Ensuring trust in Web services

I think everyone in the high-tech industry was a bit surprised by Bill Gates' recent memo to his company - surprised that it wasn't written 10 years earlier. Still, I suppose it's good news that Microsoft will finally begin to focus on building "trustworthy" products.

The bad news is that the occasion wasn't used to deliver an entirely different message. Well, not entirely different - it could still use the word trustworthy, though in a much broader context.

Microsoft is clearly concerned that its Web services initiative, called .Net, won't get off the ground if consumers can't trust the company's products. That's only half the story.

Consumer trust is indeed vital to the success of Web services, but so is having the trust of other service providers and software vendors.

Every major technology company envisions a future in which new Internet-based services will interact seamlessly (often without human intervention) to make our jobs and lives easier. The benefits of such services are innumerable and the potential market unbounded. But to work, these services can't be tied to any single company or platform.

The beauty of working in an open, multivendor framework is that software developers and service providers can target a much broader market to create services that can be delivered to everything from PCs to PDAs, from mobile phones to automobiles, and even to devices that have yet to be invented.

The value of those services is multiplied by the way they interact with one another, setting off a chain of electronic events at just the right time and place, reaching across multiple platforms and networks.


Read Microsoft's response, by Brian Arbogast, vice president of .Net Services
The clear need for cooperation accounts for the growing popularity of the Liberty Alliance (launched in part by Sun Microsystems), made up of a diverse group of companies that includes makers of automobiles, computers, home electronics and wireless phones, as well as providers of credit cards, transportation, communications and online services. Together, these companies represent more than 1 billion customers.

The Alliance's aim is to come up with an open standard for the following three things:

-- Identity, so businesses and consumers have a common way of referring to one another.

-- Authentication, so everyone has a good way of confirming that people are, in fact, who they say they are.

-- Authorization, so people can actually use the services they've signed up for.

Having a single, open standard will make that whole process easier to manage. The alternatives: multiple proprietary standards, which would mean huge overhead and interoperability problems. Or a central authority, which would mean a single point of failure and control, which no one wants. No one who really cares about security, anyway.

The many companies in the Liberty Alliance want to do this the right way, so they can create new services that will work with one another's existing services.

Just as important, the Liberty standards will enable people to administer their own personal profiles, preferences and permissions and securely share that information with the organizations they choose.

Microsoft, with its proprietary Passport identification system, is trying to leverage its monopoly in desktop operating systems to become the repository - and sole guardian - of vast amounts of personal information.

But if Microsoft is really serious about its new commitment to security (to say nothing of open standards or the right of individuals to control their personal information), it should abandon the monopolistic, single-point-of-failure Passport system and join the Liberty Alliance.

Scott McNealy is CEO of Sun Microsystems.

Join the newsletter!

Or
Error: Please check your email address.

More about Liberty AllianceMicrosoftTransportation

Show Comments