Archive for March, 2010

The Value is in the Glue

March 6, 2010     |     posted by gluecon

One the recurring themes I keep seeing is that the adoption of cloud computing is being driven by our current sucky economic circumstances. I don’t disagree that the macro-economy is a *contributing* factor in cloud adoption, but I really don’t think it’s the primary driving factor. Rather, I think cloud adoption is part of a much larger, much longer IT cycle.

Anyone remember Application Service Providers from the late 90′s? ASPs were a big deal. They were gonna change the way business did business. And then the dotcom bubble burst. And ASPs quickly hit the dustbin of history. Well, kind of. emerged from those ashes, and somewhere between 2002 and 2004, we saw the first real ASP success story happen.

Could it be argued that this was all dependent on the macro-economy? Yea, I suppose so. I mean – dotcom bust, recession, emerge from recession in the 99 to 2002 timeframe is the exact timeframe for the founding and early growth of But it seems to me that there were bigger forces at work (no pun intended).

People, as in non-IT folks, began realizing that they could just purchase “seats” on Gartner has called it the “consumerization” of IT – a huge sweeping change, wherein mainstream technology adoption had “normal people” (non-IT pros) thinking they could just “download” something (or browse to something) to accomplish what they wanted. By 2005, IT departments everywhere had started to wake up to the beginning of this nightmare, where software as a service was being purchased “haphazardly” by lines of business level personnel. In other words, the purchasing and maintenance of enterprise software had been decentralized.

Of course, that wave of decentralization is still sweeping across IT. But it was in that context that “cloud computing” rose to prominence within IT departments. Which is to say that it wasn’t simply a “we can save money” or “screw CAPEX” decision. It was a reflection of a decentralization of the IT department that has been in the offing for over 10 years (in force).

The “cloud” is the natural evolution of the decentralization of the complex system of enterprise IT. That evolution drives a commoditization of every point on the “value chain” — i.e., it drives value further and further up the chain. The value in IT used to be in the hardware, the mainframe. Then it was the OS. Then the platform and database. Commoditization — which is really just the cost of computing cycles dropping over time (while increasing in efficiency), Moore’s law — drives value further and further up the stack. As that drives us toward the application level, moving IT departments into “the cloud” was a completely rational occurrence.

How far will it go? Farther than any of us think it will, I’m sure. I remember a hallway conversation I had with Jamie Lewis (then CEO of Burton Group; now Gartner) back in 2004. I raised the idea of “identity as a service.” He said he didn’t think enterprises would ever put their identity data on someone else’s server; too risky. Of course, I countered with getting people to put *customer* data on someone else’s server. Now, I don’t know that we’re fully to “identity as a service” yet; but the movement seems inevitable at this point (and it’s not that Jamie was “wrong,” so much as that neither of us could imagine the cloud world that was coming).

Cloud Computing is not simply being driven by economic factors. Cloud Computing’s rise is part of a much larger cycle — one that’s been happening for decades. In that context, it’s probably instructive that we keep our eye focused on where the value will land — not in servers, or storage, or processing cycles, or even in applications themselves. Just as with email, the internet, and cell phones — the VALUE is in the connection. The value lives in the space between the servers, storage, apps, people, data and networks.

The value is in the glue.

The Security Glue for the Cloud

March 3, 2010     |     posted by gluecon

If you look across the agenda of Gluecon, you’ll actually begin to notice several horizontal themes that include (but aren’t limited to): APIs, NoSQL data models, connective protocols, frameworks/providers, and identity. The themes share a common thing: they (wait for it…) “glue” the cloud together (at various points in the stack).

Being an old identity guy (from way back when, you know, like 2000), I’ve always believed that identity is the driving factor for any real “security.” And so it was with great pleasure that I read this piece over on ReadWriteCloud, wherein they refer to Matthew Gardiner’s presentation, “Identity as Security Glue for the Cloud.” Now, Matthew’s an old identity guy too, and CA’s pushing big into the Cloud space, but it’s his choice of that one little word that intrigues me.

You see, “Glue” might sound like some cutesy little marketing name for a conference, but in reality it’s not. Glue is a descriptor of what the things we talk about at Gluecon *do*. Whether it’s APIs, new data models, activity streams, OAuth,, web oriented architecture, OpenID, Facebook Connect or SAML (that’s the “Security Assertion Markup Language” for all of you non-identity folks out there), they all perform an essential function — they GLUE things together (people, identities, data, apps, etc). So, it’s no coincidence that folks like Ping Identity are participating in the Glue agenda.

And I hope that it’s no coincidence that Matthew chose that one little word for the title of his presentation. (CA, are you listening?) ;-)

Coming at the cloud through the prism of “Glue” provides a unique perspective on the problems, hurdles, challenges and benefits of the “post-cloud” world.

As always, I hope you’ll choose to join us.

The Dynamic Points in the Cloud

March 2, 2010     |     posted by gluecon

I continue to work on Gluecon’s agenda (I’ll work on getting a new version up this week), and as I do, I always keep a glance reserved for “what the other guys are doing” (what’s going on at the RSA Security Conference, for example). And you know what’s becoming obvious? The “heat” in this space lies at the point of intersection. In other words, it isn’t “ooh I can store something in the cloud” that’s important, it’s when that thing you’re doing in the cloud has to move, or touch something else, or interoperate, or send/receive API calls — the point of intersection; the act of interaction — that is where all of the meaty, fun, gnarly stuff lies.

Take, for example, the Cloud Security Alliance’s announcement about a “Trusted Cloud Initiative,” that’s all about intersecting and interacting. Or the work going on over in the Cloud Audit group, same thing. Or the work going on around activity streams, OAuth, webfinger, or the Twitter streaming API — all about the point of interest being the point of intersection and interaction. Call it the dynamic points in the cloud. These aren’t static clouds, or simple storage clouds, or web apps that interact with nothing in the cloud.

In fact, it’s not the “cloud” per se that’s interesting. It’s the things interacting in or via the cloud. It’s the layer of web infrastructure that “glues” all of this stuff together. ;-)

Yea, I’m talking my own book now, but c’mon! Don’t settle for the static cloud, when you could dig in, build, learn and educate at Gluecon. I hope you’ll join us.