Adding Omniture to their stack is actually a pretty natural fit. As the graphic from their web site (and reproduced on this blog) shows, there is a major opportunity to tracking and ‘understanding’ consumer behavior. Traditionally, this has been accomplished by logging user actions against typical HTML objects and trying to understand usage scenarios. But, with the advent of AJAX, Flash and richer delivery platforms, it’s become more complex. By incorporating Omniture side-by-side with Adobe’s Flash technology, there is an opportunity to make this simpler.

Of course, this all sounds great on paper. I think the biggest challenge is going to be organizational. Omniture works and thinks very differently from Adobe. And, the creative types (i.e., Flex / Flash) and analytical types tend to think about problems quite differently.

• First In First Out (FIFO) – the idea here is that items get processed in order – the first request is the first to get processed; this is exactly like the line at McDonald’s or just about anywhere else you go. The problem with this approach is that it doesn’t take priority into account.
• Round Robin – this approach works when there are multiple queues, you pull one item from one queue, one from the next queue, etc. For priority, you can use this approach by having a ‘high priority’ queue and a ‘low priority’ queue; this way, both will get serviced over time. Since I travel a lot, I know of a good example of this one: the ‘first class’ line at the airport. Agents typically service someone from the regular line then someone from the first class line then regular then first class and on and on. This approach works fairly well in helping to assign priority, but it’s still doesn’t discriminate between levels of priority, and it can cause a backlog of priority jobs that don’t get serviced in time.
• Priority based – this is an ‘enhanced’ round robin approach. In this case, you assign a priority amount to each work item. Each item in the queue is then sorted based on priority so that the ‘most’ urgent requests get serviced first. Again, using the airport example, this is how airline employees are treated – they get to move to the front of the ‘first class’ line when going through security – ahead of the elite travelers.
• Shorted Job First – this approach sorts jobs based on what can be completed the quickest. It ignores priority, but it does tend to optimize the system so that you can get the most jobs completed over a period of time. By way of analogy, think about standing in line for a copy machine. If 10 people have 1 page to copy and 1 person has 100 pages to copy, it’s most efficient to let the 10 people go first. The problem with this approach, though, is that as more work items come onto the queue, it’s possible that long running processes get pushed back so far that they never get done – essentially aging out.
• Multi-Level Feedback Queues – this approach uses a number of queues which take into account both processing time as well as priority. It can also take aging into account to make sure that a low priority, large job eventually does get completed as its age eventually makes it high enough priority.

As I’ve continued to approach various digital supply chain problems, I’ve been continuously reminded that most of these problems have been seen before in various other contexts. It’s a good idea to make sure that you don’t re-invent the wheel – if there is a good algorithm or approach already being used, leverage it…

Tim O’Reilly, innovator of the term Web 2.0, has already staked some ground on that term, however. Web 1.0, according to O’Reilly, was the first generation of the web for Internet sites, basic e-commerce, B2C, B2B, etc. It gave rise to several giants including Amazon, EBay, Google and others. Then – the bust… Following that time, O’Reilly sponsored a conference entitled “Web 2.0″ – it was more about the resurgence of Web 1.0,  but it quickly took on a whole new term as C2C, social networking and a new slew of technologies (e.g., AJAX) hit the scenes.

So, then, what is Web 3.0? Canonically, Web 3.0 can be thought of as the ‘semantic web.’ In Web 1.0 and Web 2.0, there is data, there are transactions and there are SILOS. Does Facebook know what’s happening on other sites? Does Amazon.com integrate with your iTunes account to provide recommendations? In a Web 3.0 world, that can all be broken down.

I think some of the first foundational pieces of Web 3.0 are showing. Microsoft announced that Facebook and Twitter will be available from within the XBox 360 console. Not integrated, mind you, but a step. And, Facebook’s recent announcement of  buying FriendFeed is another good example. On the technology front, things like RDF and cloud computing will become common.

I know I’m excited… But, as the client and a collegue pointed out – what about privacy issues? Oops. The human factor may get in the way.

We ended up selecting a genetic algorithm that essentially understands ‘good behavior’ vs. ‘bad behavior’ in selecting a ‘good’ solution to the problem being presented. For games, this is a fairly straight-forward problem – decide on the best move against the human adversary following the rules of the game. It did this based on an ‘evaluation function’ that is able to numerically rate a proposed solution.

The algorithm itself then simulates a genetic evolution to match up the very best solutions found to, hopefully, generate the next generation of even better solutions. (The details are somewhat too complex to describe here, but generally, you just need to focus on creating an evaluation that is able to rate options – all the hard work and intelligence is already coded into the algorithm itself.) In the end, our AI was considered among the very best developed for war-games (at least based on feedback from players in that fairly niche area).

To help bring in additional revenues during that time, I was also doing some outside consulting work. And, we were able to apply the same AI approach to a ship scheduling (i.e., supply chain) problem for the petroleum industry. The reason why you use this type of algorithm is that it is able to develop approximations of a great solution in a short amount of time while still being flexible to appreciate new variations to the problem (for example, the customer is this case was able to add in new ships or new pickup opportunities to perform what-if analysis – as well as insert new rules about profitability vs. customer satisfaction, etc.)

What got me thinking about this recently was some work we are doing for a client in the areas of digital supply chain. Just like the real world, when you are doing content processing from step-to-step, there are some real resource constraints that you should be aware of. From a human perspective, you have to balance the use of QC resources, touch-points for approvals, manual tasks (such as encoding a video or other master material into digital form), financial approvals, etc. On the computing side, you are potentially talking about huge amounts of disk and CPU resource utilization that can quickly translate into expensive infrastructure. To help optimize these resources, the application of AI is a great solution; and, a genetic algorithm specifically, is a nice fit to the problem since it can so easily be expanded with new influencers as well as adopt to variations in the type of content being processed (i.e., music vs. video vs. gaming, etc.)

So, while the emerging area of digital supply chains has different issues than traditional supply chain problems, let’s not forget to incorporate the lessons learned and optimization approaches that we’ve relied on for years.

As part of our investigations on how best to implement these platforms, we’ve been looking at learning management tools and learning content servers. Most of the off-the-shelf variety of education specific content tools support several standards including SCORM (Sharable Content Object Reference Model).

SCORM is actually a standard that comes from the Department of Defence (not Education?) under the Advanced Distributed Learning (ADL) initiative that was started in 1997. As you can imagine then, numerous government agencies are heavily using SCORM including the armed services, the FBI and many others.

So, what’s the problem with SCORM? Well, as you can image, standards by their very nature tend to be made to solve general problems instead of specific problems. Here are some issues as I see them today:

1) SCORM is effective for non-evaluative content (i.e., learning materials) but it is lacking in evaluative content (i.e., drills and assessments); for example, SCORM does not support short-answer or essay questions as part of an assessment How could you use this for K-12 or higher education without this support?

2) SCORM not only defines the content, but it also includes some presentation-specific scripting within the learning objects themselves. Anyone who’s had to deal with separation of data and presentation logic know how painful it can be if the core material is merged. This would be like storing HTML code in your database so that you can present it to an end user’s browser. If you then wanted to support, for example, an iPhone – you would have to parse through that HTML and provide a new look and feel. That’s a lot more painful that just parsing through core content.

3) Overcoming SCORM limitations requires some pretty significant – and non-standard – approaches. For example, most vendors suggest the use of custom developed Flash objects or other types of rich media for content or questions that can’t be supported by the standard.

4) Like any other standard SCORM progress is slow and it can be implemented with proprietary extensions by any vendor.

The most recent version of SCORM (2004) was released in March of this year. While they have added in some nice restrictions, they have not addressed fundemantal problems that would allow SCORM to become more of a universal educational language. That’s really too bad. As I wrote in my blog previously, I think the Federal CTO should be leading the charge in things like SCORM so that we could build a real platform to support education across K-12 and universities. I’d love for major book publishers, schools, teachers, etc. to all speak the same core language and instead of focusing in on technology focus in on the learning content and teaching our kids.

1. “[The CTO will] ensure that our government and all its agencies have the right infrastructure, policies and services for the 21st century. The CTO will ensure the safety of our networks and will lead an inter agency effort, working with chief technology and chief information officers of each of the federal agencies, to ensure that they use best-in-class technologies and share best practices.” I’m not sure who could be against that, but having seen this attempted within MUCH smaller bureaucracies, I’m not sure how Mr. Chopra will be able to accomplish such lofty goals.
2. “The CTO will have a specific focus on transparency, by ensuring that each arm of the federal government makes its records open and accessible as the E-Government Act requires.” If you click the link, you can enjoy the 72 page E-Government Act of 2002. It’s mind boggling and references back to numerous other laws. Some basic research shows that it’s been very slow in implementation.
3. “The CTO will also ensure technological interoperability of key government functions… [so] we do not have a repeat of the failure to deliver critical public services that occurred in the aftermath of Hurricane Katrina.” Again, this is admirable, but I’m not sure that national disasters can be overcome by IT. Think of what 9/11 did to the phone systems of NYC. Anyone who has been in IT long enough knows that when an unexpected peak in activity occurs against systems – they just can’t handle it and they crash. Unless you are looking to spend enormous sums of money to anticipate those extreme peaks, you have to accept that there will be system failures. It seems that the CTO should focus more on disaster recovery than interoperability.
4. “In the 21st century, our economic success will depend not only on economic analysis but also on technological sophistication and direct experience in this powerful engine of our economy. In an Obama administration, the government’s economic policy-making organizations and councils will include individuals with backgrounds in our technology industry.” Good. However, this particular CTO is a government veteran, not an industry veteran.

Overall, I think it’s great that Obama has appointed the first Federal CTO. And, from the sound of all the adulation, it sounds like Mr. Chopra is a good candidate. But, I wish that his mission was founded more around innovation instead of bureaucracy.

For example, I would love to see a more ambitious plan for school and education around technology. And, I don’t mean putting in the Internet. (We all know that anyone can blog and say anything on the Internet – hehe). What about using tools like RosettaStone, the language instruction software for helping to teach languages? Or, how about adaptive testing mechanisms that help address specific areas where students need to learn better? Or, how about advances in digital books / textbooks so that cost efficiencies can enable more children to have the latest books?

Let the Federal CIOs worry about infrastructure, interoperability and the like. Let’s bring in a real CTO position that drives innovation, efficiency and the kind of new thinking that can partner with private companies to really push the effectiveness of government.

• First, what this means for the database market. Oracle is the market leader in the Enterprise database space with it’s Oracle RDBMS. Of course, there is competition from IBM (DB2) and Microsoft (SQL Server). But, now that Oracle will get MySQL as part of the Sun prize, there is a rather interesting puzzle about what they will do with it. Perhaps we will find Oracle “light” or perhaps they will provide an update / migration path. Or, perhaps they can add some of the clustering support to it that would lead to a very serious blow to SQL Server. In my opinion, this is most likely bad news for Microsoft while I suspect DB2 will be uneffected.
• Second, Java. From its acquisiton of BEA, Oracle has built a rather impressive J2EE stack from portal to SOA middleware to services registry to RDBMS. By adding in Sun, they gain that much more credibility. This one is a direct blow against IBM since it really steps up their presence as a true comprehensive solution for anyone serious about J2EE. (IBM, of course, will continue to dominate J2EE for mainframe shops – but that is a shrinking market).
• Third, the open-source marketplace. Oracle is lagging behind IBM significantly in the open-source space. And, Sun had made a recent push to head that way themselves. Not only does Oracle now pick up MySQL, but it also picks up Glassfish, OpenESB and other projects owned by sun. I think this is going to potentially be a huge boon for Oracle, especially in the services area.

Overall, I think this is a great move by Oracle. It helps to marginalize some of Microsoft, it allows them to better compete with IBM and it brings them into the modern open-source space.

Again, how that all works its way out is still unknown…

Now, my colleague proposed that using something like Android could also help in the convergence of entertainment content such as music, games, etc. between mobile devices. After all, a notebook running Android and a mobile phone running Android results in the exact same applications running on different form factors. This extends the potential consumer based beyond just T-Mobile phones.

This got me thinking, though.

As an iPhone user, I often “defend” the device against offerings from other companies. For example, the Sprint Instinct and Rumor phones are mighty capable. But, for me, the secret sauce of the iPhone is entertainment connectivity. Regular readers of my blog – or those that have to endure my opinions in person – know that I’m a big advocate of digital libraries. While Apple hasn’t implemented Utopia, it’s the closest thing there is yet. iTunes provides a computer based digital library that I can use to stream across my local network, sync to my portable device and use on the primary computer as well. The iPhone then, is really just a delivery device (although is a really sleek, cool package). I haven’t seen such a compelling offering anywhere else (though the Kindle is getting there for books).

So, other than bragging that I have an iPhone, what does that have to do with Android and Notebook computers? Well, the problem to me comes down to digital libraries and distribution. Running Android on the notebook doesn’t have anything to do with that. How do I download music onto my Android phone? How do I get games? How do developers deal with the multiple form factor? A platform company (such as Google – who makes Android) working with a hardware company (such as HP – who makes the notebook) is missing the key bits: an application store with 10,000′s of interesting applications, an entertainment store with 100,000′s of music tracks, a video store with 1,000′s of TV episodes and movies and a suite of SDKs. Of course, you also have to figure out the DRM part of the equation – otherwise good luck getting movie studios to provide compelling content.

Some quick thoughts:

• As for music and video, until Android can figure out DRM – this is a non-starter. Unfortunately, DRM and open-source just don’t mix. Perhaps this will require a proprietary extension like what JCA enables for Java applications.
• For games, ditto DRM, but more importantly, where are the strong development tools (like what Microsoft has done for XNA) to support multiple device properties (e.g., video screen size, physical controls like a mouse, etc.) while leveraging a mostly consistent code base? (For those not familiar with XNA, it does a good job of creating XBox and PC applications from the same code base – you only really have to differentiate the development of the application for device specific qualities. In theory, this works for Zune applications as well, but I haven’t been able to test this out myself).

With all of that said, I think HP would be better served to look at Android as opposed to say Ubuntu Linux. But, it’s not the operating system that’s exciting – it the content, the distribution of content, the availability of content and the compelling experience (device, content and platform combined) that makes all the difference. I think there is an amazing opportunity for someone to take this spot – perhaps Google or HP are already thinking about it… Hmm…

For those of you not up on your Payment Card Industry (PCI) security standards, it’s a set of requirements that merchants who accept credit cards must meet in order to continue accepting credit cards. Generally, these include IT best practices (such as keeping software current and loaded with anti-virus), protecting sensitive data (such as encrypting credit card #’s) and keeping all facilities physically protected. The requirements are segmented into 12 overall areas with over 200 sub-requirements. Over the years, these requirements have been generally lauded.

The Homeland Security hearing was an open discussion on the effectiveness of these standards. Having had a hand in helping to PCI certify a number of clients (and act as primary architect for them), I understand how basic these really are – and I understand how easily they could be thwarted. There is a strong recommendation by the panel to supplement these requirements with an equally strong push back from retailers to not further burden them. (For example, the CIO of Michael’s talked about requirements that all employess sign an attestment to their understanding of the security requirements. This doesn’t make sense for seasonal or transitory retail workforces.)

I’m a strong advocate for more intrusion detection at the system level. But, I suspect fraud mostly occurs at the human level – like most major security breaches. As we continue to fight the overseas contingency action (formerly known as the Global War on Terror), we need to not only protect the economic viability of individuals but the overall safety of our country. So, what can we do to help enforce security?

I think the best solution is to mandate that all payment processors and banks return authorization tokens whenever a credit card is accepted at the point of sale (either on-line or in-store). The retailers should NEVER have to keep credit card information on file (either encrypted or otherwise). In the case of chargebacks (i.e., returns or customers refusing to pay the transaction), the retailer should only have to supply the authorization token to prove that the transaction took place. In 2006, we took this approach with a major on-line retailer using the token service provided by CyberSource. It was more expensive, but it made PCI certification a snap.

The big advantage to this approach is that the retailers don’t have the burden of all the PCI requirements. I’m sure that many of them fail to detect intrusions and/or keep a sufficiently secure environment (including employee hands-off!). Only the payment processors or banks would need to keep the secure environments, and, in the case of breach, only one company would need to understand the scope of the intrusion to alleviate the economic exposure.

Thanks to Steve Perlman (notice how he spells it incorrectly ), founder of OnLive, there might be a glimmer of hope for the video gaming industry, at least. OnLive streams video games over the Internet so that it’s actually playing back on the OnLive servers instead of your device in your living room. Say goodbye to the PS3, XBox, Wii or PC? Probably not quite yet, but such a mainstream offering for major titles is quite interesting.

Of course, there are going to be some major challenges to this. I quite agree with Richard Leadbetter who wrote an article for Eurogamer. In it, he questions the practicality of the service in its ability to scale. 1 million gamers sucking down 50+ FPS at the same time is a scary thought to anyone who has experience building large systems. (From my own personal experience, I was able to build out a system that supported 50,000 – 100,000 concurrent users. It was quite a task!)

But, I do think that Perlman has the generally right idea — to enable buy once, play anywhere, we really need to be able to build out digital libraries that can be streamed (and/or downloaded) to devices that live at the edge of the network. Buy a video game (or movie) once, and then stream (or download for offline use) onto the individual devices. Sadly, at the same time that Sun Microsystems is being bought by IBM, the dream of ‘the network is the computer’ may finally be seing mainstream America.