One of the open source pillars is the Cathedral and the Bazaar by Eric Raymond. I do believe the open source is one of the best models for software development.
Now, 12 years later is is still relevant ?
In one word the answer is "yes" and obviously the long answer is "yes but in an other way". The "services" instead of software, makes some of the open source basics irrelevant.
On one hand, the services are the ultimate stands in the Internet bazaar. You can use it, add capabilities and services, but usually one can not modify them or really see how they work. In this case you do not purchase a product, but hire a service.
If a service is good it would attract many users and will either survive or some derivative will be implemented that will survive or will be improved later. If it is not of interest or badly applied, it will remain useless and be abandoned with time.
Will the X in XaaS will make the open source ex ?
Only time will tell.
Monday, May 25, 2009
Saturday, March 28, 2009
The new trends in IT for the recession
Clearly recession is the time when changes are needed and there is higher probability that th change will happen. Obviously, the first driver is the need to cut expenses, however, there are additional aspects that need to be seen. The IT passed several recession periods and after all of them new technologies appeared. It will probably happen again, but only afterwards one can point out the successful new technologies that appeared.
In this post, I would like to point some of the that I think will be strengthen during the current recession.
Focusing on business targets - The IT looks like it has its own life. I have the feeling that technological companies develop new technologies and then look for needs. This is why probably some CFO's have feeling that the IT is unavoidable expenses rather than good investment.
Switching from capabilities to services - Most of the products today are services. If you can charge back-to-back for what it costs you that is the best model.
Change the IT into self sustained unit - At some point, the IT will have to get its budget (or at least most of it) from other units of the organization or the clients. Some of the services are already build that way, e.g. banking transactions in which the IT can calculate the cost of each transaction. More challenging and therefore later will be tasks like internal systems where the costs are hard to be estimated like applying CRM or ERP systems where the benefit is for all, but who should pay for it. One option is to offshore or outsource this operation and there the cost is clear and the boundaries are well defined. In this case, the management will decide where the budget will come from which is more or less the same.
Offshoring and Outsourcing - This is an ongoing trend for more than a decade and will keep going. There are many benefits like having a small company, focusing, etc. The only drawback that I can see is the fact that some of the knowledge and capabilities are taken out of the company. It is bad, but so many information leaks that it becomes almost impossible to deal with it. If you can not trust your supplier - do not do it !
Last issue that I want to bring up is the service level from enterprise. Some companies give just lousy service ! It makes the operation miserable and poeple that work on it un-happy. So consider to give your feedbacks for you, your family and your co-workers.
Eddie
Sunday, December 21, 2008
Cloud - What is new, what is old and what is buzz
Cloud computing appeared in the mid of 2007 according to Google trends, which obviously is not the pure truth, but we can pretty much agree that during first half of 2007 the term started to be known.
Cloud computing is the name of very old technology that allows getting services from a remote c0mputing centers. In the 60's the computers were attached with punch cards, cards readers and large rooms full of computers, while now it is virtual machine based operation.
Two ideas are new after all and should pretty much be taken in account:
- X-As-A-Service Users need services - So companies should offer the users services and not software. In most of fields we use services while in computers (due to some unclear reason), companies offer software. You do not ask a GSM software for your cellular and you should neither ask for word processor software. You might need a word processor - that is fine, but users do not need the software, but its functionality. X can be one or more of the following: software, platform, infrastructure, operation, etc. that is given as a service.
- Decoupling between business and IT. This is (IMHO) the biggest change since the appearance of the PC. Companies should no longer look at the IT as wired department that do "some computer work that only they understand". The IT will have to look around and see how it can contribute to the business of the company.
Approx 2 month ago, I asked on LinkedIn What is the "right" place of the IT in an organization ? I wanted to get an estimation of how people see the IT now in order to compare it in the future. All the replies talk about the IT as very distanced from the business. This will change in the era of "cloud computing". If a company uses SaaS or PaaS, the IT will have to invent new roles and get into other business. More of the same is not an option. Given that most of the software can already be used on the net as Office (e.g. google docs), CRM (sales.com) and many others, obsoletes the routine installation and upgrade process that some IT departments spend most of the time on updates and alike.
On one hand, the IT workers are skillful in implementing the same routine again and again and they will have to adapt to the new era. This time each IT worker will be required to have some understanging of the business they work for. If an IT worker in a bank will not be a mini-banker, his contribution to the organization will be less efficient.
Not everything can be moved to cloud. I some cases it is due to technical problems (as the organizations can not allow all their information to be external) and in some cases the IT workers will make huge efforts to prevent it. In either cases, this cloud buzz will force them to learn new practicies. In the future, it might happen that someone will suggest to move the main compute power from the serivce centers to the users. It will not be a desktop but rahter some lite weight device (maybe the cellular successor) and the computers marker will continue to make money out of those transitions.
Cloud computing is the name of very old technology that allows getting services from a remote c0mputing centers. In the 60's the computers were attached with punch cards, cards readers and large rooms full of computers, while now it is virtual machine based operation.
Two ideas are new after all and should pretty much be taken in account:
- X-As-A-Service Users need services - So companies should offer the users services and not software. In most of fields we use services while in computers (due to some unclear reason), companies offer software. You do not ask a GSM software for your cellular and you should neither ask for word processor software. You might need a word processor - that is fine, but users do not need the software, but its functionality. X can be one or more of the following: software, platform, infrastructure, operation, etc. that is given as a service.
- Decoupling between business and IT. This is (IMHO) the biggest change since the appearance of the PC. Companies should no longer look at the IT as wired department that do "some computer work that only they understand". The IT will have to look around and see how it can contribute to the business of the company.
Approx 2 month ago, I asked on LinkedIn What is the "right" place of the IT in an organization ? I wanted to get an estimation of how people see the IT now in order to compare it in the future. All the replies talk about the IT as very distanced from the business. This will change in the era of "cloud computing". If a company uses SaaS or PaaS, the IT will have to invent new roles and get into other business. More of the same is not an option. Given that most of the software can already be used on the net as Office (e.g. google docs), CRM (sales.com) and many others, obsoletes the routine installation and upgrade process that some IT departments spend most of the time on updates and alike.
On one hand, the IT workers are skillful in implementing the same routine again and again and they will have to adapt to the new era. This time each IT worker will be required to have some understanging of the business they work for. If an IT worker in a bank will not be a mini-banker, his contribution to the organization will be less efficient.
Not everything can be moved to cloud. I some cases it is due to technical problems (as the organizations can not allow all their information to be external) and in some cases the IT workers will make huge efforts to prevent it. In either cases, this cloud buzz will force them to learn new practicies. In the future, it might happen that someone will suggest to move the main compute power from the serivce centers to the users. It will not be a desktop but rahter some lite weight device (maybe the cellular successor) and the computers marker will continue to make money out of those transitions.
Tuesday, July 22, 2008
What missing in the gird world ? - Applications!
If one wonders why the grid is not widely used, the answer is trivial - A p p l i c a t i o n s!
Obvious - not ?
Well not so obvious. There are many other issues that cause the application to be not present.
First is the parallel thinking, most of us think serial, or at least not really parallel. It causes both, the application development and the user understanding more complicated. So it should be covered with a lot of abstraction layers that will give good feelig for the user.
Developers, QA, trainers, etc. need to change the way they think. It is not easy to make this major change mainly since there is no methodologies and best practices. The lack of tools can be seen as great opportunity. There is much knowledge in this area, but it is concentrated within the universities and research institutes. Those organizaitons do not understand the industry needs nor the business models.
What about the need?
It is clear that more compute power can be used and contribute to any company, on the other side it is not clear what is the marginal contrubution. The right question qould be not what we gain from doing it but rather what we loose if we do not do it. That is the exact problem of the grid applications. There are many killer apps, but none of them was found yet....
Developing the business model for grid application will probably make a difference. In the past, search engines did not had a common incoming model. Then came Google and the rest is history. SaaS, cloud, etc. are nice ideas, but they are not the business model that you will crash on.
We wait very much for the Google of the Grid world.
Obvious - not ?
Well not so obvious. There are many other issues that cause the application to be not present.
First is the parallel thinking, most of us think serial, or at least not really parallel. It causes both, the application development and the user understanding more complicated. So it should be covered with a lot of abstraction layers that will give good feelig for the user.
Developers, QA, trainers, etc. need to change the way they think. It is not easy to make this major change mainly since there is no methodologies and best practices. The lack of tools can be seen as great opportunity. There is much knowledge in this area, but it is concentrated within the universities and research institutes. Those organizaitons do not understand the industry needs nor the business models.
What about the need?
It is clear that more compute power can be used and contribute to any company, on the other side it is not clear what is the marginal contrubution. The right question qould be not what we gain from doing it but rather what we loose if we do not do it. That is the exact problem of the grid applications. There are many killer apps, but none of them was found yet....
Developing the business model for grid application will probably make a difference. In the past, search engines did not had a common incoming model. Then came Google and the rest is history. SaaS, cloud, etc. are nice ideas, but they are not the business model that you will crash on.
We wait very much for the Google of the Grid world.
Friday, July 4, 2008
Middle-ware - the glue between companies
Now it is clear, the computer resources are relatively cheap when using it as part of the Terra-computing. If Amazon can offer storage and CPU time lower then the cost of disks and retail computer price while it includes installation and maintenance (for storage it probalby includes backup too), the "Cloud computing" is here.
This architecture changes some of the concepts as can be see here. This time, I want to focus on the meaning of the "middleware" and its role in this environment. According to Wikipedia, it can be seen as "services that allow multiple processes running on one or more machines to interact across a network". So in this case the middleware will connect between resources that are located in different autonomous systems. Wait a moment....that is one of the grid definitions. So do we expect the middleware to connect storage from S3 at Amazon with Google-App-Engine ?
It is simple - YES !
The middleware would need to allow creating collaboration over outsourced resources! In the future we might see the cloud computer providers as telephone companies. Huge companies that offer services cheap. But still the middleware will create different clouds for the programmers and will allow focusing on the business intelligence rather than on the maintenance.
Will it be free ? - I hope not always!
Since the commercial companies (and other users) might need a legal contract (that states privacy), this service should not be always free. On the other hand, and as always, new models will come up. Today the most ubiquitous model includes commercials. As in Hotmail. Gmail. etc. - you do not pay money, but you see our commercials. IMHO more models would be seen.
This architecture changes some of the concepts as can be see here. This time, I want to focus on the meaning of the "middleware" and its role in this environment. According to Wikipedia, it can be seen as "services that allow multiple processes running on one or more machines to interact across a network". So in this case the middleware will connect between resources that are located in different autonomous systems. Wait a moment....that is one of the grid definitions. So do we expect the middleware to connect storage from S3 at Amazon with Google-App-Engine ?
It is simple - YES !
The middleware would need to allow creating collaboration over outsourced resources! In the future we might see the cloud computer providers as telephone companies. Huge companies that offer services cheap. But still the middleware will create different clouds for the programmers and will allow focusing on the business intelligence rather than on the maintenance.
Will it be free ? - I hope not always!
Since the commercial companies (and other users) might need a legal contract (that states privacy), this service should not be always free. On the other hand, and as always, new models will come up. Today the most ubiquitous model includes commercials. As in Hotmail. Gmail. etc. - you do not pay money, but you see our commercials. IMHO more models would be seen.
Monday, December 24, 2007
How to count computers (or what is a modern computer) ?
This emerging technology that is called Grid Computing allows (as I mentioned before) anyone to call his computer(s) grid. No one is restricted, in naming (thanks god), but it is confusing. "What do you mean when you say GRID?"
A lot of Grid projects and software exists. Some of it SOA based and some not. This industry gives jobs to a lot of people, so it is probably a good thing. If grid is the up-to-date version of the MF computer, then Greg Matter was right - THE WORLD NEEDS ONLY FIVE COMPUTERS but somehow, I feel there are other ways to see things. If the famous Alice and Bob have an apple each they one can say "they have 2 apples", but one can imagine 3 groups that each one has apples:
(1) Alice
(2) Bob
(3) "Alice and Bob".
This example can be presented "intro to combinatorics" under grad course.
Since each computer can be used for different tasks at the same time, it can be certainly be used for different projects. And if one can use the same computers for several tasks, the computer will be counted in several different projects. So the same as when we counted apples. There are as many as the number of sub-gorups and the same goes for computers.
Long time ago computers had CPU(s), memory and peripherals. A modern computer is composed of network and interaction device (keyboard, mouse, screen). Thats it !
The processor, memory, storage are not part of the modern computer. Neither are the applications, and the peripherals. They or their functionality can be found out there. Most of the resources are free but cost a lot (I will explain it later). Network, applications, compute power and storage can be found for free by resource providers. "blogger.com" is an example of application provider and so does second life (that offers interactive TV for the first time in history). One can broadcast to (almost) all the world (NBC, BBC, CNN - be aware!). And the same when my computer is connected to youtube, I am part of the international cross boundary cinema.
"But waht about business - they keep their computers restricted. You can never know what happens inside..." - Wrong again. When your application, calls Amazon to order books and software, they do some work for you.
As a matter of fact, Grid and SOA is all about outsource your IT !
"Does it mean fire my IT people in the long run ?" - Not at all. They will work on a different environment and provide different services. Any internet shop runs on part of Amazon, Google, Yahoo, etc. The business process (at last) is the main issue of the IT. No more self sustained systems.
So how much it costs ?
It costs in privacy! Visa probably knows better than the CEO of Internet based company how looks their cache flow! So does your telephony, electricity companies and your ISP. The post office and shipping companies knows almost everything about your business activity if you sell goods. They know when your business becomes bigger, when you have trouble, they even know when your company is on vacation (and only a few people left).
So we pay with privacy to have an unlimited compute power, storage, network, etc. and have almost infinite computers to run your small business on.
Is it for real ?
A lot of Grid projects and software exists. Some of it SOA based and some not. This industry gives jobs to a lot of people, so it is probably a good thing. If grid is the up-to-date version of the MF computer, then Greg Matter was right - THE WORLD NEEDS ONLY FIVE COMPUTERS but somehow, I feel there are other ways to see things. If the famous Alice and Bob have an apple each they one can say "they have 2 apples", but one can imagine 3 groups that each one has apples:
(1) Alice
(2) Bob
(3) "Alice and Bob".
This example can be presented "intro to combinatorics" under grad course.
Since each computer can be used for different tasks at the same time, it can be certainly be used for different projects. And if one can use the same computers for several tasks, the computer will be counted in several different projects. So the same as when we counted apples. There are as many as the number of sub-gorups and the same goes for computers.
Long time ago computers had CPU(s), memory and peripherals. A modern computer is composed of network and interaction device (keyboard, mouse, screen). Thats it !
The processor, memory, storage are not part of the modern computer. Neither are the applications, and the peripherals. They or their functionality can be found out there. Most of the resources are free but cost a lot (I will explain it later). Network, applications, compute power and storage can be found for free by resource providers. "blogger.com" is an example of application provider and so does second life (that offers interactive TV for the first time in history). One can broadcast to (almost) all the world (NBC, BBC, CNN - be aware!). And the same when my computer is connected to youtube, I am part of the international cross boundary cinema.
"But waht about business - they keep their computers restricted. You can never know what happens inside..." - Wrong again. When your application, calls Amazon to order books and software, they do some work for you.
As a matter of fact, Grid and SOA is all about outsource your IT !
"Does it mean fire my IT people in the long run ?" - Not at all. They will work on a different environment and provide different services. Any internet shop runs on part of Amazon, Google, Yahoo, etc. The business process (at last) is the main issue of the IT. No more self sustained systems.
So how much it costs ?
It costs in privacy! Visa probably knows better than the CEO of Internet based company how looks their cache flow! So does your telephony, electricity companies and your ISP. The post office and shipping companies knows almost everything about your business activity if you sell goods. They know when your business becomes bigger, when you have trouble, they even know when your company is on vacation (and only a few people left).
So we pay with privacy to have an unlimited compute power, storage, network, etc. and have almost infinite computers to run your small business on.
Is it for real ?
Monday, March 5, 2007
IPS/IDS and grid
Last week I sent an e-mail to one of the mailing lists that I am on about IPS and IDS systems. The difference is clear, IPS can prevent events that IDS detects. Those systems are in use for long time now. If I may add - unsuccessfully since after you have those systems installed you are not more secure.
You can get information about some threats - but what is is good for ? Probably for some cases where you can get the info about an attacker. Actually you can get more information but it still does not make you or your site more secure.
The problem is that they are not reliable. It is not due to programmer fault. It is the way those system works and the way of thinking! Up until now, the security personnel usually come from networking back ground. Since most of security threats come through the net, it is reasonably to ask the net people to take care of it.
There are (2) problems that I find in this concept:
- Network is only the medium and not the problem and if one agree to this statement, the medium can help to solve the problem but the problem should be found in an other place.
- No reasonable solution can be found without understanding the application protocol. Since a crook does not look like one, and if he does, it would have been easy to detect them. This exactly the same here. The information that goes from one point to an other looks legitimate. There are just a few cases (usually they are already exist in various formats for FW) where one can define an exact format of an intrusion packet.
IPS/IDS and grids
Since the grid is based on external users that use local resources, access from the net is natural. But - Is there a way identify intrusion process ?
Well - I think the answer is YES. It should be "Application based IPS/IDS". We are familiar with application firewalls which can (partially) analyze application data and block abnormal behaviour.
For grids we will need a firewall that can check grid abnormalities. It will probably monitor the following components:
- Compute Element - to check that the jobs submitted are valid. We may soon find out that a wrapper is needed protect the system.
- WMS (or RB) - the components that are looking for best matching sites for a job to run in and submit it to that site. There are additional functionality like "rewriting" jdl (which is the general job description language to the local batch queue system). In those cases it can start with a wrapper that can check that no harm will be caused.
Now it is time to design such system....
You can get information about some threats - but what is is good for ? Probably for some cases where you can get the info about an attacker. Actually you can get more information but it still does not make you or your site more secure.
The problem is that they are not reliable. It is not due to programmer fault. It is the way those system works and the way of thinking! Up until now, the security personnel usually come from networking back ground. Since most of security threats come through the net, it is reasonably to ask the net people to take care of it.
There are (2) problems that I find in this concept:
- Network is only the medium and not the problem and if one agree to this statement, the medium can help to solve the problem but the problem should be found in an other place.
- No reasonable solution can be found without understanding the application protocol. Since a crook does not look like one, and if he does, it would have been easy to detect them. This exactly the same here. The information that goes from one point to an other looks legitimate. There are just a few cases (usually they are already exist in various formats for FW) where one can define an exact format of an intrusion packet.
IPS/IDS and grids
Since the grid is based on external users that use local resources, access from the net is natural. But - Is there a way identify intrusion process ?
Well - I think the answer is YES. It should be "Application based IPS/IDS". We are familiar with application firewalls which can (partially) analyze application data and block abnormal behaviour.
For grids we will need a firewall that can check grid abnormalities. It will probably monitor the following components:
- Compute Element - to check that the jobs submitted are valid. We may soon find out that a wrapper is needed protect the system.
- WMS (or RB) - the components that are looking for best matching sites for a job to run in and submit it to that site. There are additional functionality like "rewriting" jdl (which is the general job description language to the local batch queue system). In those cases it can start with a wrapper that can check that no harm will be caused.
Now it is time to design such system....
Subscribe to:
Posts (Atom)