Trevor, thank you for taking the time to do this interview.
Q1: Trevor, can you elaborate on SOA (service oriented architectures)?
A: SOA, with its use of mainframe-based applications such as those running under CICS, is merely part of a growing trend to link everything and be able to run it from anywhere. This is something that we'll be seeing a lot more of over the next few years. And with it comes huge security implications.
Q2: Can you comment on these security implications?
A: The one good thing about mainframes was that you could control who could access applications and data files. Plus, you had a complete log of what had happened. This made them very secure, and, of course, the reason they are still used by banks, insurance companies, and anyone else dealing with money, etc.
The problem with SOA in terms of security is that anyone could gain access to applications and files from a browser. That browser could be running on a computer anywhere in the world, or in fact, could be running on any intelligent device. I can access the Internet from my phone and so can anyone else with the appropriate model mobile phone. Sites may want anyone to be able to access some data – perhaps check their name and address – but restrict access to changing data. However, once security checks are put in place, it can get very off-putting for the user. Think about the last time you used online banking. It’s convenient to get a balance, see whether a cheque has been paid in, make a one-off payment, but it is really irritating to type in all the numbers that prevent others accessing your account. That’s part of the balancing act that companies are going to face. It’s convenient to let people use the applications, but there has to be a way to ensure that the correct person is doing so, without making it so difficult for them that they don’t use the facilities offered.
Part of the answer to the security challenge will come from the increasing use of the Integrated Cryptographic Service Facility (ICSF) on mainframes and, of course SSL. There’ll also be greater use of Enterprise Identity Mapping (EIM) as a way of mapping installation-wide user identity to a local platform.
Q3: What estimates do you forecast for SOA’s penetration into large enterprises and expound further how it will impact enterprises? Can you share some examples with us?
A: All the major software companies have been talking about SOA for a couple of years now, and each can give examples of customers who have taken the plunge. An indication of how active this area is at the moment is the number of mergers and takeovers. For example, Progress Software recently bought NEON Systems. NEON had a number of products containing the word “Shadow”, like Shadow zServices CICS, which are SOA products. NEON itself had not long before acquired Clientsoft. Attachmate and WRQ formed AttachmateWRQ. Seagull took over SofTouch. Other companies worth keeping an eye on are IBM (obviously), Jacada, NetManage (with their Librados connectors), IONA, and Attunity.
Because there is an advantage to companies who already have mainframes to make the information more easily available, there will be a huge growth in the use of SOA in the next two or three years. It offers all the advantages that were suggested all those years ago for client/server systems.
It’s also worth keeping in mind that CICS TS 3.1 can also work backwards! What I mean by that is CICS can also act as a Web service requestor as well as a Web service provider. This means that CICS can make use of Web services provided on other platforms and hugely extends the services that users can enjoy. Of course, it makes security even more of an issue.
Q4: Where do you see outsourcing positioned within the next three years and what are the reasons for this?
A: Outsourcing will continue to grow. It is often the most economic way for medium-sized companies to run their computer-related business. It allows them to offload the security responsibilities as well. By that, I mean not only ensuring that the right people access the applications, but also the back-up/restore responsibilities and the off-site back-up responsibilities etc. Smaller companies probably can’t afford outsourcing company prices. Larger companies will find the cost/benefit ratio is one that oscillates in their favour and then away again.
Q5: What are the major challenges and their solutions behind today’s compliance issues?
A: There used to be a humorous saying that standards were so important you could never have too many of them. And, yet again, the IT industry finds itself in the same situation. It is important that all companies comply with certain regulations. And it is important to any company that it is following best-practice in the industry. This stops it being uncompetitive and should prevent any fraud cases being brought – and there have been some high-profile fraud cases. It does seem to lot of people that more time is being spent complying with standards than actually doing any business. More time is spent ticking boxes than actually performing productive work. The other compliance issue is that what is suitable for one size company in one industry may not be completely suitable for company that’s a completely different size in a different industry sector. It sometimes seems that compliance issues are ways of keeping a variety of consultants in paid employment rather than moving the business forward.
Q6: How should we clean up the Internet?
A: An interesting question… Do we need Randolph Scott to ride into town and clean it up? The Internet is a reflection of life. There is so much useful information out there and yet there is so much that most people would want to avoid it most of the time – like any major city. Cleaning up the Internet is probably only possible if we clean up human nature – and that’s not possible. Like moving through a large city, the only way the Internet will be safe for ordinary families is if everyone looks out for everyone else. If you find something you’re not happy to see, then report it. Maybe an ISP didn’t know it was supporting that kind of site and will get rid of it. If the seamy side of the Internet is moved into its own ghetto, then people can make a choice whether they visit. It removes the likelihood of stepping into something unpleasant. And that’s probably the best we can do.
Q7: Comment on developing new systems versus updating legacy systems?
A: First of all, let’s define a legacy system. A legacy system is any system on any application that is no longer under development. So that system could have stood the test of time and been in place for 20 years, it could have been running for two years, or it could have been finished last week. It doesn’t have to be mainframe based; it could be running on Linux boxes, or Windows.
The argument that usually plays out when these discussions take place are whether to re-invent the wheel and face the costs of developing a bespoke new system that does everything that’s required on today’s platform of choice. Or, try to plug in some new bells and whistles on to a lumbering old dinosaur that does exactly what it’s expected to do.
The UK Government is regularly talked into developing new systems, which are always over-budget and frequently useless.
With the development of SOA and Web services, it seems foolish not to make use of mainframe-based applications that already exist and are appropriate. Where they aren’t appropriate, then developing completely new applications seems to make more sense. Each project has to be evaluated on its merits. Care must be taken that people’s prejudices and expertise are clearly identified before the discussion starts.
Q8: What are the most challenging software issues for 2006 and 2007?
A: The big software challenge is still security. Apart from the annoyance of viruses and malware, (spyware etc), and the need to have suitable safeguards in place, we’ve recently discovered that many companies are making use of root-kits to get in under the operating system radar. Root-kits have been found on Unix boxes and Windows machines (but not mainframes!). They are basically software that is hidden on the hard drive and are able to run without being detected. Sony apparently installed a root-kit when their CDs were played on a computer. They claimed it was to stop the CDs being pirated. After that, Norton revealed that their SystemWorks product also used a root-kit. Both companies claimed they did it for our own good! The question is how many other companies have done it – for our own good? How many other root-kits are there that aren’t up to any good at all? And why didn’t Norton, or any of the other anti-virus applications that we pay a fortune for, identify that our computers were being attacked by root-kit software.
Spam will continue to be an issue. When you check your e-mail and find that 49 of the 50 messages are spam, you know it’s time to do something. What to do is still not sufficiently clear.
VoIP will over the next year or so become commonplace. For years we’ve been predicting its imminent arrival – and now it’s here. With so many people using broadband connections it’s very easy to talk using Skype (now owned by eBay), or even with MSN – using a Web cam and a microphone. I’ve done it myself to Canada, and have even interviewed someone in the USA for a job in the UK using it. It will be everywhere.
Voice control technology will break out of the “Help Centre” and turn up all over the place. Voice recognition software will make it easier to perform mundane tasks and will soon find its way onto everyone’s computer.
Q9: What are the most challenging hardware issues for 2006 and 2007?
A: Hardware – as always – has got to get smaller and faster, and batteries have got to get smaller, lighter, and last longer. No computer has enough USB or firewire sockets for all the things that you can now plug in to your laptop.
It’s likely that computers (of all sizes) will move to retinal scanning or hand-print recognition rather than passwords. This will start with the most secure terminals and gradually drop in price so that everywhere has them. You’ll just expect a biometric scanner next to a PC or terminal.
Disk drives will have a smaller footprint and larger capacity. Removable memory will almost disappear because everyone will use their mobile phone to transfer data from one place to another.
Bandwidth will still be a problem. As more people have broadband, everyone will expect high-speed networks and the landlines will be pushed to the limit of their technology. All that dark fibre that was laid down years ago will all be transmitting data at its maximum capacity.
Q10: Share your views on “Software as a Service?”
A: Software As A Service (SAAS) means that the software is installed and run locally, but automatically maintained and updated from the provider’s central servers. It’s an example of the ‘serviced client’. This is exactly what you want for your anti-virus software, your anti-spyware software, and your PC operating system. It means that you are always running the latest version of the software with all the bugs fixed (until tomorrow!). It’s an example of push technology and it seems like a good thing. It means that users don’t need to worry. It does mean that users without an Internet connection are going to be left behind.
Q11: Where do you see mobile and wireless computing evolving?
A: Wireless and mobile computing is definitely hot. More and more town centres are offering free wifi hotspots along the length of the high street as a way of encouraging businesses. This trend will grow. Companies like Fon are also going to be successful in the short-term. Fon has three business choices for people with wifi in their homes. Basically you can sell part of your bandwidth to passers by. Or, you can make your spare bandwidth free and have free access from other Fon users wherever you go. The model has been successful, apparently, in Spain. And is certainly and interesting concept.
Personally, I want my mobile phone to use my home broadband connection to make calls and access the Internet when I’m at home. And I want it to do the same when I’m in the office (and even when I’m in somebody else’s office).
Q12: What do you make of Web 2.0? What are the key technologies and forecast their impact on enterprises and consumers?
A: Web 2.0 grew from an idea that, although a number of headlining dot-com companies had failed, the Internet really was very successful. I’m not sure anyone has a clear definition, but everyone somehow “knows” what it means. It’s a way of saying “the next generation” and tends to involve Web services and people combining two or more applications to make something new and exciting – like using Google map to show the area around where you live and another application to show the best pubs, location of taxis at this moment in time, where your children are (well not really that last one, but it might be useful!).
For most consumers, this combination will just creep up on them and the whole thing will be taken for granted.
Coming out of Web 2.0 you get the growth of RSS feeds – which seems really good that you can see which news stories are of interest to you as they happen. It’s also led to blogging! Weblogs can be useful, if people know what they are talking about and have something interesting to say. Sadly, the majority are written by people with little of interest to say, but lots of spare time.
Q13: Will IT be on the upswing in the next three years?
A: It will struggle to meet a combination of people’s expectations with the growth in SOA and Web applications and the need to conform to all the standards being imposed. It will be twice as hard for companies working in the USA and Europe as they will have to conform to similar, but different standards in the two geographical areas.
Q14: Where is RFID heading in 2006 and 2007? How will it impact corporations?
A: RFID is predicted to be everywhere. It will be embedded in the clothes I wear and the food I buy. I’m not sure how happy I am about that idea. A RFID tag on every letter or parcel I send seems a good idea. A tag on my cat so I know where it is seems occasionally useful. Perhaps a scanner that can tell me when a tin of beans is getting close to its best-before date could be useful. But some of the stories about RFID everywhere can be put in the same pile as the microwave oven connected to the Internet story.
I’m not really sure how much impact it will have on a typical company – whether there will be any more useful information available than before. It just might take up more disk space to store the information.
Q15: Time for some light questions: What is your favourite gadget?
A: My phone has got to be my favourite gadget – it’s a Sony Ericsson p910i. It does all the usual phone things (make and receive calls, send SMS and MMS messages). It can take photos and videos, and it’s an MP3 player. It can read Word and Excel files and PowerPoint presentations. It’s also got a PDF reader. It has bluetooth. It has handwriting recognition. I also run Route 66 on it. Route 66 links to a GPS receiver and plots journeys for me and shows the route as I drive along. It’s got GPRS as well, alarm clock, jotter, games, and a host of other goodies.
Q: Trevor, thank you for sharing your valued experiences with us.
A: You’re welcome.
Copyright Network Professional Association® 1994-2020. All Rights Reserved.
NPA Privacy Statement