The first part of this presentation covered off much of the same material as in the keynote this morning using the Lotus Mashup Manager, but with a few more real-world examples of what some companies were using mashups for.
The second part looked in more detail on how to help to make them more effective, and more secure, in the enterprise.
On the effectiveness part, they discussed the IT central vs self-service vs hybrid models. For Mars, probably the hybrid model would work best: have a Centre of Excellence team to deisgn, build and document the widgets, then make them available for users to mash as they see fit.
For security, the Mashup Manager allows admins to set permissions on a "per feed" and "per field" basis, to ensure sensitive data can be excluded from mashups. It is also possible to track usage for auditing as well as utilisation purposes. The tracking/logging is in a very raw format, which might seem odd but it's acutally deliberate - you can pull the tracking data into a mash-up. ;-)
I'm sure there's definitely a place for mashups with us - bares much closer investigation.
Subscribe to:
Post Comments (Atom)
Posts
6 comments:
Are they explaining why Lotus products are any better than any other companies? What is their USP?
Hmm, their USP right now is that no-one else is really in the market! It's not that no-one else can create mashup applications, it's the way this tool allows end users to create their own mashups with no coding and publishing that mashup into the corporate catalog. There's also community functionality built in to allow rating and so forth. Think of it as users creating mashups instead of spreadsheets, but being able to share and reuse those components while also pulling live fresh data from the master data sources as well as publically available sources.
Very true.
But, the other side of the USP (in preference to writing a custom scraping tool or similar) is that it can be integrated into the Domino security model. So, you can grant or revoke permission to use a mashup, or to see certain data, based on permissions in the directory.
Ok so the security side I can see, is this somethign thats controllable with soemthing like AD group membership or specific within the product?
I'm basically trying to understand what we get ;-) Otherwise we could point people at web based mashups (google/yahoo and a billion startups). So is it the fact you can control it with your enterprise directory and base it on your local LAN/WAN so have permissions to other data - i.e create a mashup between Mecury and SAP with the GTS able to give permission to those data sources?
Absolutely. The value to the enterprise is the ability for a user to pull data from the corporate systems (think Site information from the Units DB, Inventory information from SAP, and Sales information from the Daily Business Report), mash those together along with an external mapping source and create new business applications.
To use the publically available mashup tools we would need to securely enable web services onto the public internet, and that's something I don't think we're ready to do yet! Like I said, the other benefit is that the tool is targetted at our user population so you don't have users visiting multiple different internet based mashup sites and reinventing the wheel
From what I've seen, yes, the security is controllable (at field level and/or data source level) is driven by the Domino directory.
That said, IBM is pushing toward LDAP based directory independance, so if AD was the authentication source, then the security would also be AD based.
The security on data is driven by the data owner/widget creator. On the mashup itself, it's dictated by the mashup author or admin. As you'd expect, most restricitve permissions apply, although I would assume a mashup where the user did not have rights to see the underlying data feed would either return nothing, or behave unpredictably.
Post a Comment