David L. Black, Web scientist

As
chief scientist for Internet strategies at the Open Group Research Institute, Black leads
the IT DialTone program. In his job, he sets standards to unlock the Internet’s
potential. Working with hot technology and having a view of the big picture is fun, he
said.


Black’s articles on computer and communications architectures and distributed
computing have appeared in academic publications such as IEEE Concurrency, the Journal of
Information Processing, IEEE Computer and Distributed Computing.


Black holds master’s and doctoral degrees in computer science from Carnegie-Mellon
University in Pittsburgh. He earned undergraduate and master’s degrees in engineering
and mathematics from the University of Pennsylvania.


GCN senior editor Florence Olsen interviewed Black by telephone from his office at the
Open Group in Cambridge, Mass.


GCN: What is IT DialTone?


BLACK: It’s about taking our expertise—gathering information technology
requirements, developing technologies, testing and branding—and applying it to the
Internet.


The Internet is becoming critical to the operations of government and business.
What’s needed is a profile of standards and technologies backed by a branding
program, so that when you purchase systems, you get assurance that they will work
together.


When you see the IT DialTone brand, you know it will work. We also need to raise the
bar on things such as security and quality of service.


IT DialTone is essentially about defining the framework needed to make this happen. We
can set the technical standards necessary for an end system to interact with the network.


Our role in the Open Group Research Institute is gathering the business requirements,
translating those into technical requirements and driving them forward in the technical
community.


GCN: How far along are you?


BLACK: We are developing the architectural reference model, which is an organizing
framework for the technologies. I hope we will be able to release that this spring.


GCN: What are some of the technologies?


BLACK: When you get into discussions of specific technologies, you get into what is the
right thing to do. We are doing research on object and component models, which are
critical for supporting application development. But I don’t have to tell you about
the kinds of firefights that occur among the vendors in that area.


We’re not interested in taking sides in the Common Object Request Broker
Architecture vs. Distributed Component Object Model vs. Java wars. We are interested in
supporting work that produces interoperability so that when a government organization, for
example, makes development decisions, it doesn’t become locked in and cut off from
some other parts of the world.


We now have an object request broker test suite, and we will have a branding program to
go with that.


We would like to guarantee interoperability and get engineers working on extensions
that add value rather than tinkering with the basic technology to lock users into their
products.


GCN: How would you describe the IT DialTone architecture?


BLACK: It has three layers. The top layer is where the applications live. We expect to
see technologies migrate over time from the top layer down into the middle layer as people
rely on them more.


E-mail has almost certainly migrated to the middle layer. You have many applications
now, for example, that require e-mail services to get something else done.


The middle layer provides services for distributed computing, things such as security,
management, information flow control, location and naming services.


The third layer is the foundation layer in which you find the basic network
communication protocols and the environment where the application executes. One of the
things we’re doing there is to work with the Internet Engineering Task Force on
standardizing an interface to the Resource Reservation Protocol, or RSVP.


GCN: What’s missing?


BLACK: Most of the technology already exists. What’s missing is consistent
deployment and infrastructure support. We


What’s
more


don’t need to go off and invent a new cryptographic algorithm, for example. There
are cryptographic algorithms that work just fine.


Management is a similar story. People are starting to realize that having a consistent
management framework is important. As more technology gets deployed, we don’t all
want to turn into network administrators.


GCN: Is agent technology the answer?


BLACK: Agents are one possible approach to management, but there are others. You
already find Hewlett-Packard Co. and IBM Tivoli Systems Inc. putting out management
applications that have a great deal of visibility into what they manage. Those
applications don’t use agent technology. They use a consistent set of interfaces.


GCN: What else is missing?


BLACK: Some emerging technologies use client-side resources and logic to increase an
application’s availability and reliability. The vendors delivering highly reliable
servers today talk about making servers that never crash or about linking together a set
of servers so they never break.


The Internet makes it possible to bring the client into this equation. The client runs
code so that it participates and actually improves availability. That’s something
we’re researching and developing here in the Open Group. It’s very new.


Another area where new technologies are needed is Web transaction processing.
We’re looking for technologies that can in essence punch through the server and
interface to databases and do transaction processing over the Internet.


GCN: What will it take to secure the Web?


BLACK: People understand what a security certificate is, but more work needs to be done
on adding distributed authorization to those certificates. Right now people look at a
public-key X.509 digital certificate as an identification certificate. What is missing is
the ability to add authorization information to the certificate.


Once you put this authorization information into the certificate, you’ve reduced
the complexity for the parties trying to figure out what they can and cannot do.


GCN: When do you expect to see IT DialTone
become a reality?


BLACK: I hope to see the initial results sometime this year. I hope by late summer we
will be able to talk about specific technologies in the foundation layer. Some of the
choices are obvious. IP, for example.


GCN: Will IP Version 6 be required for IT
DialTone?


BLACK: Right now IPv6 is a research technology. I don’t think the transition is
going to happen quickly. IPv6 has some interesting advantages over IPv4, but I think what
will drive the transition will be the threat of actually running out of IP addresses.
We’re a good five years away from running out of IPv4 addresses. IPv6 does a
number of things better than IPv4.


The real issue is market acceptance. What will drive people to start converting
wholesale from the current infrastructure to an IPv6 infrastructure is not technical
superiority; it’s address exhaustion.


We need to raise the bar
on Net security and quality of service.


GCN: Why hasn’t the Open Group’s
Unix 95 branding program achieved more visibility in the marketplace?


BLACK: Most system vendors are signing up for Unix 95 branding, but they are using
their own product branding to sell their operating systems. Unix vendors are jockeying for
share in a consolidating market. The Unix 95 brand really is not a competitive weapon in
that jockeying for position. Unix 95 is a minimum set of standards that all Unix systems
should adhere to, and most of them do.


GCN: How much value does the government get
from inquiring whether Unix 95 is in there under the covers?


BLACK: The government gets the assurance that the interfaces it expects to be there are
there and that they will behave a certain way. This assurance is especially valuable in a
multivendor systems shop. It means that a programmer who knows how to program a
Hewlett-Packard HP-UX box also knows a great deal about how to program an IBM AIX box.


The applications will be portable. But porting applications among Unix variants will
still require some work, and that isn’t ever going to change, unfortunately.


The documentation from the Open Group shows you where the interfaces are common and
where the differences are.


GCN: To what extent does the federal
government have a say in the Open Group?


BLACK: The government has a fair amount of input in our Open Group member meetings.


Also, a significant chunk of the research is supported by federal grants—mostly
military money.

inside gcn

  • security compliance

    Security fundamentals: Policy compliance

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above