Web Service Certification

There are requirements placed on the deployment and provisioning of web service code into live networks. Security and Information Assurance (IA) concerns prevent the hosting of foreign code on servers of closed networks. There is tooling required to support the analytics of web service packages. Architecture, source code, and binary packages all need to be reviewed while creating a certification document for hosting approval.

Concerns by IA Staff for the hosting of web services

1. Steady state input/output
   
2. Network openings and vulnerabilities
3. Potential for secret back door
4. Failure modes

The approval to host a web service on a network boils down to two major decisions.

1. I analyze the web service design and implementation for vulnerabilities
2. I trust the developer, therefore I trust the service candidates
   

This approach can be used to push down certification to development enclaves. Service development shops can have in-house IA teams to provide certification statements along with service deployment packages. A network hosting facility will receive the package coming from a trusted development shop and deploy the service to the network with no questions asked.

For non-trusted or smaller development shops the service code would need to be submitted as part of the deployment package. The package would have to be analyzed and certified before live connection to the network would be allowed.

In either case tools to support certification of services are required.

Emergent Organization

A tenet of the Knowledge Management and Social Networking disciplines is that the true structure of an organization is not defined by the formal arrangement of staff into ckassic divisions and branches. There exists an unwritten informal shadow organization beneath the formal organization where most of the truly innovative and productive things happen. We all know the important secretary that everyone goes to when there is a problem or the craftsman that can fix anything even if 's not in his "division". This emergent social network within an organization self forms through information sharing and having good people who feel secure and positive in their roles within the organization.

These "movers and shakers" within a firm make up important nodes of business process and communications networks. The organization can be aligned and congruent with this informal network and result in a highly-functioning firm. However, there exists within todays business and society a pace of change that is unprecedented. The formal organization can never keep pace with the emergent network. Therefore a highly functioning firm should attempt to provide a fertile growth environment of living dynamic networks which track and even lead the tides of change.

7 Attributes of Highly Functioning Organizations:

1. People Search
2. Positive Organizational Attitude
3. Information Sharing
4. Knowledge Tools
5. Staff Embracing Strategic Vision
6. Time Available and Encouraged for Pet Projects
7. Dynamic Informal Communities of Interest/Practice

What I find interesting in the above material are the parallels with distributed functions and information within a globally connected network. There will be dynamically formed informal networks of high performing services linked with high value consumers. Kids can be found through Myspace and business contacts through LinkedIn. These are important nodes in an emergent network underneath the formally defined network of many organizations. Parallels between social networks and service networks within a Service-Oriented Architecture can be developed.

Remote Access

I am configuring the blog for remote posting through email. This will be used to send in thoughts using my Windows Mobile 3G cell phone. I would like to use an iPhone but the available old radio technology is preventing me from jumping on the bandwagon.

Blog Birth

This will be a home for random thoughts on my PhD work at Stevens Institute of Technology in Hoboken, NJ. Subject areas will include but not be limited to:

• Service-Oriented Architecture
• Network-Centric Operations
  
• Extended Enterprises
• Organizational Agility
• Knowledge Management
• Social Networking
• Information Sharing

This blog will be used to create a historical record of thoughts on course work, research ideas, new technologies, and interesting ideas discovered through my journey in dysfunctional enterprises.