Technometria

Home
Why Technometria?
RSS
Atom
Podcast Feed

Recommend This Site

About Phil

Brief Bio
Contact Info
Phil on Twitter
Speaking
InfoWorld
Photo Albums
Video Favorites
CTO Breakfast

Essays

2006
2005
2004
2003
CIO White Papers

Software

Packages

Topic Guides

Understanding RSS
Digital ID Policies
Understanding VoIP
Internet Application Performance
Setting Up a Linux Server
Public Service Tips

Categories

Blog TagCloud

Archives

May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002

Utah Tech Organizations

BYU Unix User's Group
Provo Linux User's Group
Utah Valley Linux User's Group
Ubuntu Utah
Salt Lake LUG
USU Free Software and Linux Club
Greater Utah BSD User Group
Utah PHP Users Group
Utah Python User Group
Utah Ruby Users Group
Ogden Area LUG
Southern Utah Unix Users Group
UtahSAINT

Friends

Mike Jones
Chuck Knutson
Kristen Knight

Copyright

Copyright © 2002-2006 PJW LC. Some rights reserved. Technometria is a trademark of PJW LC in the United States and other countries.

« September 2002 | Main | November 2002 »

October 31, 2002

Spam Voicemails

Dave is getting pissed off at all the political spam voicemails: 

I got a voicemail from Rudy Giuliani, urging me to vote for Bill Simon for governor. At first I thought it was my brother imitating Giuliani. I thought to myself. "That's a good imitation." Then I realized it really was the former mayor of NYC, the hero of 9-11. He didn't leave a number for me to call him back at. I'm starting to get pissed at all these political spam voicemails. [Scripting News]

I'm not nearly as upset with the voicemails as I am with all the hang-ups.  The machines are programmed to only leave a message on an answering machine on the theory that people hate talking to machines, but won't mind listening to one on their answering machine.  So, the calling machines hang up if they get a live connection.  Since the number comes through as "unavailable" you don't know who to get mad at when it hangs up.   Diabolical, huh? 

9:29 PM | Comments () | Recommend This | Print This

XML for Justice

Gae Lyn DeLand, the IT Director in Corrections sent me a note about the Department of Justice's XML standards initiative.  The page includes a large (332 pages) and comprehensive Justice and Public Safety XML Data Element Definitions document which I found to be sobering because of its size and complexity.  The document includes a set of general principles which I think are worth reviewing and included in any such effort:

  • Any XML specification developed should be guided by the principles put forth by the World Wide Web Consortium (w3c)
  • Internal system representation is not constrained by these guiding principles or the associated data element definitions. The information contained in these documents simply provides a baseline for exchange of information.
  • XML Specifications shall be over-inclusive by specifying those elements that may be required by fewer than all participants and making those elements optional.
  • XML Specifications shall be extensible.
  • Wherever possible, previously developed solutions should be adopted or extended.
  • International implications of XML specifications should be considered, and international standards shall be used as guides where possible.
  • XML specifications shall be broad enough to accommodate jurisdictional differences.
  • When operational requirements dictate differences in specificity, mapping from the more specific elements to the less specific elements shall be made available.
  • It is the responsibility of each group to insure that all system-specific features are removed prior to transmission to another group.
  • Data elements may contain other elements and may even be recursive.
  • Certain complex elements are sufficiently independent and driven by group business rules such that they cannot be used by more that one organization. In such cases the shareable simple elements contained within the complex element are defined.
  • For every element, a default minimum attribute set will be available for use. These attribute(s) will, for the most part be optional. However, in specific instances (clearly noted in the Data Element Dictionary) they may be required or have default values.
  • Data element content length generally will not be restricted in the Data Element Dictionary. However, there may be some elements for which a maxLength parameter is specified. Further, specific implementations can incorporate maxLength-type parameters for other elements into their schema for validation purposes.
  • Generic tag names within complex elements are preferred when the data is clearly the same entity (e.g., state may be used to refer to both the state of the postal address and the state of vehicle registration). Generic tag names should be avoided when the meaning is ambiguous (e.g., number should not be used to represent both a phone number and an operator license number; explicit tag names should be used).

One of the areas that I think NASCIO (still on my mind) could offer more assitance to states is by helping to sort out the various XML standards that are being developed and even intaking the lead in developing XML standards in areas where nothing is happening. 

11:23 AM | Comments () | Recommend This | Print This

October 30, 2002

eGovernment via Business Week

This article in Business Week is an interesting read on the current state of eGovernment.  I don't necessarily agree with all of its conclusions or its assumptions about the current state of the art or what's important.  It also takes a typical "Business Week attitude" on government workers which I haven't found to be true.  Still, there's some good points in it. 

1:10 PM | Comments () | Recommend This | Print This

TechnoVolunteers

I read something on John Patrick's weblog this morning that reminded me of an experience I had.  John makes the point that non-profits need IT expertise and discusses his experience with the United Way:

Today started out with a meeting at the United Way of Northern Fairfield County to help think through some strategic issues with regard to their use of information technology. It is a very good feeling to be able to help non-profit organizations and I highly recommend that all of us do so as often as possible. (read more)

I was a delegate to the Republican party convention this year and so was involved in party work in my precinct.    I was appalled at the lack of IT support that the party provided to the precinct workers and how disorganized things were.  Now perhaps that is the consequence of a lack of competition, but I suspect that the Democratic party isn't any better off. 

If you've thought of volunteering in some capacity at a non-profit, a political party, or even your local government, understand that technical expertise is sorely needed.   There's plenty of room for people who want to give something and with technology you can have a huge impact whatever cause you choose to support.    Get out and get involved; you'll feel better

8:33 AM | Comments () | Recommend This | Print This

Transition

This morning's opening panel is discussing transition.  At least 22 governors will change this year.  There could be as many as 35, I believe.  When they change most will also change the CIO for the state since that usually an appointed position.  Most CIOs at the conference have never been through an administration transition and so I'm sure this is a topic on the minds of many here.  Each of the panelists has significant experience with multiple governors.  

Charlie Gerhards (CIO, PA) and Carolyn Purcell (CIO, TX) both talk about the enthusiasm that new Governors bring to the job.  Charlie says that most Governor's come in thinking that they'll change 90% of governor and are happy when they leave if they've change 10%.  Carolyn says that every Governor and Legislator who comes into office comes in with the goal of making government efficient and good, but that they all have different approaches and different areas that they emphasize.  Carolyn has survived three Governors, so she probably understands how to get along. 

Quentin Wilson, Acting Commissioner, Missouri Department of Higher Education makes the point that new Governors what action and impact.   He uses the acronym FIRST to describe his approach to satisfying this need for action and impact:  Focus on a few important things. Do things that have Impact.  Governor's want to be Responsive to constituents.  Governors like Speed.  Technology is the tool for making this happen. 

Marlene Lockard, Vice President E-Government Strategy, EzGov (and a former chief of staff to a Governor and transition team leader) makes the point that Governors understand that the campaign is over and that they need to govern and so they're not as quick to clean house as some might think.  She emphasizes the need to demonstrate your expertise to the next Governor if you want to keep the job.  She says to avoid being political and keep lines of communication open with both sides. 

The audieance was asked whether they thought that a CIO should try to stay on or make way for the next administration.  (There's a nifty little audience feedback system at all these NASCIo conferences.) 70% said they thought they should stay on.  I guess its hard to predict how I'd feel if Gov. Leavitt were leaving and I was in a tansition situation, but frankly I can't imagine wanting to do this job for someone else.  Gov. Leavitt has such a keen interest in technology and understands the impact it can have.  That makes this job interesting and worth doing. 

If you're interested in Federal government transitions, the Plum Book offers some interesting insights. 

8:12 AM | Comments () | Recommend This | Print This

October 29, 2002

Pictures from NASCIO Conference

Here are some pictures I took around the conference at break this afternoon.

Clockwise from the upper left are

2:28 PM | Comments () | Recommend This | Print This

Innovative Funding, Total Cost of Ownership and ROI

Moderator: Bob Feingold, Chief Information Officer, Governor's Office of Innovation and Technology, State of Colorado
Panelists: Craig L. Johnson, Associate Professor of Public Finance and Policy Analysis, School of Public and Environmental Affairs, Indiana University
Pat O'Donnell, Vice President-Sales and Marketing, Anexsys
Richard Varn, Chief Information Officer, State of Iowa

Pat O'Donnell is talking about various ROI models.  She cites the following issues that make calculating ROI in the public sector less straightforward than it might be in the private sector:

  • agencies must serve all constiuents
  • agencies must abide by specific legislation and rules 
  • eGovernment initiative deliver on both tanglible and intangible policy goals

She is talking about the following methods:

Net present value is not appropriate if the answers to these questions is "no":

  • Are benefits and costs predominantly private and social?
  • Are the benefits tangible or intangible?
  • Can intangible benefits be quantified and agreed upon?

Craig Johnson is speaking on public sector finance models.  Net benefit or consumer surplus is the difference between the cost and what someone would pay.  Apparently is a fairly well understood model of public sector finance.  Consumer surplus can be used to set prices, particularly in G2B solutions.  Craig apparently believe pretty strongly that fees are appropriate in many cases. 

Richard Varn of Iowa has strong ROI program.  Rich makes a few interesting points:

  • Technology is about reducing the amount of labor directed at certain activities. 
  • Many people end up in jobs they have little preparation for (i.e. training is important)
  • If you want savings, you have to change behavior.
  • Richard thinks there are eight primary areas of government and seven operational responsibilities (wish I had a link here).

12:12 PM | Comments () | Recommend This | Print This

Roman Goddess

NASCIO, in addition to being an organization of state CIOs is the name of one of the Roman goddesses of birth

11:47 AM | Comments () | Recommend This | Print This

In Honor of the GIS Panel

In honor of the GIS panel that I just listened to, I note that the location of this NASCIO conference (Hyatt Regency Station) is N 38 degrees 37.770' W090 degrees 12.556' and 578 feet above sea level.  Here's a map (which I found by typing the hotel's phone number into google; the easiest way I know of to turn a phone number into a geographic information.)

11:19 AM | Comments () | Recommend This | Print This

Schema Controlled XML Editing

Reading Jon Udell's weblog, I ran across the Xopos XML editor.  I clicked on the demo and within minutes was editing XML inside my browser.  I haven't played with it extensively, but what I did do was pretty neat.  The editor is fairly comprehensive; you can edit the content of cells and move them around (subject to the schema) without ever seeing the XML or even knowing what XML is.  It was smart enough to warn me when I left the page with unsaved changed (something I've fussed with in other browser based editors).   If you've got data you want entered or edited in an XML structure, this may be a good tool to look at. 

9:59 AM | Comments () | Recommend This | Print This

GIS and a National Map

I'm in the GIS breakout session.  Kari J. Craun, who is Chief, Mid-Continent Mapping Center, US Geological Survey, and a cartographer by trade is speaking about a national map.  The topological maps that we all know and love are apparently 25 years out of date.  The USGS has a project to produce a "national map" that would be a seamless, continuously updated set of geospatial information built from orthorectified imagery, land cover, elevation, geographic names as well as vector layers for transportation, hydrography, structures, and boundaries. 

One of the drivers is, not surprisingly, homeland security.  Someone who trains on a map in one area (and remember this many not be a piece of paper) and then gets moved to another area to respond to an emergency ought to be able to pick up the map in that area and have it be the same in terms of meta data.  I think homeland security will be the interstate highway system of the new century.  Much will be done under the auspices of homeland security which will ultimately have many other benefits to citizens.  You may not remember, but Eisenhower proposed the interstate highway system as a defense logistics system during the cold war.  Clearly its use and benefits has far surpassed that initial goal. 

9:49 AM | Comments () | Recommend This | Print This

Federal Enterprise Architecture and eGovernment

Mark Forman, Associate Director for Information Technology and E-Government, U.S. Office of Management and Budget is speaking about the use of enterprise architecture in the federal government.  Mark has been very good about working with the states and recognizing that there is a great asset and huge constituency in the state CIO offices. 

One of the tings I like about the federal eGovernment vision is that its not just about 24x7 availability, but also says that it will deliver decision in minutes or hours instead of days or weeks.  I like it for two reasons:

  1. It focuses on what citizens really want: quick service, not just availability.
  2. It drives business process re-engineering.    

I think that overall we've been pretty good in Utah at understanding this issue, but I don't see it explicitly stated anywhere.

Mark is making the point that we do eGovernment because we live in a world of interdependencies.  This is a good point.  eGovernment is a much deeper concept than just putting a web page up to conduct transactions with citizens: its about the interdependencies.  This is the basic fact that drives the move to cross agency, citizen centric applications.   Mark brings up the example of homeland security.  Homeland security is about interoperability, not just for voice, but for data.  That goes well beyond sending email from first responder to first responder.  It implies getting the right information to the right person at the right time.  Our first responder portal project is right in line with this. 

Some slogans:

  • Buy once, use many
  • Collect once, use many
  • When eGovernment is broken, its visible to everybody

Project SAFECOM is a new mobile data interoperability project that includes voice, but not as a the primary driver.  Mark says that he's gone through several program managers looking for someone who understands the issues.  He says he had to get away from the voice people because they didn't get data, but data people see voice as just another kind of data.  He also had to find a program manager who understood that consensus didn't include lobbyists.  You can only imagine the pressure from companies who see controlling this project as the key to sales to thousands of public safety departments around the country. 

Forman talks about their governance process and how he manages agency IT.  Each agency is evaluated on the following criteria as part of the budget process:

  • Modernization blueprint -- enterprise architecture
  • Business cases -- Capital planning and investment control done against blueprint
  • IT program management
  • IT security

Mark's staff is charged with helping each agency get to green on these areas.  His deputy manages this process.  Laggards in security, for example, won't get funds released until the fix is part of the plan and the capital planning process.  The results of the quarterly evaluations against these areas are reported to the Cabinet by the President.  Each agency has a CIO who has to report, by law, to their agency heads.  Part of their overall process is about building cross agency teams since the lines of business that cut across agency lines.  Because there are multiple agencies per line of business, the chief operating officer of the enterprise has to take responsibility for deciding who is to take ownership for fixing a line of business.  Man, does this all sound familiar! 

7:48 AM | Comments () | Recommend This | Print This

October 28, 2002

Information Security Coordination

Matt DeZee from AMS (and a former state CIO) is talking about the desirability of the creation of a center for coordinating information security information among the states.  Apparently there is a plan to do this.  The theory, of course, is that we all see the same kind of attacks and could help each other by cooperating.  He tells the story of getting a report from his CISO that his state was getting scanned and then showing up the next day at a NASCIO event and finding that 4 other CIOs he talked to had had the same scan the day before.  One could argue that there's nothing special about the states and that we should just throw in with other private and public entities. Nancy Wong from the Commerce's Critical Infrastructure Assurance Office says, however, that its common for different industry sectors set up independent efforts and then create bi-lateral agreements to share information so that each office can respond to the unique nature of the sector.     

4:09 PM | Comments () | Recommend This | Print This

NASCIO Blogs

My number two referrer on my blog today is a google search on "nascio blog."  I'm apparently the only one, but there are at least a dozen people looking for them.   I've run into a few people here who read my blog regularly, including other CIOs, but no one who is writing except for me.  As an aside, there's no WiFi access here, so without my Sprint wireless network card, I'd be out of luck.  

3:48 PM | Comments () | Recommend This | Print This

Chartered Projects

I'm listening to the Homeland Security panel:   Robert Clerman is speaking and talked about Gov. Leavitt's role in homepland security.  He specifically talked about "chartered projects" in speaking of Gov Leavitt's proposal.   So, while I get asked over and over again in Utah what a "charter" is, it is apparently getting some traction on a national level. 

3:43 PM | Comments () | Recommend This | Print This

Autonomy: Using Unstructured Data

I was going to go to the session on finance, but ended up not making it because I stopped to spend some time with some folks from Autonomy Systems and by the time I got to the session, it was beyond full.  Oh well, Autonomy was probably more aligned with my interests anyway.   

Autonomy allows one to find information by concept in unstructured data using a combination of "bayesian inference and Shannon's information theory."  Its been a long time since I studied either one of those, so that didn't mean much to me.  I found this document on their site which was much more helpful.    Autonomy is a British company and it shows when you see stuff like this.   I've often joked that British universities couldn't afford computers so they actually studied Computer Science.    

The reason for my initial interest is that Autonomy Systems recently signed a deal with the Office of Homeland Security as reported recently by the Wall Street Journal (and a company press release).  We have a project to create a first responder portal as part of our homeland security project and we need a way link information so that they can see what's relevant, not just by job function or location, but stuff that's related to what they're interested in right now.   My first thought is to throw a Google appliance at the problem, but Google's method of determining relevance may not be relevant in this case.  Something like what Autonomy has to offer might be just the ticket.

The same could be true of indexing internal data as well.  For indexing public data Google's algorithm works pretty well: I'll find interesting what most other people found interesting.  For private data or data that doesn't have a lot of interest but may be very relevant to the current problem, that algorithm doesn't work as well.  Google relies on the fact that there are lots of sites linking to lots of other sites to create relevance data.  That's not necessarily a good basis in some cases. 

Maybe we should do a bake-off: get a Google appliance, an Autonomy DR engine, and any other interesting technologies and run them against our data and study the effectiveness of the results.  I'd bet we could get the companies to donate the systems (maybe not) but we'd have to get a grant or something to pay for the set up, research, etc.   Any takers?

2:13 PM | Comments () | Recommend This | Print This

Statewide Networking for Government and Education Panel

Moderator: Laura Larimer, Chief Information Officer, State of Indiana
Panelists: Shaun Abshere, WiscNet, State of Wisconsin
David King, Indiana Higher Education Telecommunication System
Bill Mitchell, MOREnet, State of Missouri

Shaun Abshere is talking about an organization that I'd never heard of called StateNets.  StateNets is an organization of non-profit and public groups that manage state K-20 networks.  Our own UEN, for which I'm on the steering committee, is a member.  He is giving some impressive composite statistics about the member networks.  Our state uses our education network as our ISP.  This is just one form of cooperation that exists between UEN and the state network managed by ITS that saves costs.  There's probably other avenues we should pursue as well.   

Bill Mitchell is showing a video on Missouri's state education network.  A few things on the technology side that look enviable include smart boards in each class room and one PC for every two students.  The video also shows how technology is being used in the classroom and I think is quite compelling.  It makes the case, through several examples, about how teaching styles can change to one that encourages students to explore the information themselves in ways that they can't in a traditional classroom.  For example, gather data, graph it several ways, and then make a judgment as to which presentation is more meaningful and what conclusions can be reached.  I've seen this in my own children's as I watch them use Google to do homework.  I wish I'd had the web when I was a kid.  I can remember spending hours at the public library trying to find information about electronics and being sorely disappointed. 

Apparently, state education networks are now allowed to join Internet 2 and 25 states have done so.  Utah is not among them even though I know that the University of Utah is a participant.  I wonder why that is?  They are discussing the speed of the network and the kinds of things that it enables in education.  Of course, the other side of that is that it put incredible pressure on the state's internal network to keep up.  I hear, from time to time, laments from UEN steering committee members and others (including the legislature, I'm sure) about the bandwidth increases and the costs of carrying the traffic that results from people using the network.  Its clear to me from watching technology trends that we're really just getting started.  At some point we'll see MP3 file sharing (at least from the bandwidth viewpoint) as a non-issue because students will be sharing DVDs.  Reminds me of when the University of Idaho tried to shut down online interactive games because of the bandwidth it required (at the time Idaho had a 56K line that we shared with Washington State University).  Now, I'm sure interactive games are not even a blip on the network. 

12:22 PM | Comments () | Recommend This | Print This

Privacy: Good and Bad

I did a little reading at lunch in The Transparent Society by David Brin.  Brin sets forth the following and calls it an "accountability matrix:"

1. Tools that help me see what others are up to. 2. Tools that prevent others from seeing what I am up to.
3. Tools that help other see what I am up to. 4. Tools that prevent me from seeing what others are up to.

His contention is that people see boxes (1) and (2) and good and boxes (3) and (4) as bad.  What what society needs is boxes (1) and (3) since that creates accountability.  Further, society should eschew boxes (2) and (4) since that pits citizens against each other in "an arms race of masks, secrets, and indignation. 

12:13 PM | Comments () | Recommend This | Print This

Enterprise Architecture Panel

Moderator: Gerry Wethington, Chief Information Officer, State of Missouri
Panelists: Carey Brown, Information Resources Manager, Kansas Information Technology Office
Theresa Lynn Hadden, Senior Internet Architect, Fairfax County, Virginia
Venkatapathi Puvvada, Chief Technology Officer, Unisys 

Carey Brown talked about the implementation of the Kansas Criminal Justice Information System.  I think the idea was that it was a successful implementation based on an enterprise architecture toolkit, although somehow that point didn't seem to come out in the talk.  Still, the recitation of the project was interesting---if nothing else it emphasizes the nature os projects in the public sector: wide range of clients, wide range of sizes, multiple legacy systems, processes that must keep going, and few resources.  

Theresa Hadden is talking about Fairfax County's efforts in the Information Domain (part of an enterprise architecture).  She says 80% of her data is unstructured (not in databases).  I'm surprised its that low.  They are using a content management system to help manage all this data and moving all HTML pages onto the CMS.  Metadata plays an key role in repurposing unstructured data for other uses.  She wants a call center person to be able to access structured and unstructured data in answering citizen questions.  For example, if someone calls up with a tax question, can the call center people have access to emails that have been sent regarding that citizen's taxes?  This rings some bells with me.  First, we're in the middle of deciding policy questions regarding the status of email as a public document.  Second, I'd love to be able to google my own email.  Wy not my co-worker's email as well---at least that related to work.  That's a big challenge with some interesting payoffs since much of the information we've got is now tied up in email messages that are unavailable as a data source. 

Venkatapathi Puvvada, who goes by "PV". is talking about business architecture and makes the statement that it is the key to business process integration.  Central to this concept is that that we must become citizen centered, not agency centered.  I think this is a concept that is lost sometimes.  Frequently, when we talk about driving IT from "the business" too many think we're talking about agencies.  The problem is that that just perpetuates the old stovepipes.  The federal government found, for example, that there were, on average, 10 cabinet agencies involved in each "line of business" that the federal government is involved in.  That's largely true of the states as well, although the numbers may change.  A good example of where we're overcome this to some degree is criminal justice.  When we view criminal justice as a line of business and then bring agencies to the table who are involved with criminal justice we're getting closer to building a business architecture that is correctly focused.  

10:07 AM | Comments () | Recommend This | Print This

Steve Cooper on Homeland Security

Steve Cooper, from the Office of Homeland Security (OHS), is the keynote speaker this morning.  I blogged his talk at the Western CIO Summit in Breckenridge this summer. 

Steve is discussing the OHS national strategy for homeland security---not necessarily the particulars of the strategy, but how it serves as the primary driver for an enterprise architecture. 

Interstate System for Sharing Information

Steve talks about using the word "interstate" instead of "national" to describe an information sharing infrastructure.  I think its important to remember that the interstate highway system (Steve's analogy) was built by the states with federal dollars to federal specifications.  I think that would work here as well, but the feds need to recognize that.  Steve talks about linking money to

  1. Compliance with enterprise architecture
  2. Performance metrics
  3. Standards

and having state CIO's responsible for these.  I agree. 

Specific Focus Areas

Steve talks about the following focus areas for what his office is working on:

  1. Wireless data
  2. Public health
  3. Geospatial data
  4. Pilot projects
    1. 3-6 months duration
    2. less than $1M
    3. cross agency (different functional areas and different levels of government)

[As an aside, I had a much better set of notes on this and accidentally deleted them before they got posted.  One of the few real complaints I have about radio (and one that's not easily addressed except by user vigilance) is that the browser based editor has some quirks---one of them is that if the browser gets sent somewhere else accidentally, the contents of the window are lost.  Oh well...]

9:01 AM | Comments () | Recommend This | Print This

October 27, 2002

Deja Vu All Over Again

We just the part of the meeting that is both interesting and somewhat depressing: each new CIO introduces themselves and discusses the issues that they're facing.  Every CIO here is facing many of the same problems.  What's depressing is that this is the third time I've been through it and each time its the same issues. 

3:20 PM | Comments () | Recommend This | Print This

Public Health Infrastructure

Morris from Dept. of Health and Human Services is talking about IT infrastructure for public health.  In the face of some skepticism (not from this crowd, but others) he quotes a 1902 article from Harper's Weekly:

The actual building of roads devoted to motor cars is not for the near future, in spite of many rumors to that effect...

He envisions a "weather channel" for public health information that would give real time reports on disease similar to the way to we get weather reports.    Most people outside the government would probably be surprised to learn that there isn't a real time public health infrastructure.   

2:06 PM | Comments () | Recommend This | Print This

NASCIO Member Session

I left home this morning at 4am (daylight savings time is my friend) so that I could get to St. Louis in time for the four hour NASCIO member's session this afternoon.  This is a business session that is about NASCIO as an organization whereas the rest of the conference is about issues, technology, policy, etc.  There are about 30 CIO's here. 

After going over the new strategy document, Gerry Wethington (CIO, MO) presented the business plan.  The business plan is a good document that identifies major areas of emphasis and where the dollars will come from for those areas.  This conference is apparently going to be well attended and this finances look pretty good for now. 

One of the pieces of business is the election of the officers for the next year, a process that seems more like common consent that an election.  The executive committee puts forth a slate of candidates and we say "aye." 

We're in the middle of the Washington Update at the moment including topics on federal legislation, budgets, and NASCIO's DC outreach efforts.  We'll hear from Health and Human Services and Homeland Security next.  

1:08 PM | Comments () | Recommend This | Print This

October 25, 2002

Utah County: The Most Wired Place in America?

OK, maybe not the most wired place in a America, but getting pretty cool.  Utah county is the second largest county by population in Utah and just south of Salt Lake.  Utah county is home to Novell and (formerly) Word Perfect and has a large high-tech base.   This morning I had a meeting with representatives from American Fork City, Spanish Fork City, Provo City, and Utah Valley State College about the Utah Valley Community Network.  These three cities and the college have built or are building fiber out to the homes of their citizens and are starting to offer services, at least on a pilot basis.  The services include basics like Internet service and cable, but also the other things you'd like to see such as telephony and video on demand.  There's more...

About 10 months ago, I met with this same group and talked to them about exchange points and the value I see in lot of exchange points.  I think exchange points are one of the most subtle and least understood aspects of the Internet and one of the keys to building networks that provide real value.  As an aside, exchange points become more valuable as more of the network traffic is P2P---an issue I don't think many have written about.  They took my points to heart and have established an exchange point that includes all these entities as well as Utah County and a few others.  Entities like Brigham Young University and Novell will be able to participate through the first tier members.  They buy Internet service at the exchange point and exchange packets with each other.  

So, for example, if you're a student at UVSC living in Spanish Fork (12 miles away) taking a video course your packets stay local rather than going out onto the Internet and being routed through Denver or San Francisco.  UVSC is also piloting a program where employees living in American Fork, say, can have their campus telephone extension ring at their house, if they choose.  Soon companies like Novell will be able to do the same thing.  As another example, they all share a single cable head end and transfer programming to each other via fiber. 

This is how great things happen: a few peopleof people with some vision and a few resources getting together and creating something cool.  I'm sure I'll be writing more about this as it rolls out and they get more experience.  I'm anxious to see projects like Utopia layer on top of this---that will bring in another large segment of the population.

1:14 PM | Comments () | Recommend This | Print This

October 24, 2002

ITC Direction to CIO on IT Strategy

Today the Information Technology Commission directed the CIO to develop a 2-5 page "vision" statement for IT in the State of Utah as a precusor to developing a larger plan.  The doucment is to be presented at the next ITC meeting on Nov. 21st.  I'm planning on the ACIOs providing a great deal of input into this document even though the ITC specifically stated that they would accept a document without agency input at this point. 

I shared the notion of enterprise architecture with the group since I believe ITC is the right body in state government to encourage and endorse an enterprise architecture.  I've distributed both the NASCIO Enterprise Architecture document and the Federal Enterprise Architecture information.   

Kevin Van Ausdal, the DCIO for IT, and I will be attending the semi-annual meeting of NASCIO in St. Louis next week and I'm sure that this topic will be discussed in some detail.   I'll be blogging the conference, so if you're interested in this, stay tuned. 

3:07 PM | Comments () | Recommend This | Print This

October 23, 2002

Executive Appropriations Testimony

In case you didn't get a hand out, here is the text of the testimony that Camille Anthony, Karen Okabe, and I presented at Executive Appropriations yesterday in response to the recent legislative audit.  This whole thing has gotten kind of kafkaesque

10:20 PM | Comments () | Recommend This | Print This

October 22, 2002

Round 2.0

I got a few complimentary issues of a magazine called Context recently.  Not a bad 'zine, but I've got too much to read already, so I didn't pay a lot of attention.  Still, an article called "Round 2.0" by Andy Lippman caught my eye.  In speaking of the dot-com boom, he says:

The problem with likening the dot-com boom to the 17th-century Dutch tulip insanity is that, now that the bust has come, many companies think they can go back to sleep. To them, the threat is over: Dot-coms did not generate a New Economy, they did not rewrite the rules of business, life as we know it did not end. The fear that any evanescent new idea would destroy the current mode of operating is past.Wrong. The challenge is not gone. It is just beginning.

To make his point, Andy talks about advertising, telephony, and media distribution.  His point on advertising is that technology like TiVo changes how people watch TV.  If you don't have a TiVo, you may not quite understand.   I don't watch TV anymore, I watch TiVo.   Its more than just being able to fast forward through advertisements.  Its about who controls content, at least who controls when and where its watched.   

6:56 AM | Comments () | Recommend This | Print This

October 18, 2002

Transparency and Metrics

I'm just starting The Transparent Society by David Brin.  I'm only to page 20, but its already fascinating.  The subtitle of the book, intentionally provocative, is "Will technology force us to choose between privacy and freedom?" 

The gist of the first part of the book is that, as a society, we use freedom of information or "information flow" to drive accountability.  Two interesting points from the book so far:

Whenever a conflict arises between privacy and accountability, people demand the former for themselves and the latter for everybody else.

...[T]wo opposing traits that occur in ...modern privacy debates:

A. One party believe that another group is inherently dangerous, and that its potential to do harm is exacerbated by secrecy.  Therefore, accountability must be forced upon that group through enhanced flow of information.

B. The other party argues that some vital good will be threatened by heightened candor, and hence wants the proposed data flow shut down. 

The book points out how entertaining it is to watch groups take these positions alternately on different issues depending on "whose ox is getting gored."   

I've written on transparency before.  I believe its crucial to a proper functioning organization.  Part of my belief in blogging stems from a belief that people ought to know what I'm thinking on issues, even when its not popular.   

Metrics and dashboards are really this same issue.  Metrics shine the light of information onto an organization and provide accountability.  I've challenged ITS to develop metrics to measure its performance and to make them equally available to customers as well as staff.  I challenge agency IT shops to do the same thing.  Measure how you're doing and publish it to the world. 

11:50 AM | Comments () | Recommend This | Print This

October 16, 2002

WSIL is RDF for Web Services

A good article by Tim Appnel called An Introduction to WSIL calls WSIL the RDF for web services.  I've advocated the use of WSIL to advertise the presence of web services at the State.  Its simple and easy to do.  What's more it can be used in conjunction with UDDI if that becomes the prefered method for advertising web services. 

8:23 PM | Comments () | Recommend This | Print This

Tim Oreilly is a Stud

I just ran across Tim's talk on Inventing the Future.  Great stuff. 

4:09 PM | Comments () | Recommend This | Print This

IM Bots

A couple of months ago, I wrote about IM bots because the idea intrigued me and I think it would be a neat way to offer some interactive information on Utah.gov as well as internal applications like help desk.  Joe Heck turned me on to some other resources that are pretty interesting:

  • DJ Adams has an article about ChatBot, a Jabber bot written in Perl using the Net::Jabber libraries. 
  • Infobot is a daemon that connects to IRC servers and can be customized to conduct various chats.  IRC isn't IM, but its still interesting. 
  • An article in The Perl Journal by Kevin Lenzo has a number of links and information about various bots for IRC (again with the IRC). 

I guess before we worry about an IM Bot, we ought to get an enterprise IM solution.  I've seen IRC used to great effect as an enterprise tool and feel like we're missing out by not supporting it more widely.  Not sure where we need to go to get there.  Its hard to drum up interest among a large enough group of people because not many of them use IM.  On the other hand, I'm hesitant to suggest it widely without a secure way for employees to use it in their work.  A classic chicken and egg problem. 

3:37 PM | Comments () | Recommend This | Print This

October 15, 2002

The Truth about Excite\@Home

Recently, there has been much confusion about my previous occupation to the extent that I'm thinking getting my birth certificate changed to Phil Windley, former owner of now defunct Excite\@Home. Some, including the press, have started to question why the State is taking advice from someone who "ran his company into the ground."  For the record, here's a brief synopsis of the facts:

In 1994, I and a partner started a company called Electronic Marketing Services and started an online shopping mall called imall.com.  In 1995 we sold EMS to a company which eventually became iMALL, Inc. 

In 1997, Richard Rosenblatt took over as CEO of iMALL, Inc., determined to turn it into an ecommerce company.  He raised $20 million in private placement capital on the basis of a business plan that Steve Fulling and I drafted in my basement.  As a result, he asked me to leave BYU and come on board as Chief Technology Officer.  Steve was Vice President of Engineering.

Starting in January of 1998 with 3 technical employees, Steve Fulling and I built a technical team that within 18 months numbered nearly 150 people.  We had the money and options to hire the best people available and we did.   We designed, built and operated large n-tier ecommerce applications and learned just what it takes to make these things operate reliably.  

In October 1999, largely on the basis of the technology that iMALL had developed, iMALL, Inc. was bought by Excite\@Home, a large public company, for $425 million. 

Our division, now part of Excite\@Home, went from $4 million in revenue in 1999 to $20 million in revenue in 2000 and was EBIT positive to the tune of $3 million, one of the few profitable divisions in Excite\@Home. In 2000, our team built a full featured ecommerce application in less than three months (on time and under budget) that was reliably serving 50,000 merchants within 6 months.

As part of my activities as a high tech executive in the state, I became acquainted with Governor Leavitt during the year 2000, and in November 2000, he asked me if I was interested in serving as Chief Information Officer.  After many conversations with Rich McKeown, the Governor, and others, I left Excite\@Home in March 2001 to become Chief Information Officer of the State of Utah.  Excite\@Home filed for bankruptcy in September 2001.

So, I wasn't owner, president, or even a little bit in control over Excite\@Home's fate. I wasn't even there when it all ended.   I just worried about our division hitting its numbers and---with the help of a lot of people---we did.  Everytime. Sometime, if you're interested, I'd be happy to fill you in on my take of why Excite\@Home went bankrupt.  Its got plenty of intrigue.

11:21 PM | Comments () | Recommend This | Print This

Standards

This article from the Associated Press (via the Salt Lake Tribune) is about standards.  Surprisingly, it ran on the front page---must have been a slow news day.  Apparently, October 14th was national standards day.  If I'd have known, I'd have baked a cake and worn a costume.  At any rate, the article gives a number of good examples about why standards are important---they are the key to interoperability, a catch phrase these days what with eGovernment and Homeland Security issues. 

9:58 PM | Comments () | Recommend This | Print This

Blogging in Utah

This Salt Lake Tribune article by Mary Malouf is about blogging in general and features several utah bloggers, including me.  Overall, I think the article does a good job of describing the blogging phenomenon and what makes it different.  Mary and I had a fairly lengthy conversation and I have to say she really seemed to get it.  The best thing about the article is that unlike a lot of things printed about me in the paper lately, most everything in it is true!  As an aside, JOHO, the Blog was on the computer screen in the art piece that accompanied the story. 

8:02 PM | Comments () | Recommend This | Print This

October 14, 2002

Utah's IT Plan

Last August, the Governor sent a letter to IT workers in the State outlining his plan and vision for conducting cross-agency eGovernment and IT projects.  In the intervening time, we've conducted meetings, formed groups, gotten Cabinet approvals, and worked through a lot of the details.  I and others have written several times about some of these meetings.  Now, to try to pull some of it together, I've written a white paper on Utah's IT Plan that gives some more detail.  This process will continue to evolve as we work through the issues. 

10:56 PM | Comments () | Recommend This | Print This

ZDNet Article on Open Source

I'm quoted in this article in ZDNet News on open source.  The article probably makes it sound like we're contemplating a move to Linux or OpenOffice here in Utah.  Such is not the case---there are a lot of hurdles to overcome in moving to Linux or OpenOffice.   At this point, I'm more inclined to open source solutions on the server side and, in some cases, clients on the desktop.  Here's what would change my mind:

User demand.  If an agency got tired of paying license fees to Microsoft and wanted to make a move to Linux or OpenOffice, I'd support it.   What would it take to succeed?

  • Careful planning 
  • Flexibility
  • Pilot programs
  • Executive management support
  • User training (maybe the most important factor)

 

10:07 AM | Comments () | Recommend This | Print This

October 11, 2002

Virtuoso Performance as a Measure of Organizational Maturity

Mary Shaw of Carnegie Mellon University talked about "virtuoso performances" in the engineering world about ten years ago in an effort to define what she meant by engineering.  The idea is this: engineering is a system of processes and procedures where normal people can perform quality work.  Without engineering, you're left to rely on virtuoso performers to accomplish the task.  The problem obviously is that there are a lot fewer virtuoso performers that normal folk. 

Think of it in terms of building a bridge.  Hundreds of years ago, building a bridge was an art practiced by people who did a good job of building bridges but couldn't really tell you how they did it.  Now, we can teach almost any bright person (who has a few math skills) how to design a bridge that won't fall down.  That is engineering. 

As we strive for high availability in our computing services and greater reliability in our process, we will have to build processes that reduce the number heroic measures undertaken by virtuosos.  In fact, I think you could measure the virtuoso performances and heroic feats in an organization and come up with a good feel for the organizations maturity: they're inversely proportional. 

Organizations with immature processes rely almost exclusively on heroic measures to achieve their goals and keep their customers happy.  The problem is that its almost impossible to sustain: there just aren't enough virtuoso performers and they get burnt out.  What's worse, organizations come to rely on rewards to the virtuoso performers as a means of trying to solve problems.  Mature organizations, on the other hand, reply on processes that allow almost any intelligent person to be trained to deliver excellent results reliably. 

I've got nothing against virtuoso performers or rewarding them for their efforts.  We need them and their talent.  I just think we ask too much when we rely on them to sustain our systems in the face of ad hoc procedures and processes.  Its not fair to them and it doesn't keep customers happy. 

Ask yourself how many times your organization has relied on heroic measures in the last three months to keep its clients and customers happy.  What do you think could be done to change the situation and come to rely on a mature process instead? 

1:23 PM | Comments () | Recommend This | Print This

Digital Identity: Where are the People?

At the conclusion of several days of immersion in the world of digital identity, I would ask the question: where are the people?  Here's what I mean:

Most of the companies at Digital ID World don't seem to really care about linking identity to people.  That is, they are content to have an identity with the appropriate attributes attached to it.   Let me give an example: when you present your credentials to a web site to purchase something, they don't care about the meat attached to that identity, only that it has a proper credit card number and an address to which to ship the goods.  The same is true for digital rights management (or, as Doc says: "digital restrictions for monopolies").  Digital rights management is about anything but people. 

For most applications, the question of tying identity to people is relegated to a question of security.    I want my identity secured, so that only I can use it.  That's not an identity problem, its a security problem.  Technology like passwords, smart cards, and biometrics are used to protect identities, which comes down to tying the identity to a particular person. 

Now, consider some applications where we do want to tie identity to a body.   Suppose, for example, that you want to set up a system to serve people with court documents online.   Another example would be closing an online mortgage.  Most of the examples I can come up with have a legal aspect.  We want to tie the identity to a body because later we may need to take that body to court or arrest it on the basis of something that that body did with its identity. 

Notice, as an aside, that digital certificates work very well in these kinds of scenarios, as long as the digital certificate has been carefully issued and protected (neither of which are great assumptions).  

My most extreme thought in this direction is that the courts, at least criminal ones, are, in the abstract, a system for tying identity to a particular body.  If you think of the attributes surrounding a perpetrator as an identity, courts are used to link that identity to a suspect (or body) so that they can be put in jail.  Put that way, linking identity to a body is a very time consuming, expensive, and imperfect proposition in many cases. 

That leads me to a conclusion that I've stated before: government has to be and will be in the identity business.   Governments care more than most about tying identities to bodies than most and will act to ensure that its possible...eventually.  Just don't hold your breath. 

11:36 AM | Comments () | Recommend This | Print This

October 10, 2002

FWIW

For what its worth: according to my GPS, the Hyatt Regency Tech Center is a N 39 degrees, 37.820' W 104 degrees 53.896' and its elevation is 5692 Ft.  And with that, I'm off to the airport. 

5:12 PM | Comments () | Recommend This | Print This

Conference Extracurriculars

Digital ID World is on my list of favorite conferences this year.  I think Phil, Andre and Crew did a great job of putting together a forum that is entertaining, informative, and most importantly, a great place to meet and talk.  I spent the afternoon looking in on the vendor exhibit hall and talking to people.  Here's some of what I saw and heard:

  • I talked to Andre Durand (of Jabber fame) about PingID.   PingID has aspirations of being the Visa of the identity world.  Someone needs to do it.  He also envisions services (such as risk scoring) that I think are analogous to the kinds of things FirstData Corp. does in the financial services world. 
  • I talked to John Maffei from Microsoft about Passport.  I've avoided signing up for passport myself (even going so far as to refuse to activate the eBook reader on my iPAQ because it required a Passport account).  Still, as I've blogged before, Passport, AOL screenname, and the like represent real ways for utah.gov to connect to some citizens. 
  • I stole a t-shirt and packet from ePresence.  Still not sure what they do.  :-)
  • I saw a great demo of an enterprise level IM tool from Communicator, Inc.  As I've blogged before, I think IM could be an important tool in the enterprise---I use AOL IM at work all the time---but I would like to see a secure solution that connects to the Utah Master Directory. 
  • I talked to Brian Armstrong of OneName about their product.  Still can't say I really get it---lives somewhere above authorization services---but its based on XNS which sounds like something I need to spend some time on. 
  • I got a tech-talk from the Netegrity folks about SiteMinder and how it works.  We use it at the state and I now feel like I'm in a better position to make decisions about how and where we use it. 
  • Alex Tosheff from St. Paul Venture Capital is a guy I met at lunch.  Great guy---I got some good ideas on home based computing infrastructure from him.  He introduced me to Jothy Rosenberg of GeoTrust.    Jothy and I hit it off on several levels.  First, his company offers a way to sign things with digital signatures without the user ever having to know about the digital signatures.   Reminds me a little of NxLight, a Utah company.  He showed me a demo of their tool which uses personal information gleaned from drivers records and credit records to ask the user questions as a way of establishing identity so that they can issue a one-time use digital signature.  Pretty cool.  On another level, he's also a former Computer Science professor turned business person.  We talked a lot about academics, how business experience could inform our future roles as academicians, and how theory is important for CS students. 

The best part of the conference is often the stuff that happens outside the conference hall and this was no exception.  The Digital ID World folks did a good job on the more social part of the conference and seemed to recognize this as an important feature.  I'm grateful for a fulfilling experience. 

4:30 PM | Comments () | Recommend This | Print This

Digital Right Management

David Weinberger is moderating a panel on digital rights management. 

Denise Howell spoke about the legal aspects of digital rights management.  She made the point that DRM moves the payment to a per-use rather than a per-copy basis and this changes in fundamental ways, the relationship we have with content providers. 

Bala Vishwanath talked about how newspaper companies tried to discourage people reading someone else's newspaper and failed but succeeded, as a business, by adding coupons, etc. to the paper.

Brad Brunell is the director of trusted platform technologies at Microsoft.  He's the guy whose name I didn't get yesterday at lunch.  He takes abuse well.  Probably a job requirement given what he does and who he works for.  Dave is beating him up a little right now.  The question: why now (for DRM)? 

Ken Kingenstein works for Internet2.   Ken makes the point that analog rights management doesn't translate well into the digital world.  He asks how do we enable appropriate access and use instead of how we control access or protect copyrights. 

Dave makes the point that DRM takes away much of the wiggle room that people have traditionally had with respect to copyright law and makes things rigid.  Brad pointed out that we content providers would have the make a policy that allows that.  I think that this conversation ties in with the quote from Dan Geer I posted yesterday:

If the access control matrix eventually scales out of reach. What then? I submit that where the geometric scaling of access control will kill it in the end, accountability stands ready. This is not to say that I like pervasive, universal accountability, per se, but the only reason a free society works is that you can pretty much do anything though if you screw up badly we will find you and make you pay. Accountability i