The future of networked collaboration

The future of networked collaboration looks bright. Faster networks, bigger disks, and multi-core processors all act synergistically to make possible collaboration without boundaries. I spent a lot of time on this subject during the development of the Fossa Project (announced by Novell several weeks ago). More local storage that can be safely shared with a collaboration team and the future availability of cheap “cloud storage” will allow more collaboration content to be available to teams and cached locally for off-line access. The big thing that is still missing is an interoperable notion of identity that can be relied on and associated with more than just users.

Dale Olds has said much (and I’m sure will continue to say more) concerning identity and the user’s control of identity. These notions along with standards (e.g., SAML) and community initiatives (e.g., Information Card Selector) and identity products (e.g., Novell’s Access Manager and Identity Manager) are moving us toward a day when networked collaboration can be used safely and readily.

One of the first things we will need is a way to associate both identity and usage rights with a file. We need to be able to establish file ownership and allow the owner to assert usage rights to govern the use of the contents of the file. We all expect a file to have a location and name (for example, the words you are currently reading have a location and file name that WordPress used to access the content for display). In the future (I hope it is a near future) we should expect files to have an identity with declared usage rights that are honored and enforced everywhere the content is referenced. This would allow a collaboration team gathering place to be created “in the cloud” with associated ownership and usage declarations. For example, a file which had a usage stipulation “Eyes only: Novell” (notice we need a rights markup language as well) would not be uploaded to a collaboration gathering place with a “Eyes only: unbounded” stipulation. They are incompatible. One is a gathering place for everyone (”unbounded”) where the file is confidential to Novell.

Additionally, files should be marked so that privacy issues are enforceable. Fore example, medical records are constrained for use by regulations in many countries of the world. If a set of MRI images were to be extracted from an MRI imaging sytsem, the patient’s identity should be assiged along with some statement that restricts usage so that regulations are enforced. By making this rights assignment native to the file metadata viewing of the images would be restricted to only those that had the proper relationship with the patient (e.g., primary care physician or consulting physician).

It sounds complex, but so did an “interoperable network that spanned the globe” — until we solved the issues of IP, TCP, HTTP, HTML, SSL, TLS, etc. Much of what we need is available today, SAML, S/MIME, X.509, private key cryptography, etc. Consider the following:

A. Today’s networks are interoperable because of the IP protocol and packets are delivered because of the TCP protocol
–The base object is the packet and the message is the aggregate of a selection of packets
–Naming is provided by DNS and addressing by IPv4 or the new IPv6
–Security is provided by SSL or TLS which allows the protocols to interoperate but secures the content via encryption

B. Web servers are interoperable because of the HTTP protocol and content is interoperable because of HTML
–The base object is a URL and the message is the aggregate of URLs in a page
–Naming is provided by a file name and addressing via URI
–Security is provided by the HTTPS protocol which protects the HTML content

C. What is needed is a protocol to allow the interoperability of collaboration and rights management
–The base object is the document and the combination of the document and a rights markup mechanism constitutes a collaboration document
–Naming will need to reference the collaboration document and addressing can be via URI
–Security will be provided by — something, I’m not sure about this (it has to be more than simple encryption because of the collaborative nature of the object)

This is a cooperative rights management proposal that survives the network because it is integral to collaborative use . . . and, I don’t think we are not going much further without addressing the identity and usage assertions concerning the naming, identity, and rights assertions around digital content.

More later . . .