Evolutionary in Technology, Revolutionary in Impact
Network innovator Ken Klingenstein weighs in on the
internet then, now, and tomorrow.
Internet2 Director of Middleware and Security Klingenstein: 'One of our consistent shortcomings has been to underestimate the success and the impact we were going to have.'
Ken Klingenstein has led national networking
initiatives for the past 25 years. He served as
director of computing and network services at
the University of Colorado at Boulder from
1985-1999, and today, Klingenstein is director
of middleware and security for Internet2. Truth is, this networking
innovator has participated in the
development of the internet from its
inception, and admits he's had one of
the best seats from which to watch the evolution of network
infrastructure and applications. Here, Klingenstein shares his
experience and identifies new trends that higher education IT
leadership needs to be ready for.
What are the major changes or consistencies you've seen
in the development of networking, over time? A significant
change that has accelerated over the past couple of years is the
move toward tactical thinking and away from strategic thinking.
This is a challenge we have to deal with as an inventive, collaborative
community. There's been pressure to cope with the consequences
of past innovation, so we really can't think about escaping
into new rounds of innovation. An example: our inability to control
spam and other network problems. We're working around the
edges on these issues, trying to respond tactically, partly
because, as a community, we are shifting to be more tactical than
strategic, and partly because we're dealing with the extensive
embedded base that we've created.
And constant throughout the past 25 years is the struggle
between developing infrastructure and doing things in an ad
hoc fashion. Sometimes people just want to solve the problem
that they are facing, and the fact that their solution doesn't
solve a broader class of problems and won't scale to a largeruse
community may be lost on developers who don't want to be
dependent on anything external.
But another thing that hasn't changed is the drive within the
higher ed community to innovate and do good. It is stunning to
me that 25 years later, there still are very bright people working
in higher ed who are making one nth of the salary they could make in the corporate sector. The combination of being
able to execute properly and having motives that are genuinely
for the greater good seems to be a staple for higher
ed, and that's breathtaking to me.
In the development of the internet, what were some of the
good choices made along the way? First, we picked the
TCP/IP open standard for networking. It was critical to choose
an open source instantiation of the internet, versus something
that would have been proprietary.
And we made the access to the contents of the network
"flat"--directly accessible without any kind of vetting
process or structure. In the early '90s, we moved from the
hierarchical, gated model of Gopher for information discovery,
to the World Wide Web, with its ability to cross directly
to another site and another content. That was a
fundamental move toward democratization of the network;
a pivotal point in the history of the internet. A second pivotal
point was the move not to charge on a per-bit basis.
Those were important design decisions, done right.
Another good decision, made just in the last few years:
the idea that people need internet identity. I've been working
with Shibboleth, where we
allow a person to use his or her identity in the context of an
employer, a university, etc., and leverage that identity for
use in other instances. The federated identity piece is being
done right, respecting the right values, and we're creating
new infrastructure for layering on top of the internet.
At the same time, in the internet identity space, there's
another set of efforts going on, saying, "We'd like to create
some type of identity mechanism that will be independent of
your work and everything else." It's a peer-to-peer trust environment,
with mechanisms emerging as we speak, coming
from a variety of places. It's likely that within a year or two, the
two [identity mechanisms] will be integrated.
The people creating the next generation of internet are
looking at what they call trust-mediated transparency, so that
we get back to the transparency that will allow innovation.
What are a few more challenges, going forward? Over the
past 25 years, we've seen that rich technologies tend to
highlight how poor [some] policies are. [In other words,] we
end up creating a lot of "disruptive" technologies. But the
trick is for businesses to make a market with the new disruptive
technologies, rather than stifle them.
One of the challenges particular to higher ed is [our need]
to have security and privacy at the same time. [We need to]
preserve privacy because it's a fundamental academic value,
and at the same time improve the security environment of
campuses. Security, more than anything else, is what was
not envisioned 25 years ago in the internet--an example of
our values of openness and our naivete about the consequences
of success causing challenges down the road. In
fact, one of our consistent shortcomings has been to underestimate
the success and the impact we were going to have.
Another new challenge: the need to make a business
case. People want to see a business plan that could create
new marketplaces within five years. For example, in the federated
identity space, campuses want to understand what
the benefits are, on a cost basis. We've gotten traction in
federated identity largely by exhibiting the reduction in help
desk calls and the reduction in user support costs in general.
Even if that's not why we're doing it, we need to be able
to explain the economic benefits of what we're doing, in
order to gain support.
What are today's most important trends in network infrastructure
and applications? What should we prepare for,
in the next five to 10 years? One of the ways the internet
succeeded in its early days was through the "unimpeded
wire," also known as transparency. That meant that the two
folks on either end of that wire could invent whatever they
wanted to, because they had a direct connection. But that's
changed dramatically. There are now network address translators
in every cable box, in houses, etcetera. It isn't a transparent
network anymore, so innovation can't happen as it did
early on. A major theme of the next five to 10 years will be to
securely reintroduce transparency back into the network. The
people creating the next generation of internet are looking at
what they call trust-mediated transparency, so that we get
back to the transparency that will allow innovation.
And dynamic network capabilities are going to be an
important theme. There's a new class of collaboration
among scientists that radically changes the pattern of traffic
flow that we've seen in the internet so far, and introduces
a burst of traffic unlike anything else. Think of a hundred scientists
wanting to have access to two petabytes of data,
and they all want it now. That's going to require us to create
a new dynamic capability for provisioning network
capacity, [in order] to enable this kind of massive burst of data and a limited high-performance mesh capability on the
internet. The radically new capability may not even be
TCP/IP, when we get done with it.
Also, we're going to have to learn how to manage privacy
in an international world, say, when a user in the EU
wants to come to a protected wiki at a university in the US.
We have to learn how to handle privacy and security on a
global level. And we're just beginning that climb.
Finally, the whole social networking phase that we've
gone through, as unplumbed and chaotic as it has been--with Flickr, del.icio.us,
harbinger of the rise of sharing and
content on the network. But it was
done in an ad hoc fashion; we're going
to need to add some rivers of consistency
across the vast space of collaboration
applications that are being
provided to us.
Given all these areas for development,
will there need to be a more hierarchical
structure to internet applications?
How will all of this change be managed?
As you engage in collaborative
applications going forward, there's not
going to be an uber-app; one application
sitting on top that controls and presents
everything. Instead, you're going to wind
up using a bucket of apps. And you're
going to want to have some consistency
across those apps. Users will need a consistent
search experience, for example, so
that the commands that one uses to manage
a search in Google are similar to those on the desktop.
[Other examples are] consistent metadata
and digital objects.
Last, there is the problem of an
embedded base. There was a parable I
heard about 15 years ago when, as a
community, we were debating some
changes to TCP/IP that eventually
resulted in IPv6. During
the debate period, there was a lot of tension
among various ideas being floated.
And I remember one day, a newspaper
reported that there was a big clash of
"intellectual titans" going on. One of the
titans happened to drive his car into a
repair shop that day, and the mechanic
said, "Isn't that you in this newspaper
article?" The driver said, "Yes, that's me."
And the repairman asked, "What's so hard about all this? It's
like you're just going to take out the spark plugs and put in
new ones, right?" The driver's response was, "Well yeah, but
try to do that with the engine running." That illustrates our
challenge right now: We have a lot of embedded infrastructure
that's built one way. And we're trying to add security, privacy,
and a consistent set of experiences. But we can't stop
the engine while this is happening. This has led us to look for
approaches that are evolutionary in technology and revolutionary
in impact. That's a tough bill to meet.
Ken Klingenstein will present the opening keynote, "Leading in
a New IT Environment," at Campus Technology 2007 in Washington,
DC, July 30-Aug. 2.