DevEX - reference for building teams, processes, and platforms
Externalization Trend
1. Externalisation – The Next Principle for Information Sharing?
Can We Apply Web Principles to Corporate IT?
The Open Group Enterprise Architecture Practitioners Conference
Paris, France ~ 23-25 April, 2007
Nigel Green, Capgemini UK
3. Blah, blah,
What I'll be talking about today…
Define what I mean by externalisation
How we might think about business information when we put 'externalisation'
front of mind
Provide an example of an externalised approach to Information Sharing with
UK government
Provide a high level point-of-view on what I see as the critical externalising IT
enablers and trends
Illustrate why I think this topic is business relevant and immediate
Leave you with some ideas, emerging patterns and a number of unanswered
questions!
What I won't be talking about...
Zzzz.
...RDF/OWL, WS and Ontology (well not much anyway!)
...Or Open Group Standards (you're the experts)
3
4. What’s different Today?
There is the fundamental difference between the way the Web works and traditional
enterprise IT systems:
•The Web starts with the premise that any resource can be used by anyone for any
purpose
•Traditional Enterprise IT systems starts with a constrained, internal, perspective -
usually in support of specific processes.
Externalisation is about bringing these two worlds together to meet business needs
for ubiquitous information sharing.
Externalisation is about the deliberate application Web patterns and approaches to
Enterprise IT to address business information sharing needs more effectively.
Externalisation is not focused on replacing traditional IT systems per se, rather it is
focused on implementing coarse-grained, loosely-coupled and broadly sharable
information within and between business domains.
The Opportunity: many of the standards and tools are available to make Externalisation a viable and
business relevant approach.
The Risk: Businesses are seeing their employees are already ‘Externalising’ using ‘Shadow IT’.
4
5. What do I mean by ‘Externalisation’ in the context of corporate IT?
Externalisation:
Breaking apart the concepts of applications and databases to expose the
business-meaningful parts of an Information System and, at the same time,
making tacit, human, knowledge and behaviour explicit.
Integrating externally owned information sources and services of value to the
Business Information System
Consuming and publishing meaningful events within and outside the enterprise
5
6. A picture of Externalisation
The access to information and
4 1
Information
2 communities on the Web by
Services
organisations and the people
within them
Collaboration with people and
2
1
visibility of events (process
state changes) outside the
enterprise
Ubiquitous Event visibility
3
within the enterprise
5
The use of external information
4
and data processing services
3
by people and corporate IT
Web Enterprise Enterprise IT
Applications
The opening-up of data from
5
within corporate applications –
for sharing within the
enterprise and, selectively,
beyond
4 Processing
Services
6
7. Brains, Buckets, Boxes and Buildings
Information relevant to the business is held in various 'containers'
within the business
The heads of employees
data buckets
filing systems
Business information
systems are inherently
'internalised’ within these
and offices containers..
7
8. Information Containers
Highly Internalised Highly Externalised
Container:
Container: Container:
Applications
Container: The Organisation Web Communities
& Databases
Human Brains
The Web
8
9. The Nature of Each Container Affects Its Content
Highly Internalised Highly Externalised
Container:
Container: Container:
Applications
Container: The Organisation Web Communities
& Databases
Human Brains
The Web
Technology
Creativity Web Standards &
Corporate
Translation
Perception Ubiquitous Access
Values, Privacy,
Structure &
& Selective Self-regulating
Policy &
Binding
recall Communities
Regulation
Each type of container has an affect on the information held within it..
9
10. Information is only understood within the context of its container
Highly Internalised Highly Externalised
Container:
Container: Container:
Applications
Container: The Organisation Web Communities
& Databases
Human Brains
The Web
Useful Information
Only 10% of
and services might
business process
Shadow IT is Applications & be out there….
Information is
used to Databases are automated by IT –
Is my business
support gaps built to meet limited Corporate
visible to these
in corporate IT vertical needs visibility
communities?
Outcome: Information Exhaust & Corporate Blindness
10
11. Externalisation: An Approach Re-shapes the Business Systems Container
Highly Internalised Highly Externalised
Container:
Container: Container:
Applications
Container: The Organisation Web Communities
& Databases
Human Brains
The Web
Container:
Externalised Business Systems
Dissolves the barriers between internal containers by adopting external
information standards and technologies focused on the information rather than
function
11
12. A new Architectural Style for expressing desired Business Outcomes?
An Architectural Style that focuses on:
• The analysis of the behaviour of people and organisations and their interaction with information
systems
• Real world events, content and policies
• Values of people and organisations and their trust relationships
• Freeing-up analysis activities from engineering rigour (which should come as a second step) – thereby
helping decision makers
• User adoption approaches from the outset thereby materially increasing implementation success
• Business outcomes and communication to business stakeholders to aid decision making
processes – contrast with engineering tools (business process and IT)
A style that is complementary to necessary and proven methods for process and IT design,
for example:
− Enterprise Architecture frameworks and methods (e.g. TOGAF, IAF, Zachman)
− Process Design frameworks (e.g. IDEF, SCOR etc)
− IT Solution Design frameworks and methods (e.g. RUP, Package specific design methods)
We believe this style is based on 5 simple, abstracted, analysis dimensions:
Values, Policies, Events, Content and Trust
12
13. Focusing on VPEC-T: Externalisation Within the 4 Walls
Externalising the key
aspects of the
Information System e.g.:
Business Events
Content & Dialogues
Policies & Contracts
Values, Outcomes &
Goals
Values Values Values
Policies Policies Policies Trust Models & Profiles
Content Content Content
Events Events Events
Trust Trust Trust
Focusing on these aspects as discrete, re-usable, information components
xxxx
creates the foundation for externalised information sharing across the business
13
14. Focusing on VPEC-T: Externalisation With the World
The Web
Values
Values Values Values
Policies
Policies Policies Policies
Content
Content Content Content
Events
Events Events Events
Trust
Trust Trust Trust
And increases the ease of interaction with the outside world
14
15. VPEC-T: The 5 key focus areas for Externalised Information Sharing
Dimension Applying emphasis and techniques to:
Focus on understanding the values and desired outcomes of both the individual and the business, and the values of
Values individuals and businesses you interact with. Values can be thought of as constraining beliefs (e.g. ethics) and
goals (e.g. desired outcomes)
Focus on the broad range of mandates and agreements such as internal policies, law, external contracts across the
Policies business; the rules that govern and constrain how things get done.
Focus on the real-world proceedings that stimulate business activity – sometimes in a pre-defined sequence but
Events often not. These are the triggers for action.
Focus on the documents, conversations or messages that are produced and consumed by business activities. These
Content are the dialogues we use to share a plan, a concept, a history and/or the details of a person, place or thing.
Focus on fostering trust between all parties engaged in a system of value. Trust changes over time, and
Trust understanding and fostering trust relationships are critical to useful IT. Values will be more authentically
disclosed and more values will be declare the deeper the trust relationship. Trust can be defined as Trust =
Intimacy + Credibility / Risk.
Using business language to discuss these 5 dimensions enables the business to
express an Externalisation agenda – and the output is also meaningful to IT
specialists. 15
17. The UK Criminal Justice Exchange
The Exchange provides national operational services
for information sharing to a federation of Criminal
Justice Organisations, other government
departments and external practitioners.
Today, the Exchange processes around 2 million
messages a month and provides secure
application access to hundreds CJS users
The Exchange is secure information sharing
environment run by CJIT
The Exchange is being built to a Managed Service
vision which emphasises capability re-use and
rapid deployment and business process flexibility
through user configuration
This is the story of how we applied innovative approach to the business and technology
challenges faced by CJIT
17
18. An Example Future Process Supported by The Exchange
Investigate Arrest & Review & Prepare for Court Hearing Justice &
1 2 3 Charge Suspect 4 5 6 7
Incident Pre-Charge Prepare Case Hearing & Outcome Rehabilitation
The Criminal Justice ‘Supply Chain’ is a combination of many such
processes
18
19. And the bigger picture – a ‘Web’ of connected Information Sources
• Report
• View
• Alerts
C r i m e P r e v5 e n t i o7 n
1 2 3 4 6
Beyo2 d
n the C r i m4i n a l J u s t i c6e Sys7em
t
1 3 5
19
20. A 10 Year Journey – From Messaging Hub to CJS Web Platform
The Vision
The
Exchange
r
1 2 3 4 5 6 7
o
• Alerts
• View
• Report
Ch
arg
e
1 2 3 4 5 6 7
g
Su
spe
ct
The
Exchange
20
21. The Exchange Services Architecture – Channels and Configurable Services
Today, The Exchange offers
Browser
messaging, file transfer and
portal channel services are being added ..
New channel services
E.g. Data Access (demonstrated in the
Proof of Concept )
MSG
In the future, The Exchange will
offer new channel services
such as RFID and Voice and
others…
Browser
RFID
The
Exchange
MSG
Overtime, a range of common
platform services will become
customer configurable. Many of
BPEL
Route
these services are in
Interpret External
WS
development today.
Discover
Transform Publish Work Flow
21
22. The Exchange Services Architecture - the journey to a ‘CJS Web’
Browser
The Exchange can be configured to store
XML documents (e.g. Events & Content) on
MSG any authorised government server.
This will provide the foundation for an
incrementally developed Criminal Justice
“Semantic Web”- The CJS Web.
Collectively, these
configurable services will be Browser
RFID
The
the basis of future Composite
Exchange
Application Services
MSG
Business
Events
Business
BPEL
Route
Interpret Content
External
WS
Documents
Discover
Transform Publish Work Flow
22
23. Events – The focal point of Externalised Information
Systems?
24. Three ‘Event-Driven’ patterns – Business, Academia and Technology
Global Parcel Tracking Systems
• Federal Express, DHL, UPS
• Standardised Checkpoint messages – Business Events
• Advanced use of Barcode Technologies
The X-Internet and CEP
• Original concept from MIT
• Adopted by the AutoID/RFID tagging community - EPC Global
• Complex Event Processing – Professor David Luckham at Stanford
• Real-time Business Activity Monitoring
Web 2.0, SOA, and Agents
• Events-trigger News Feeds - Real Simple Syndication (RSS Feeds)
• Events trigger services in a SOA and/or SaaS model
• Real-world events provide triggers to Software Agents to profile, analyse and
make inferences
24
26. Events can be imprecise - Freedom from Data Model Dictatorship – Part I
Fuzzy and Precise Events:
Events can be regarded as both highly structured and precise and highly unstructured and
imprecise messages within a common Event ‘envelope’ (general structure).
For example, a movement tracking system may receive highly structured signals from RFID or
GPS devices which are then converted into equally structured human-readable business events,
But the same system might also receive much more unstructured Event information, possibly
capture a ‘text’ message on a mobile phone that might alert of a delay caused by heavy traffic.
Business-meaningful Events are simply
Planned and Unplanned
Events events that would be useful to know
about – however imprecise!
It’s better to know that someone called
Missed Call:
me even if I don’t have their details in my
From Joe at 10
AM mobile phone (the phone’s ‘data model’
Events may be expected or unexpected
Missed Call:
From 01777
23456 at 11
AM
Should the emphasis is placed on the value to the human consumer as opposed to
information engineering rigour?
26
29. Useful ‘Shadow IT’ is more accessible
and is more often outside the ‘four walls’ of corporate IT
User creativity has been
constrained by the technology
available to them…
“Mequot;
Mainframe
Departmental
And the information resources
I can personally access… Networked PC
Web
This creativity has probably been a blessing in the past, however…
Might personally useful information networks and services take Shadow IT further outside the enterprise?
As users access more of these information sources and services are there increasing security, content
pedigree and legal implications?
Is this a present issue for corporate governance?
29
30. Web 2.0 – Emerging Patterns in the Consumer Internet
Mass Peer
Publishing & Others’
Review Resources as
Dynamic Self- Platform
Organising
Communities
Web 2.0 – The
Monetising
Web as the
The Long Tail
Platform
Bottom-up
Emergence
not Up-front
Design
Citation,
Tagging not
Authority &
Taxonomy
Referencing
“The User Controls Their Own Data”…
30
31. Direction of Travel - Web Epochs and Enterprise IT
Web 1.0 Web 2.0 Web 3.0+
“the widely read-only Web” “the widely read-write Web”
The coming together
of Web and Enterprise IT?
externalised
enterprise IT
The Web is now evolving to be the
Platform of Reuse and Participation
From Islands of Information to a
Communities of Information
Will we see similar patterns in
Enterprise Information?
Original Source: Dion Hinchcliffe http://web2.wsj2.com/
31
33. Relevant Web 2.0 Pattern: User-Provided Tagging or –
Freedom from Data Model Dictatorship – Part II
The step beyond Google’s word-matching
• without resorting to taxonomies
• and without waiting for the semantic web
Is User-provided Unconstrained Tagging (referred to as
‘Folksonomies’)
• Not enforcing the originator to capture everything that might be
needed
You can then exploit patterns in Tags / ‘Tagclouds’
But it can only work if the participant is incentivised to take part
• E.g. Del.ici.ous bookmarks, Flickr Photo Organisation
What might this mean for Enterprise Information
Sharing?
Where would user-organised information be
useful, and how would users be incentivised to
participate?
33
34. SOA, REST and Information-as-a-Service
Grown-up SOA?
Information-as-a-Service:
Can the maturing SOA “… approaches information integration in loosely-coupled,
frameworks combined with REST coarse-grained, asynchronous in manner that seeks to avoid
the requirements of comprehensive data modelling prior to
styles and Information-as-a- integrating them”
Service approaches provide the
- Ronald Schmelzer
‘fabric’ for the externalisation
agenda?
REST
• To mediate this ‘publishing,
citation and emergence’ ? Representational State Transfer is intended to evoke an image of
how a well-designed Web application behaves: a network of web
• Dynamically managing the pages (a virtual state-machine), where the user progresses
metadata and the routing through an application by selecting links (state transitions),
resulting in the next page (representing the next state of the
• Using Policies, Events and
application) being transferred to the user and rendered for their
Content rather than Top-Down use.”
Decomposition - Dr. Roy Fielding
Could an Externalisation Agenda be the, business relevant, ‘Killer app’ for SOA
and provide the business rationale for REST and the Semantic Web?
34
35. Externalised Identity driven by the ‘On-Demand’ vendors
OpenID
OpenID is a lightweight, decentralized identity system
that provides web single sign-on. We have merged the
technology and use cases of the Simple Extensible
Identity Protocol (SXIP) and Digital Identity Exchange
(DIX) into the OpenID 2.0 specifications. OpenID 2.0
features include improved extensibility, increased
security, substantive identity data attribute exchange
abilities, and third-party signed assertion capabilities.
Identity 2.0
Identity 2.0 is an open, standards-based, yet
fundamentally decentralized identity model. First coined
by us in January 2005, Identity 2.0 describes the
concept of an ID that can be trusted and used anywhere
and requires no centralized consultation with the ID
authority that issues the credential.
Will adoption drive an externalised approach to user authentication and single
sign-on?
35
36. Ubiquitous Identity -Recent thinking from MIT
U T R I - Unified Theory of Relativistic Identification of Information
Convergence of Unique Identification with Syntax and Semantics through Internet Protocol version 6
By Dr. Shoumen Palit Austin Datta, MIT
“The suggestion here is to use the 128-bit
IPv6, a scheme that already at hand and
being deployed, gradually but globally. This
may be the “one-size-fits-all” hyper-id that is
unique.”
“Think IPv6 as the solution that is preagreed
for global adoption. Think about contextual
relevance of data and how to “number the
numbers” but especially how to route
numbers (data) which may be identical but
with different identities.”
What are the possibilities for externalised information sharing if we can uniquely
identify objects and people, within the context of processes, globally?
36
37. Will Externalised Information Sharing become BAU?
Event
Identity
Processing
Management
Standards
Standards
SOA
REST
Folksonomy Ontology
What might be the effect of the combining such ‘externalising’ technologies and patterns?
Could they, in combination, be the foundation of a truly business-enabling Semantic Web ?
37
38. Externalisation Agenda Guidelines for Enterprise Architects
• Discover the need - Consider a new architectural style (such as VPEC-T) for
defining and agreeing an Externalisation Agenda with the business
• Explain why - Help the business see the value of an externalised approach –
develop the story that explains how SOA/REST/Web 2.0/3.0 etc. support the
businesses Externalisation Agenda
• Prove it early - Start small and think coarse-grained. Be pragmatic &
incrementally build to a long-range vision
When people converse we externalise information naturally – we can bring
this concept to the IS we use and in doing so, make it easier for businesses
to consume.
Should businesses be working on an Externalisation Agenda now?
38