Securing the Grid and Web Services

Greg Nawrocki points out a tutorial on the IBM DeveloperWorks site that's worth taking a look at.

Link: Grid Meter | InfoWorld | Securing the Grid and securing Web services ... one in the same? | October 25, 2005 09:01 AM | By Greg Nawrocki.

... There's an interesting tutorial today on IBM developerWorks about delegation of rights in Grid environments. What's particularly noteworthy for mainstream enterprise IT folks is that the Globus Toolkit (the most widely used open source middleware for Grid computing) over time has assimilated many of the key components of the Web Services Resource Framework (WSRF).

"Virtual" Change Management

Great idea. I wonder how they test this for "accurately assessing risk" ? The use of discovery and automated analysis to derive dependencies and risks has got to be the really hard part of this. 

I'm not sure I'd call this "virtual change management" so much as simulated change management.

Link: InformationWeek > System Management > "Virtual" Change Management Pitched For Network Admins > October 25, 2005.

  Skybox Security is preparing to take the wraps off a new automated modeling solution which will provide businesses with a means to test configuration changes in a staging area in advance of making any alterations to the enterprise itself. Next Monday the security risk management vendor will launch Skybox Assure, virtual staging software for network change and compliance management that promises to help businesses eliminate much of the manual and error-filled nature of change management and replace it with an automated and highly accurate process for assessing the risk potential of possible configuration modifications.

Organizations will be able to test the effect of a change on the network using Skybox Assure and to audit that access and security controls are in compliance with their policies.

“We can accurately assess risk without ever touching the network,” says Ed Cooper, vice president of world wide marketing for Skybox, adding that an organization with 4000 nodes may make literally hundreds of changes in a day. Skybox Assure provides a way for IT professionals to assess what impact those changes would have before they are made to the production network without requiring a lot of time-consuming manual input.

The application gathers infrastructure, access, and security device configurations and evaluates access paths, mapping dependencies between devices, and the potential risk posed to critical assets. Skybox Assure takes applies this data to model the enterprise, simulating connectivity paths in the context of potential risk exposures. IT managers can compare the potential impact of configuration changes against the existing network configuration. ...

IBM Adds Patents To Open Source Pool

This is worth watching.  If there are two aspects of life in the US which are profoundly messed up, and at the same time have the potential to be improved mightily by technology, it's healthcare and education.  I hope that this  results in more than just a PR win. 

I would very much like to see the initiative address the development of standardized electronic health record networks.  Not just as a means of improving our standard of healthcare, but as a security measure in the face of potential pandemics like a mutated H5N1 avian flu, or more insidious, intentional use of bio-warfare.

Link: InformationWeek > Open Source > IBM Adds Patents To Open Source Pool > October 24, 2005.

  IBM has unveiled an initiative to improve interoperability and access through open source software standards.

Under the initiative, announced Monday, the company is pledging royalty-free access to its patent portfolio for development and implementation of selected open healthcare and education software standards built around web services, electronic forms and open document formats.

The company stated that growth and service delivery in healthcare and education is stunted by a proliferation of incompatible formats and proprietary technology, making it difficult to find, retrieve and share standardized medical records and educational resources.

The new initiative could spur worldwide development of standardized electronic health record networks, supporting the protection, privacy and security of health information through open, interoperable technologies, according to IBM.

IBM's New WebSphere Challenges JBoss

It's interesting to see how the "big dogs" are embracing open source software to give little back to those OSS "upstarts" that seem to be nipping at their heels.  There's Oracle buying up Innobase, ostensibly to both compete with and take away a resources from MySQL.  And, as I believed when I first heard about IBM's acquisition of Gluecode, it's now time for IBM to deliver a low-end Websphere-compatible solution, based in great part on open source, and capable of having a dampening impact on JBoss (they hope).

Link: IBM's New WebSphere Challenges JBoss.

IBM announced Tuesday a new member of its WebSphere application server family: the WebSphere Application Server Community Edition.

WAS CE (WebSphere Application Server Community Edition) is built on the Apache Software Foundation's Geronimo open-source application server and includes code from Gluecode Software.

IBM acquired Gluecode last May.

WAS CE also includes IBM's Cloudscape database, which is based on the open-source Apache Derby Project. The end result is a J2EE (Java 2 Enterprise Edition) application server, which IBM means to be a flexible and affordable alternative to traditional commercial software offerings and can help customers begin to deploy an SOA (service-oriented architecture). ...

Berlind thinks you should try VMWare's free virtual machine runtime

I posted a few days ago about the cleverness of VMware's initiative of giving out the "player" at no cost to individual users. 

David Berlind's comment in ZDNet yesterday does a nice job of describing the value to the individual user, and hints at what the upsold value might be to enterprises.  His is precisely the response that VMware wants to have, representative of why this approach may be extremely helpful in their efforts to address the competition of Xen and other virtualization offerings like Parallels and Propero.

Link: Why you should try VMWare's free virtual machine runtime | Between the Lines | ZDNet.com.

Virtual machine (VM) technology has been around for PCs for a long time.  For me, it's been one of those technologies that I've heard about, wrote about, and even seen in demonstrations for almost as long as I can remember.  But it wasn't until I recently started acquainting myself with VMWare's Workstation 5 (in the course of trying to simplify my testing of Windows Vista) that I've become so sold on VM technology that I can't imagine being without it.  Now that VMWare has announced that it's virtual machine "player" can be freely distributed to any system, I'm even more convinced that this is a technology that no system should be without.  Here's why. ...

Parallels, Inc. announces YAVM

Yep, it's Yet Another Virtual Machine.  The website seems to be pumping the notion that Parallels' workstation VM is half the price of VMware or Microsoft's solution.  If we're already into pricewar territory, it's going to be a bumpy ride for many of the virtualization companies.

Link: Virtual pc, virtual machine and multiple operating system solutions by Parallels, Inc..

Parallels Workstation is a powerful, easy to use, cost effective desktop virtualization solution that empowers PC users with the ability to create completely networked, fully portable, entirely independent virtual machines on a single physical machine.

More Desktop Virtualization

This time, from the Continent.  I note that they provide an interesting cost savings calculation ($600 per employee per year) and claim that "(t)he startup already has a strong partner in IBM Corp."  IBM's never one to put all its eggs in one basket.

Link: InfoWorld Nederland.

Desktop virtualization startup Propero Inc. is due to release version 5.0 of its workSpace virtualization software Monday. The software enables users to access any application from any computer in any location, according to Propero's co-founders, helping companies to significantly lower their IT costs.

IBM inks deal with VMware for virtual desktops

And, speaking of VMware, last week's announcement of the VMware-IBM deal that will result in the IBM Virtualized Hosted Client, may have some interesting effects.

My concern on the transition to remote desktop solutions is whether, by itself, the cost and the return on investment is sufficient to warrant the move.  There needs to be a more compelling, strategic approach which provides corporate IT with a no-brainer decision.  (Some of the same concerns are voiced in the article by Gordon Haff at Illuminata .)

Update: In looking at the eWeek article covering the IBM-VMware virtual desktop deal, I noticed that there's a third party involved - Citrix.

Centrally located blade servers running VMware's virtual machine technology will house the critical components—such as the memory and processors—and data, which desktop users could access from a desktop device via Citrix's Presentation Server.

Link: IBM inks deal with VMware for virtual desktops | InfoWorld | News | 2005-10-19 | By Ephraim Schwartz.

... The client infrastructure will give datacenters the capability to use IBM’s BladeCenter technology to create an average of 12 to 14 virtual desktops per blade. A  BladeCenter chassis contains 14 blades that can be linked to hundreds of additional BladeCenters, according to Juhi Jotwani, director of Blade Center and X Series Solutions at IBM.

The VMware software creates multiple virtual machines so that users can run multiple desktops with multiple operating systems. ...

VMware Player Runs Virtual Machines For Free

What a smart commercial move. It's reminiscent of the strategy Adobe used when distributing the Adobe Reader for free as an internet download.  Of course, it's now well-established as a scenario for acquisition and use of open source software. 

When reading the trade press, I get the impression that VMware has only a few more months before the open source Xen hypervisor and XenSource (the commercial entity supporting Xen) start making serious in-roads into the VM space.  It's definitely important for VMware to stake out territory.

Link: InformationWeek > News > VMware Player Runs Virtual Machines For Free > October 21, 2005.

VMware this week released a free utility that lets users run pre-created virtual machines on Linux or Windows PCs, giving companies the ability to distribute beta software, custom applications, or special environments to workers or customers who don't use VMware's more expensive desktop or server products.

The VMware Player can run virtual machines built with VMware Workstation, GSX Server, or ESX Server, and also supports Microsoft's virtual machines and disk formats created with Symantec LiveState Recovery.

VMware's pitching the player as a way for users to run pre-configured environments quickly, without having to install a new operating system, or even new applications themselves.

The Palo Alto, Calif.-based company, which was acquired by EMC in early 2004, has also posted several ready-to-go virtual machines that can be downloaded and run with the player. Companies such as Novell, Red Hat, IBM, and Oracle have stocked the download center with virtual machines touting their products. ...

Small company makes big claims on XML patents

In a post a few weeks ago, I riffed on the idea of IP Raiders.  Here's a company which claims it has patent rights on intellectual property that's been incorporated into XML.  The article in ZDNet raises this as an issue relating to software patents. 

Now, I'm not a big advocate of software patents, or rather process patents that are so nebulously worded that it's impossible to determine in advance of a court decision whether there's infringement or not. But this is not an issue of software patents.  This feels like a combination of bad judgement on the part of the Patent Office and financial self-interest.   

I haven't read the patents, and don't know the details.  I have no basis on which to pass judgement, just some impressions.   What bothers me is recurrence of these infringement claims only after extensive adoption of a particular piece of IP by the industry at large.  It does not sit well with me.  It's a feeling of being ambushed.

This system is broken.  The patent trolls need to have some limitations placed on their actions. 

Link: Small company makes big claims on XML patents | Tech News on ZDNet.

... Scientigo intends to "monetize" this intellectual property, Scientigo CEO Doyal Bryant said this week.

Rather than seek royalties itself, Scientigo has forged a tentative agreement with an intellectual-property licensing firm that will handle contracts with third parties, Bryant said. A final agreement could be announced early next week, he said.

"We're not interested in having us against the world. We're just looking for ways to leverage an asset; we have pretty concrete proof that makes us feel comfortable saying it is an asset," Bryant said.

Scientigo's claims are the latest to crop up in an industry that is sharply divided over the role of patents.

Advocates argue that the patent system protects intellectual property as intended. Detractors, including those who call for the elimination of software patents, say that patents make it simpler for businesses--sometimes pejoratively dubbed "patent trolls"--to legally prey on unsuspecting software users. ...

Update: An article in today's Technology Review adds a bit more to the story of Scientigo's efforts.  If I am reading this correctly, Scientigo picked up the relevant patent rights in an auction of Commerce One's IP assets. The IP Raider sobriquet seems more and more appropriate.

Bryant says Scientigo's claims -- which relate to XML "namespaces," a universal system for naming data types, which was added to the XML standard by the W3C in 1999 -- are not a repeat of the SCO episode. According to him, the company simply wants to find a way to earn a reasonable return on its intellectual property. And when South Carolina-based e-business software developer Commerce One auctioned off a collection of their own XML-related patents last December for $15.5 million, a way appeared.

It was the Commerce One transaction that really got our attention," says Bryant. "If there was no interest in this [technology], there wouldn't have been a last-minute bidding frenzy by the major players.