Every Client Matters,Every Deed Matters, Every Person Matters

Sales Coaching

Subscribe to Sales Coaching: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Sales Coaching: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Sales Coaching Authors: Brendan Harding, Steve Mordue, Nadeem ahmed, Sam Jefferies, Matthew Lobas

Related Topics: Java EE Journal

J2EE Journal: Article

Can You Play the Standards Game?

Can You Play the Standards Game?

Call me a cynic, but I don't think companies participate in standards development out of altruism. Enterprises are in the business of making their products and technologies successful. In an increasingly interconnected technology landscape, standards are the keys to interoperability.

Applying gross oversimplification, we can identify four types of players in the standards game: leads, coleads, followers, and bystanders. The category within which a company falls typically can hint at its goals in the standards game and can predict its behavior.

Leads need to effect change in the industry. The motivation could be offensive or defensive. Offensive change can help expand the business into new areas. Standards often enable the creation of new markets by gathering a critical mass of industry support and minimizing integration friction. Standards leaders can affect the shape of the future. For the price of heavier investment in the standards game they get the benefits of being perceived as innovators and having the inside track on how to evolve their own products and technologies.

Sometimes platform leaders use standards to simply increase the cost of competition by defining yet another thing that competitors need to comply with. Defensive standards leadership is primarily motivated by one of three forces:

  • Building a coalition against one or more competitors
  • Changing the rules of the game (changing the perception of what is of real value)
  • Stalling the standards process to let internal product development catch up
Coleads are businesses that don't have the power to change the industry themselves but want to place bets on how the future will look. In offensive mode these companies are in the business of quickly implementing standards and sometimes providing value-add on top of them. This is the familiar embrace-and-extend model. More established companies tend to associate new standards with their existing product offerings in a meaningful way. Some startups tend to make standards the key part of their story. Coleads can also use the standards game in defensive mode by attempting to stall the process, just as leads sometimes do.

Followers are often the most altruistic participants in the standards game. These businesses appreciate the benefits that standards bring to products, customers, and the industry as a whole and are willing to help without getting in the limelight. The main benefit followers get is the ability to monitor standards evolution and report back to their product teams. Of course, followers can also do embrace-and-extend. One relatively uncommon type of follower is the spy who listens in on the standards debate and informs product teams that are building competitive technology.

De facto standards consortia, while not standards organizations in the traditional sense (e.g., ISO), provide the stage for the standards development spectacle. The Internet Engineering Task Force (IETF) was the original heavyweight standards body on the Internet. With the emergence of the Web we've started hearing much more about the W3C. Web services brought OASIS and, more recently, UDDI.org and WS-I (Web Services Interoperability Organization), which plans to supply best practices. The Java platform is managed via the JCP (Java Community Process), which is pretty much controlled by Sun. This is an example of how a single company that has some precious intellectual property (IP) often attempts to open the IP to use by others while maintaining control over it. This is typically done via the spinout of a dot-org site. Finally, many standards begin their life as white papers on corporate Web sites. IBM uses its alphaWorks site to stream new ideas and technologies to the public. Microsoft does this via MSDN.

Enlightened or not, self-interest rules in the standards space. The history of the Web alone is full of examples of companies and standards organizations battling for dominance in a rapidly changing environment. What are they fighting for?

What's the Prize?
Web services are fundamentally about connecting, integrating, and orchestrating applications. The Web services architecture supplies rich metadata at every level of the technology stack, making Web services very desirable plumbing for next-generation applications. This is the force driving the evolution of Web services - both the reality and the hype.

Many companies have rushed to provide core Web services capabilities: SOAP engines, WSDL tooling, and UDDI repositories. This is a passing fad. In the long run, few companies will make money on providing core infrastructure. More than a decade ago we used to pay for TCP/IP stacks and there were many companies building them. We no longer pay for TCP/IP stacks and most of these companies are no longer in business. This is how software has evolved - we keep layering abstraction upon abstraction, with every new layer decreasing the value of the layer under it.

Web services aren't an end in themselves; they're tools that will help speed up the inevitable evolution of software. Therefore, what you see in the Web services standards landscape has a lot more to do with the big battles going on in the industry right now than with the Web services standards process itself. These battles are mostly about platform dominance (with the term platform used very loosely). Here are some of the big battlefields I see right now:

  • Core software platform
  • Business-to-business integration platform
  • Security platform
There are others, but these are the three I'd like to spend some time discussing.

The battle for the core software platform is essentially the battle between Java and .NET. At the end of the last millennium Microsoft was behind the eight ball. The Java camp had a much better openness and interoperability story. The focus on Web services was an excellent strategic move on Microsoft's part. It changed the rules of the game. It led to aggressive innovation in an area that essentially erases many of the advantages of the Java platform with respect to connecting and integrating systems. Follow that with .NET and you see how Microsoft has made an excellent jump shot and is well positioned to get ahead in the game.

If we look at history, a company like Microsoft should be able to execute faster than the loosely coupled Java camp on essentially the same set of platform priorities. Sun, behind in Web services innovation since 1999, is just starting to catch up. This is one reason why we see key members of the Java coalition such as BEA breaking away from the pack and quickly moving to independent Web services innovation with WebLogic Workshop (Cajun). The tension between Sun, the owner of Java, and the rest of the Java camp is palpable. A telling sign is that while IBM is a founder of WS-I and most J2EE vendors are members too, Sun is conspicuously absent. This is a dangerous game that's likely to backfire. IBM deserves praise. ITS researchers are working closely with Microsoft on standards development and with Sun on integrating them with J2EE.

The second battleground is for the EAI/B2B platform of the future. Traditionally, integration has been so difficult that it's been a business only for system integrators and high-end enterprise software vendors. In a Web services world the rules of the game change. If connectivity becomes easy, and if there's plenty of metadata to go around, this type of integration will become much more common. In other words, it will descend into the area where platform companies play. Microsoft's product in this space - BizTalk Server - has been selling quite well. BizTalk's orchestration language is XLang. IBM's standards proposal in this space is WSFL (Web Services Flow Language). The two companies have been working for months on integrating the two into a single proposal. Understandably, Microsoft has been resisting some change since they have a product in the market that's selling quite well. Other players have other approaches, but they're likely to get marginalized following a joint MS/IBM standards proposal. If I were the CTO of a workflow or business process automation (BPA) company, I'd start worrying.

Another important area is security, not in the application-centric authentication/authorization sense but in the much broader platform sense. A platform view of security starts with authentication and authorization and adds confidentiality, privacy, trust, and integrity to all interactions as well as federation, delegation, and audit capabilities to the security infrastructure. It's a difficult problem, one we've carefully sidestepped in the Web services space for more than two years.

In early April Microsoft and IBM published a white paper, "Security in a Web Services World: A Proposed Architecture and Roadmap." It's recommended reading for anyone interested in enterprise-quality Web services. Two days before the publication of this paper, IBM, Microsoft, and VeriSign published a revised version of the WS-Security specification that Microsoft rolled out as part of its Global XML Architecture (GXA) in fall 2001.

It's only going to get more interesting from here since the stakes are so high. The real battle is for ownership of the core security infrastructure in a service-enabled environment. The end goal is ownership of identity and trust brokering services, which all meaningful service interactions require. Microsoft fired the first shot with Passport, which prompted the formation of the Liberty Alliance led by AOL, Sun, and others. Pressure from industry forced Microsoft to move from a "we own it all" model to a federated model for managing identity. Microsoft is willing to bet that it can win on an execution game. To that end, the company needs an open playing field. Platform security standards that define how disparate security models such as Kerberos and PKI can interoperate serve them very well. It's also nice that the whole industry will benefit. The ones that will suffer are security companies that are forging ahead with other models to bring order to the mess that's out there right now. My advice to them: figure out how to get involved; you need to be coleads in these new efforts or you'll get marginalized.

The three battles outlined here set the platform context for a number of battles in vertical segments, such as insurance and health care. Traditionally, XML standards development in these areas has focused on building coalitions around domain-specific XML Schema. In a Web services world the schema will be augmented with WSDL service API descriptions and UDDI category extensions that help service providers and requesters hook up.

Learning to Play
What does this mean for you? Well, if you're in no way connected with establishing technology, product, or business strategy at your company, your time would probably have been better spent not reading this issue's column. However, if you're a strategic thinker, you need to seriously consider how you want to participate in the Web services revolution.

If your company doesn't have at least some past deep experience with standards development, you probably shouldn't get in the game until you bring in talent that can help. The process is long and exhausting. It takes a lot of time and energy to drive standardization. The politics can get nasty. And yes, many standards meetings are boring.

Finally, just for the record, I'm not trying to sound like an anti-Microsoft spokesperson. I just think the company is a great case study in how to play the standards game. Watch and learn.

How Do You Want to Participate in the Web Services Revolution?

  1. What are the battles you need to win? Focus on business, not technology/product objectives.
  2. If some battles are related to establishing horizontal or vertical platforms where connectivity, integration, and orchestration of applications matter, you need to evaluate the use of Web services standards.
  3. How does innovation happen? How is it communicated to the rest of the world? How will you switch between innovation and execution? What is the end goal of the effort and how will it fit within the existing fabric of standards?
  4. What do you really need? The perception that something is a standard to eliminate adoption objections or the reality of broadly deployed standards-based implementations so that true interoperability can happen?
  5. Consider how you fit in the industry ecosystem. Do you have the influence and resources to be a standards lead? Can you realistically colead an existing effort? Is it worth your effort to actively follow? How will you handle commoditization brought on by standards? Can you meaningfully embrace-and-extend?

More Stories By Simeon Simeonov

Simeon Simeonov is CEO of FastIgnite, where he invests in and advises startups. He was chief architect or CTO at companies such as Allaire, Macromedia, Better Advertising and Thing Labs. He blogs at blog.simeonov.com, tweets as @simeons and lives in the Greater Boston area with his wife, son and an adopted dog named Tye.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.