Welcome!

Microservices Expo Authors: Pat Romanski, Liz McMillan, Elizabeth White, Mamoon Yunus, Jason Bloomberg

Related Topics: Microservices Expo

Microservices Expo: Article

Dion Hinchliffe's SOA Blog: How Can We Best Make "The Writeable Web" A Responsible Place?

Will Unforgeable, Non-Centrally Verifiable ID be the Future of the Writeable Web?

It was bound to happen, for sure.  We all love the concept of a two-way Web, where most online content is created and edited in a open, cooperative fashion.  Heck, many of us are actually pretty sure this is destined to be the future of the Internet.  However, unbounded openness can also be an invitation to private consternation, public embarassment, or worse. 

My recent post about  ways to make good social software, which describes some fairly well proven best practices, notes that you have to have certain barriers to participation or things can spin out of control.  Like they have apparently done at the Washington Post blog, where they publically shut all comments down on Friday, to some considerable uproar.  It does make you wonder that if a big, relatively forward thinking public icon like the Post can't control the writeable Web, what chance will other folks have?

Alex Barnett, a fellow member of the Web 2.0 Workgroup, feels however that making content on the Web even more easily editable and changeable is a desirable goal.  And I totally agree with him, this despite the fact that the more freedom and power to change things that you provide to the world at large, the more likely it will be misused.  It's a paradoxically double-edged sword: The more control you hand over to your Web visitors, the more control you need to exert yourself.


The Two Wa Web with Identity 2.0
Figure 1: Will techniques like Identity 2.0 help control the writeable web?


What we need is ways to encourage responsible use of the writeable Web, the abilities of which Web 2.0 software will only increasingly provide in the near future.  Not that it will stop the big guys from ongoing attempts to control content centrally, though it's unlikely to succeed.

What are the options?  Not many yet, but it certainly needs to be solved or legal resrictions like the recent full-blown federal prohibition on anonymous annoying messages might look like a cakewalk.   We have the ability to police ourselves still and provide de facto protection against the very mischievious conduct that our social software enables.  I encourage us to solve it before others come up with more hard-to-undo solutions using more traditional means (i.e. legislation and worse.)

While I don't have the answers, I do believe I have some starting points.  One is in forcing writeable parties to identify themselves in an unforgeable fashion.  If you want to comment on a blog or edit a wiki, all you need to do is identify yourself using a trusted digital ID.  Unfortunately, central ID validation mechanisms and authorities are strongly disliked for a number of reasons including lack of scalability (you try to reliably validate 1 billion Internet users' identity 20-30 times a day) and usage privacy (most people love the idea of unforgeable Web-based ID, as long as they don't have to give up their privacy every time they use it.)

Enter solutions like Identity 2.0.  I've written recently about Identity 2.0 and Dick Hardt and some of the great things he's been trying to do in this arena, but it may just be the answer.

Identity 2.0 represents a concept of identification that resembles an online driver's license or passport (see Dick's terrific, and visceral, presentation on Identity 2.0 here.)  If I understand it fully, Identity 2.0-compliant credentials can be shown to anyone and validated on the spot, without consulting a validating authority.

So, controlling anarchy on the writetable Web might be as simple asking that folks flash their Identity 2.0 credential right before they change something on the Internet.  This ensures their personal identity is attached to the change.  And creating a verifiable chain of evidence might be all it takes for people to act more responsibily.  Wiki vandalism, comment flaming, and other forms of anonymous mischief on the writeable Web may be eliminated forever when you know that your ID will be attached to it in perpetuity, affecting your hireability, possible suitability for public office, and more, forever. 

Of course, there will be attendance problems including a rapidly vanishing anonymity on the Web.  But that just might remain a nice artifact of being a read-only Web user.

What do you think?  Will unforgeable, non-centrally verifiable ID be the future of the writeable Web?

posted Sunday, 22 January 2006

More Stories By RIA News Desk

Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to [email protected] to share your product and company news coverage with AJAXWorld readers.

Comments (1) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
weston 01/23/06 07:07:25 PM EST

Thanks for the link. The conversation has continued on the sxore blog at http://blog.sxore.com/?p=15.

@MicroservicesExpo Stories
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down APIs. The four fundamental pillars of API Security - SSL, Identity, Content Validation and deployment architecture - are discussed in detail below.
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
In his session at 20th Cloud Expo, Chris Carter, CEO of Approyo, discussed the basic set up and solution for an SAP solution in the cloud and what it means to the viability of your company. Chris Carter is CEO of Approyo. He works with business around the globe, to assist them in their journey to the usage of Big Data in the forms of Hadoop (Cloudera and Hortonwork's) and SAP HANA. At Approyo, we support firms who are looking for knowledge to grow through current business process, where even 1%...
With Cloud Foundry you can easily deploy and use apps utilizing websocket technology, but not everybody realizes that scaling them out is not that trivial. In his session at 21st Cloud Expo, Roman Swoszowski, CTO and VP, Cloud Foundry Services, at Grape Up, will show you an example of how to deal with this issue. He will demonstrate a cloud-native Spring Boot app running in Cloud Foundry and communicating with clients over websocket protocol that can be easily scaled horizontally and coordinate...
IT organizations are moving to the cloud in hopes to approve efficiency, increase agility and save money. Migrating workloads might seem like a simple task, but what many businesses don’t realize is that application migration criteria differs across organizations, making it difficult for architects to arrive at an accurate TCO number. In his session at 21st Cloud Expo, Joe Kinsella, CTO of CloudHealth Technologies, will offer a systematic approach to understanding the TCO of a cloud application...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong...
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
Web services have taken the development world by storm, especially in recent years as they've become more and more widely adopted. There are naturally many reasons for this, but first, let's understand what exactly a web service is. The World Wide Web Consortium (W3C) defines "web of services" as "message-based design frequently found on the Web and in enterprise software". Basically, a web service is a method of sending a message between two devices through a network. In practical terms, this ...
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.