Link: Spoofing P2P
Link broken? Try the Wayback Machine.
Mention directory servers to the average person and you’ll get either a blank stare or a knowing look and a yawn. That’s because these servers, which manage lists of users on a computer network, play a decidedly prosaic role within corporate information systems. But as we enter the increasingly interconnected world of Web services, directory servers — newly dubbed “identity-management solutions” — will be critical.
First, let’s get the terminology out of the way. “Directory servers” are essentially glorified company phone books that list employees, departments, business partners with authorized access to your network, or customers with accounts on your corporate website. A directory server is like the person standing in front of a trendy nightclub with a clipboard, waving the VIPs in and telling everyone else to stay behind the velvet rope. (The firewall — and related security technology — is like the bouncer who makes sure no one crashes the party after having been turned away.)
The directory market is controlled by Novell’s eDirectory and Sun Microsystems’s Sun One Directory Server, with competition from Microsoft, IBM, and Oracle. Standardization of how directories store and retrieve information means that the market has become commoditized, and prices are extremely low — often, you’ll get a directory server for almost nothing when you buy other servers (say, Web and application servers) from the same vendor. Despite the standards, there’s no question that integration and maintenance are simpler for your IT staff when everything is on the same platform, so directories are a stalking-horse for the rest of a vendor’s line of servers. Scott McNealy and Bill Gates, chairmen of Sun and Microsoft respectively, “have the view that he who owns the directory owns the account,” says Scott Silk, VP for marketing at ePresence , a provider of directory and identity-management consulting services.
But tracking who’s who is getting more complicated. As Web services help companies become more and more interconnected, it can be a chore just to keep tabs on all the parties to a transaction. Therefore, directories are gradually evolving into more capable identity-management systems, which let companies track a whole range of customer, employee, and business partner identities — and make changes to those identities quickly when, for instance, an employee is hired or fired. Naturally, identity management is more expensive than mere directory services: ePresence typically charges between $250,000 and $500,000 to design, build, and manage a full-blown identity-management system.
What’s more significant, perhaps, is that identity-management systems are gradually gaining the ability to talk with one another through the infrastructure provided by competing Microsoft’s Passport and the competing Liberty Alliance project — a coalition of corporations, led by Sun, that released its first identity-management specification last week at the Burton Group’s Catalyst conference in San Francisco. Passport and Liberty simplify Web commerce by enabling companies to exchange information about their customers’ identities. For example, when you buy a plane ticket on an airline’s website, the airline may want to refer you to a particular hotel chain for a preferred rate. Instead of making you log in a second time once you’re at the hotel’s site, the airline’s directory servers could simply tell the hotel’s servers who you are and that you’ve already logged on to the airline site (or, in the parlance of identity management, that you have been “authenticated”). The hotel could then pull up its own records on your account.
If you’re starting to get a little nervous about consumer privacy, you should be. Microsoft says Passport will allow companies to share information about customers only if those customers have previously authorized it, and Liberty doesn’t yet support the exchange of consumer data other than individuals’ names and whether they have been authenticated. But there’s no doubt that such technologies will eventually make it easier for companies to share detailed customer data.
Before all this can happen, however, directories and identity-management systems need to get better at exchanging authentication information with one another. This process is under way, with standards such as the secure authentication markup language (SAML) and Web services security (WS-security) nearing completion. But it will likely be several years before the sharing of such information is truly seamless. In the meantime there’s a bewildering array of potential standards for your IT staff to choose from. For the near future, expect delays, kinks, and hitches in any identity-management project that involves sharing information with other companies or with directories in other parts of your organization.
For companies, however, exchanging identity information is a powerful boon, and it will be key to making business-to-consumer and business-to-business commerce flow more smoothly. After all, if you don’t know who you’re doing business with, how can you even get started? Directories, and now identity management, will help ensure that people really are who they say they are.
Link broken? Try the Wayback Machine.
Why switch a Mac? “My father used to beat me with his PC.”
Pity the vendors of online collaboration software. Companies such as eRoom, Intraspect, WebEx (WEBX), and even Microsoft (MSFT) (with its SharePoint products) have been trying for years to overcome the barriers of physical distance and eliminate business travel, with software that lets people in different locations work together without leaving their desks. But corporate America just hasn’t taken the bait. Business travelers continue to while away the hours in airport waiting lounges, nattering on their cell phones and running up T&E budgets.
But collaboration software does work well, particularly in niche markets like manufacturing, supply-chain management, and product development. Those may not be the most glamorous business sectors, but they add up — research firm IDC estimates that the “collaborative applications” market (that’s the technical term) will post $4.5 billion in worldwide revenue this year, even though many companies still face IT budget constraints and few are making big purchases right now. The fact is that online collaboration works best in situations where relatively small teams of people work together on well-defined tasks and need to solve problems quickly — often under such intense time or budget pressure that physical travel is impossible or impractical.
Take, for instance, a big merger. Hewlett-Packard (HPQ) and Compaq executives logged more than 500,000 hours in virtual work spaces during the months leading up to their merger. They used collaboration software from eRoom (www.eroom.com) to hammer out the details of bringing the two companies together — sharing things like legal documents, organizational charts, time lines, and budgets. The co-chief of HP’s postmerger integration team, Webb McKinney, called this work space the “nerve center” of the merger. The software costs $16,995 per server, plus $249 per user.
Hewlett-Packard had been using eRoom’s products prior to the merger, to manage its increasingly real-time supply chain and to communicate with overseas manufacturers. Like many Fortune 500 companies, HP has spent the past several years making its purchasing process leaner and quicker, in an effort to cut costs and respond more quickly to market changes. But the new supply chain demands lightning-fast response time. If a purchasing manager for the PC line notices a shortage of memory chips or disc drives, she needs to get more of them right away — or else the whole finely tuned manufacturing system could come grinding to a halt.
To prevent that, HP uses an online collaboration system that’s tied to its SAP enterprise resource planning system. When someone at HP decides to increase the standing monthly order for, say, hard drives, she draws up a purchase order in SAP and then clicks a button that pushes this information out into the eRoom work space used by the relevant supplier. The supplier picks up the purchase order, fulfills it, and sends an invoice back to HP — also via eRoom. Suppliers use the same work space to track HP’s stock of their products, monitor how efficiently orders are being filled, and communicate with HP purchasers in real time.
By increasing the responsiveness of the supply chain, HP was able to cut down on the number of purchase orders it processes each month and, more important, reduce the amount of parts inventory it has to carry, saving the company about $1 million every month.
Collaboration software won’t work in every business application. It’s just too hard to get people to change the way they work when you can offer them only vague promises of increased efficiency. But in certain niches, where the advantages of real-time online collaboration are clear, the technology already delivers some real bang for the buck.
Link broken? Try the Wayback Machine.