The Bloor Perspective: Mobile IDs, Novell does Linux and Adobe PDF mindshare

Does your mobile know who you are? This week Robin Bloor and his team of analyst house experts throw light on that subject, Novell’s open source push and the implications of integrating XML with PDF documents…

Two recent announcements highlight the difficulties and importance of mobile authentication. Each adopts a different approach, coming from two different perspectives. These are an IT perspective and a telecoms perspective. And the question is: Intelligent end point or the intelligent network? Does the device know who you are? With an announcement from Aladdin Knowledge Systems and Pointsec Mobile Technologies comes a traditional 'security equals something you hold plus something you know' approach to authentication. This is directly equivalent to the card plus activation PIN we're all familiar with, the idea being that it's unlikely you will both loose the card and give up your PIN. The difference of course with a mobile device like a laptop is that the network isn't always connected and you still want to authenticate. In this case, the eToken from Aladdin combines with a secure screensaver Pointsec for PC, and the user is only authenticated if the eToken is in place and the correct password supplied. There's no network communication, so the device is secured even when no network is present or required. However there is a Remote Help function so that an administrator can help authorised users to regain access to their data if locked - but how do they know the user is who they say they are? Does the network know who you are? An announcement from Ericsson demonstrates the other side of mobile data security - the telecom perspective. Here, Ericsson has announced support in the Ericsson Service Delivery Platform (ESDP) for the latest specifications from the Liberty Alliance. The Alliance, you may remember, appeared as a response to Microsoft's Passport network identity management system, and Ericsson is a sponsor member, alongside companies such as Nokia, Novell, Sony and Sun. Project Liberty is all about creating, managing and authenticating online identities and brokering services based on information related to that identity. This type of authentication operates as a service on the network and relies on the connection being present. It encourages the use of open, federated identities across multiple service providers, while providing the user with a single point of sign on. While the initial noise from the Liberty Alliance revolved around web services, it's clear there is huge impact in the mobile data world. To make mobile data services operate like a utility requires identities to be managed seamlessly and efficiently. Of course the mobile data world is not made safe by a single product but by products and procedures acting together, backed up by law enforcement and even insurance. The network centric view of it as a utility is too simplistic, as the devices connected are too smart, too independent, too personal. The PC is inherently an insecure device. As enterprises move from desktops and fixed offices to laptops, PDAs and mobile networks, the problems intensify. What becomes important is the ease in which mobile devices are secured and services delivered to those who are entitled to them. Strong security is worthless if difficult to implement or use. IT and telecoms communities must work together to ensure they combine the best of both worlds. Novell and Linux Novell recently announced it intends to put NetWare over Linux in the next point release. This intention is prepared for in v6.5 which is in beta and should be available in the summer. Version 6.5 comes with a bundle of open source products - Apache, MySQL, Perl, PHP, Tom Cat - signalling that Novell has now determined an open source strategy. Novell is providing integration between these products and its own directory, security and management products. However, this release is not all about open source. Novell has added the Novell exteNd application server and development environment (previously SilverStream) in the expectation that customers may want to use NetWare as an application server. The addition of exteNd enables compatible J2EE and web services applications. Another major addition is a ‘virtual office’ capability, which makes the user's business resources available through a web browser. This is a collaborative capability, which enables the creation of virtual teams under the control of users rather than configured by IT. Novell has also improved the server capabilities of NetWare enabling the consolidation of servers into high availability SANs. This includes the configuration of complete failover capability between remote sites. Those are the headline features of the upgrade but of course it includes a deal more. The announcement of a port to Linux makes clear that Novell intends to pursue NetWare by other means. For years, the company has attempted to revive NetWare by the addition of more and more functionality on top of the basic kernel. The value proposition was very strong, especially with its excellent directory technology, but such efforts had to struggle against the perception that NetWare was proprietary and might lead to a dead-end in the medium term. The revised strategy is to port all the NetWare functionality onto Linux, as Linux is clearly not proprietary by any definition of the term, and, like NetWare, is highly stable. This will allow Novell to reposition NetWare in terms of the functionality it delivers and the server roles that it enables. We may even see Novell rename the product and get aggressive about marketing it. It will be good for Linux too. Another Adobe – Microsoft battle looming? We are all familiar with the ubiquitous PDF format used to publish documents electronically. Acrobat has established considerable mindshare amongst surfers with about 500 million users. Adobe Systems has recently announced a comprehensive XML architecture by exploiting its ability to embed other file formats within PDF documents. Putting two key document standards (XML and PDF) together multiplies their individual capabilities. Businesses can use the integration capabilities of XML while retaining the inherent presentation, security and interactivity of PDF. PDF is viewable and printable across the vast majority of hardware and software systems providing a basic level of accessibility that is still emerging for XML. All standard XML tools including Namespaces, XSLT, XPath, XML Schema and XML Digital Signatures work directly with Adobe's XML architecture. Organisations making increasing use of digital documents and now XML in business transactions have raised concerns around the security of these documents and the information they contain. Adobe PDF has long provided the access control and security features organisations need to secure and authenticate documents sent between partners, suppliers and customers. Now these qualities can be applied to XML. An electronic form can be certified with the author's digital signature before it is distributed. When the completed form is returned you can check that the contents were not altered before the recipient signed. Document certification helps establish trust between the parties exchanging the documents. Control of XML documents is also becoming important. Acrobat documents have always offered basic security to control a user’s ability to copy, print or extract content. PDFs can be password protected to control every level of access right. Acrobat tools have always been closely integrated with Microsoft tools - Acrobat can be installed to convert Microsoft documents to PDF in one click. As both Microsoft and Adobe move into the same XML space, there could be potential conflict between the two companies. However, with 500 million users, this is one battle that Adobe is well placed to win. Bloor Research is a leading independent analyst organisation in Europe. You can find out more at www.bloor-research.com or by emailing mail@bloor-research.com.