April, 2007

Nigel Green, Capgemini UK

2

The IT Butterfly Effect…

.

3

What I'll be talking about today…

� Define what I mean by externalisation

� How we might think about business information when we put 'externalisation' front of mind

� Provide an example of an externalised approach to Information Sharing with UK government

� Provide a high level point-of-view on what I see as the critical externalising IT enablers and trends

� Illustrate why I think this topic is business relevant and immediate

� Leave you with some ideas, emerging patterns and a number of unanswered questions!

Blah, blah,

Zzzz.What I won't be talking about...

...RDF/OWL, WS and Ontology (well not much anyway!)

...Or Open Group Standards (you're the experts)

4

What’s different Today?

There is the fundamental difference between the way the Web works and traditional enterprise IT systems:

•The Web starts with the premise that any resource can be used by anyone for any purpose

•Traditional Enterprise IT systems starts with a constrained, internal, perspective - usually in support of specific processes.

Externalisation is about bringing these two worlds together to meet business needs for ubiquitous information sharing.

Externalisation is about the deliberate application Web patterns and approaches to Enterprise IT to address business information sharing needs more effectively.

Externalisation is not focused on replacing traditional IT systems per se, rather it is focused on implementing coarse-grained, loosely-coupled and broadly sharable information within and between business domains.

The Opportunity: many of the standards and tools are available to make Externalisation a viable and business relevant approach.

The Risk: Businesses are seeing their employees are already ‘Externalising’ using ‘Shadow IT’.

5

What do I mean by ‘Externalisation’ in the context of corporate IT?

Externalisation:

Breaking apart the concepts of applications and databases to expose the business-meaningful parts of an Information System and, at the same time,

making tacit, human, knowledge and behaviour explicit.

Integrating externally owned information sources and services of value to the Business Information System

Consuming and publishing meaningful events within and outside the enterprise

6

A picture of Externalisation

The access to information and communities on the Web by organisations and the people within them

Collaboration with people and visibility of events (process state changes) outside the enterprise

Ubiquitous Event visibility within the enterprise

The use of external information and data processing services by people and corporate IT

The opening-up of data from within corporate applications –for sharing within the enterprise and, selectively, beyond

Enterprise ITApplications

EnterpriseWeb

ProcessingServices

InformationServices

1

2

3

4

5

1

2

3

4

5

4

7

Brains, Buckets, Boxes and Buildings

� Information relevant to the business is held in various 'containers' within the business

The heads of employees

data buckets

filing systems

and offices

Business information systems are inherently

'internalised’ within these containers..

8

The Web

Information Containers

Container: Human Brains

Container: Applications & Databases

Container: The Organisation

Container: Web Communities

Highly Internalised Highly Externalised

9

The Web

The Nature of Each Container Affects Its Content






Each type of container has an affect on the information held within it..

Creativity Perception & Selective

recall

Technology Translation Structure &

Binding

Corporate Values, Privacy,

Policy & Regulation

Web Standards & Ubiquitous Access

Self-regulating Communities

10

The Web

Information is only understood within the context of its container






Outcome: Information Exhaust & Corporate Blindness

Only 10% of business process

Information is automated by IT – limited Corporate

visibility

Applications & Databases are built to meet

vertical needs

Shadow IT is used to

support gaps in corporate IT

Useful Information and services might

be out there….

Is my business visible to these communities?

11

The Web

Externalisation: An Approach Re-shapes the Business Systems Container






Dissolves the barriers between internal containers by adopting external information standards and technologies focused on the information rather than

function

Container: Externalised Business Systems

12

A new Architectural Style for expressing desired Business Outcomes?

� An Architectural Style that focuses on:

• The analysis of the behaviour of people and organisations and their interaction with information systems

• Real world events, content and policies

• Values of people and organisations and their trust relationships

• Freeing-up analysis activities from engineering rigour (which should come as a second step) – thereby helping decision makers

• User adoption approaches from the outset thereby materially increasing implementation success

• Business outcomes and communication to business stakeholders to aid decision making processes – contrast with engineering tools (business process and IT)

� A style that is complementary to necessary and proven methods for process and IT design, for example:

− Enterprise Architecture frameworks and methods (e.g. TOGAF, IAF, Zachman)

− Process Design frameworks (e.g. IDEF, SCOR etc)

− IT Solution Design frameworks and methods (e.g. RUP, Package specific design methods)

We believe this style is based on 5 simple, abstracted, analysis dimensions:

Values, Policies, Events, Content and Trust

13

xxxx

ValuesPoliciesContentEventsTrust

Focusing on these aspects as discrete, re-usable, information components creates the foundation for externalised information sharing across the business

Externalising the key aspects of the

Information System e.g.:

Business Events

Content & Dialogues

Policies & Contracts

Values, Outcomes & Goals

Trust Models & ProfilesValuesPoliciesContentEventsTrust


Focusing on VPEC-T: Externalisation Within the 4 Walls

14

And increases the ease of interaction with the outside world


The Web




Focusing on VPEC-T: Externalisation With the World

15

VPEC-T: The 5 key focus areas for Externalised Information Sharing

Focus on the broad range of mandates and agreements such as internal policies, law, external contracts across the

business; the rules that govern and constrain how things get done.Policies

Focus on fostering trust between all parties engaged in a system of value. Trust changes over time, and

understanding and fostering trust relationships are critical to useful IT. Values will be more authentically

disclosed and more values will be declare the deeper the trust relationship. Trust can be defined as Trust =

Intimacy + Credibility / Risk.

Trust

Focus on the documents, conversations or messages that are produced and consumed by business activities. These

are the dialogues we use to share a plan, a concept, a history and/or the details of a person, place or thing.Content

Focus on the real-world proceedings that stimulate business activity – sometimes in a pre-defined sequence but

often not. These are the triggers for action.Events

Focus on understanding the values and desired outcomes of both the individual and the business, and the values of

individuals and businesses you interact with. Values can be thought of as constraining beliefs (e.g. ethics) and

goals (e.g. desired outcomes)Values

Applying emphasis and techniques to:Dimension

Using business language to discuss these 5 dimensions enables the business to express an Externalisation agenda – and the output is also meaningful to IT

specialists.

Implementing Externalised Information Sharing within the UK Criminal Justice Department

17

The UK Criminal Justice Exchange

The Exchange provides national operational services for information sharing to a federation of Criminal Justice Organisations, other government departments and external practitioners.

Today, the Exchange processes around 2 million messages a month and provides secure application access to hundreds CJS users

The Exchange is secure information sharing environment run by CJIT

The Exchange is being built to a Managed Service vision which emphasises capability re-use and rapid deployment and business process flexibility through user configuration

This is the story of how we applied innovative approach to the business and technology challenges faced by CJIT

18

An Example Future Process Supported by The Exchange

InvestigateIncident

1Arrest &Pre-Charge

2 Charge Suspect3Review &Prepare Case

4Prepare forHearing

5Court Hearing& Outcome

6Justice &Rehabilitation

7

The Criminal Justice ‘Supply Chain’ is a combination of many such processes

19

1 2 3 4 5 6 7

• Report

• View• Alerts

C r i m e P r e v e n t i o n

And the bigger picture – a ‘Web’ of connected Information Sources

1 2 3 4 5 6 7B e y o n d t h e C r i m i n a l J u s t i c e S y s t e m

20

A 10 Year Journey – From Messaging Hub to CJS Web Platform

1 2

Charge Suspect

3 4 g5 6 7

1 2 3 4or5 6 7

• Report• View• Alerts

TheExchange The Vision

TheExchange

21

The Exchange Services Architecture – Channels and Configurable Services

MSG

MSG

RFID

Browser

Browser

Today, The Exchange offers messaging, file transfer and portal channel services

In the future, The Exchange will offer new channel services such as RFID and Voice and others…

New channel services are being added .. E.g. Data Access (demonstrated in the Proof of Concept )

Route

Transform

BPELInterpret

Publish

ExternalWS

Work Flow

Discover

Overtime, a range of common platform services will become customer configurable. Many of these services are in development today.

TheExchange

22

The Exchange Services Architecture - the journey to a ‘CJS Web’

MSG

Route

Transform

BPELInterpret

Publish

ExternalWS

Work Flow

Discover

Browser

TheExchange

BusinessEvents

BusinessContent

Documents

Collectively, these configurable services will be the basis of future Composite

Application Services

MSG

RFID

Browser

The Exchange can be configured to store XML documents (e.g. Events & Content) on any authorised government server.

This will provide the foundation for an incrementally developed Criminal Justice “Semantic Web”- The CJS Web.

Events – The focal point of Externalised Information Systems?

24

Three ‘Event-Driven’ patterns – Business, Academia and Technology

� Global Parcel Tracking Systems• Federal Express, DHL, UPS

• Standardised Checkpoint messages – Business Events

• Advanced use of Barcode Technologies

� The X-Internet and CEP• Original concept from MIT

• Adopted by the AutoID/RFID tagging community - EPC Global

• Complex Event Processing – Professor David Luckham at Stanford

• Real-time Business Activity Monitoring

� Web 2.0, SOA, and Agents• Events-trigger News Feeds - Real Simple Syndication (RSS Feeds)

• Events trigger services in a SOA and/or SaaS model

• Real-world events provide triggers to Software Agents to profile, analyse and make inferences

25

Events versus Content

26

Fuzzy and Precise Events:

� Events can be regarded as both highly structured and precise and highly unstructured and imprecise messages within a common Event ‘envelope’ (general structure).

� For example, a movement tracking system may receive highly structured signals from RFID or GPS devices which are then converted into equally structured human-readable business events, But the same system might also receive much more unstructured Event information, possibly capture a ‘text’ message on a mobile phone that might alert of a delay caused by heavy traffic.

Events can be imprecise - Freedom from Data Model Dictatorship – Part I

Planned and Unplanned Events

Missed Call: From Joe at 10

AM

Missed Call: From 01777 23456 at 11

AM

Business-meaningful Events are simply events that would be useful to know about – however imprecise!

It’s better to know that someone called me even if I don’t have their details in my mobile phone (the phone’s ‘data model’

Events may be expected or unexpected

Should the emphasis is placed on the value to the human consumer as opposed to information engineering rigour?

27

Football Results and Weather Events Matter to the Oil Industry

Externalised Communities and Services Here and Now!

29

Useful ‘Shadow IT’ is more accessible and is more often outside the ‘four walls’ of corporate IT

“Me"

And the information resources I can personally access…

Mainframe

Departmental

Networked PC

Web

Is this a present issue for corporate governance?

This creativity has probably been a blessing in the past, however…

Might personally useful information networks and services take Shadow IT further outside the enterprise?

As users access more of these information sources and services are there increasing security, content pedigree and legal implications?

User creativity has been constrained by the technology available to them…

30

Web 2.0 – Emerging Patterns in the Consumer Internet

Web 2.0 – The Web as the

Platform

Mass Peer Publishing &

ReviewDynamic Self-

Organising Communities

Tagging not Taxonomy

Bottom-up Emergence not Up-front

Design

Citation, Authority & Referencing

Monetising The Long Tail

Others’ Resources as

Platform

“The User Controls Their Own Data”…

31

Direction of Travel - Web Epochs and Enterprise IT

The Web is now evolving to be the Platform of Reuse and Participation

From Islands of Information to a Communities of Information

Will we see similar patterns in Enterprise Information?

Original Source: Dion Hinchcliffe http://web2.wsj2.com/

Web 3.0+

The coming together of Web and Enterprise IT?

Web 2.0

“the widely read-write Web”

Web 1.0“the widely read-only Web”

externalisedenterprise IT

Is the Semantic Web (Web 3.0) the complete answer?

33

Relevant Web 2.0 Pattern: User-Provided Tagging or – Freedom from Data Model Dictatorship – Part II

� The step beyond Google’s word-matching• without resorting to taxonomies

• and without waiting for the semantic web

� Is User-provided Unconstrained Tagging (referred to as ‘Folksonomies’)

• Not enforcing the originator to capture everything that might be needed

� You can then exploit patterns in Tags / ‘Tagclouds’

� But it can only work if the participant is incentivised to take part • E.g. Del.ici.ous bookmarks, Flickr Photo Organisation

What might this mean for Enterprise Information Sharing?

Where would user-organised information be useful, and how would users be incentivised to participate?

34

SOA, REST and Information-as-a-Service

Grown-up SOA?

� Can the maturing SOA frameworks combined with REST styles and Information-as-a-Service approaches provide the ‘fabric’ for the externalisation agenda?

• To mediate this ‘publishing, citation and emergence’ ?

• Dynamically managing the metadata and the routing

• Using Policies, Events and Content rather than Top-Down Decomposition

Information-as-a-Service:

“… approaches information integration in loosely-coupled, coarse-grained, asynchronous in manner that seeks to avoid the requirements of comprehensive data modelling prior to integrating them”

- Ronald Schmelzer

REST

Representational State Transfer is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses

through an application by selecting links (state transitions),

resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use.”

- Dr. Roy Fielding

Could an Externalisation Agenda be the, business relevant, ‘Killer app’ for SOA and provide the business rationale for REST and the Semantic Web?

35

Externalised Identity driven by the ‘On-Demand’ vendors

OpenID

� OpenID is a lightweight, decentralized identity system that provides web single sign-on. We have merged the technology and use cases of the Simple Extensible Identity Protocol (SXIP) and Digital Identity Exchange (DIX) into the OpenID 2.0 specifications. OpenID 2.0 features include improved extensibility, increased security, substantive identity data attribute exchange abilities, and third-party signed assertion capabilities.

Identity 2.0

� Identity 2.0 is an open, standards-based, yet fundamentally decentralized identity model. First coined by us in January 2005, Identity 2.0 describes the concept of an ID that can be trusted and used anywhere and requires no centralized consultation with the ID authority that issues the credential.

Will adoption drive an externalised approach to user authentication and single sign-on?

36

Ubiquitous Identity -Recent thinking from MIT

“The suggestion here is to use the 128-bit IPv6, a scheme that already at hand and being deployed, gradually but globally. This may be the “one-size-fits-all” hyper-id that is unique.”

“Think IPv6 as the solution that is preagreed for global adoption. Think about contextual relevance of data and how to “number the numbers” but especially how to route numbers (data) which may be identical but with different identities.”

U T R I - Unified Theory of Relativistic Identification of InformationConvergence of Unique Identification with Syntax and Semantics through Internet Protocol version 6

By Dr. Shoumen Palit Austin Datta, MIT

What are the possibilities for externalised information sharing if we can uniquely identify objects and people, within the context of processes, globally?

37

EventProcessingStandards

OntologyFolksonomy

Will Externalised Information Sharing become BAU?

What might be the effect of the combining such ‘externalising’ technologies and patterns?

Could they, in combination, be the foundation of a truly business-enabling Semantic Web ?

Identity Management

Standards

SOAREST

38

Externalisation Agenda Guidelines for Enterprise Architects

• Discover the need - Consider a new architectural style (such as VPEC-T) for defining and agreeing an Externalisation Agenda with the business

• Explain why - Help the business see the value of an externalised approach – develop the story that explains how SOA/REST/Web 2.0/3.0 etc. support the businesses Externalisation Agenda

• Prove it early - Start small and think coarse-grained. Be pragmatic & incrementally build to a long-range vision

When people converse we externalise information naturally – we can bring this concept to the IS we use and in doing so, make it easier for businesses

to consume.

Should businesses be working on an Externalisation Agenda now?

39

Questions or Comments?

externalization trend

Technology

information containers

information and4

webuseful information

business systems container

external information

buildings information

thebusiness information

owned information sources