Managing By Wire
Chained Melodies
The Well-Preserved File
Banning Broken Links
Managing By Wire
By Rowan Dordick
With the growth of e-business, few companies can risk the lost productivity — not to mention lost business — resulting from problems with their information technology (IT) infrastructure. Unfortunately, IT solutions and services for keeping an online business up and running tend to be priced out of reach for very small businesses — those, say, with 5 to 100 PCs. A more affordable solution suitable for many small- and medium-size businesses has recently been introduced by Tivoli Systems, Inc. — an IBM company that is a leading supplier of systems management solutions. The new product, called Tivoli® IT Director, enables full-function centralized management of a company's PCs over a network. Yet it, too, is out of reach for very small companies, especially when the expense of an in-house administrator is factored in.
But now, help is on the way, thanks to a team led by Steve Welch at IBM's Almaden Research Center. Working with Tivoli, the team extended IT Director, making service affordable even for companies with a single employee. "The idea," explains Almaden researcher Dejan Diklic, "is to provide remote management services over the Internet for a small monthly fee, with the necessary hardware and software provided by IBM."
"By enabling a service provider to remotely manage small businesses via the Internet from a single IT Director server, this technology also creates new outsourcing opportunities," says Welch.
The solution includes special code that enables Tivoli software to interoperate with a service gateway — a small, or "thin," server located at a company and connected to the client machines by a local area network. "This gives remotely located systems management specialists the same level of control over the client machines as if they were sitting in front of them," says Diklic. The Almaden extension enables a remote IT Director server to manage distributed small business client machines connected anywhere on the Internet. "This is accomplished by virtue of software that enables IT Director to establish secure communication channels through the service provider's firewall to the thin servers in multiple small businesses," says Almaden researcher Roger Williams.
Once connected through the service gateway via a secure Internet connection, the service provider is able to see and control the screen on client machines, change network settings, install and update software and respond to system messages. These functions can be performed on demand or in response to error messages received from the client machines without the need for the user to be involved.
A pilot program targeted for small business outsourcing recently got under way in Madras, India. "Our goal is to gain real-world experience in an environment in which the IT industry is undergoing exponential growth," says Welch.
Ultimately, says Diklic, this approach to systems management could benefit any company. "It's a perfect candidate for a help desk solution, and it would allow a company's IT staff to proactively meet the service needs of their customers without any specialized network infrastructure."
www.tivoli.com/products/index/it-director/
Rowan Dordick is the editor ofThink Research.
Chained Melodies
By John Lehmann-Haupt
The ability to replicate and transmit digital audio files with absolute fidelity is revolutionizing the distribution of music. At the same time, however, it's creating a major headache for the music industry. "In the last year and a half or so, the industry has been hit by two developments," says Jeffrey Lotspiech, a research staff member at IBM's Almaden Research Center. "The first is low-cost recordable CDs and recording drives, and the second is MP3 — the protocol for compressing music files so that they can be easily distributed on the Internet."
With the help of free software provided by Napster, Inc., which makes possible the location and unrestricted downloading of any desired song in the personal computer libraries of all of its users, MP3 has become so popular among students that stores in college and university towns have already reported dramatic decreases in sales volume. Although the Recording Industry Association of America is already engaged in legal proceedings aimed at obtaining an injunction against Napster for copyright infringement, similar systems are emerging that are less centralized and may prove even harder to pursue through legal recourse.
"It is of paramount importance to the music industry that it acquire the means to offer the consumer an equally convenient, yet legitimate, alternative to Napster-style services through online retail outlets, but with full copy protection," says Alan Bell, director of digital media standards and commercialization at Almaden. "Without the technology to ensure compensation to creators and distributors, there will be little motivation to continue to produce new music."
And now, with the imminent debut of DVD (Digital Versatile Disc)-Audio, the industry has even more at stake. DVD-Audio is a new disc medium with the capacity to offer either two channels of superhigh fidelity sound (24 bit sampling at a rate of 192 kHz, compared to the CD standard of 16 bits at 44.1 kHz) or up to six channels at a sound quality still better than CD. Although the DVD format dates back to 1995, when Bell was instrumental in bringing together competing companies to avert a dual-format debacle like the VHS/Beta video wars of the 1980s, it has to date seen service primarily as a highly successful medium for movie purchase and rental.
As a major source of technology for furthering all forms of e-business, IBM has contributed to many areas of Internet security and protection of intellectual property. For the DVD-Audio launch, IBM — in conjunction with Intel, Matsushita and Toshiba (collectively known as the "4C") — has devised a new protection scheme based on encryption, called Copy Protection for Prerecorded Media (CPPM). When authorized by the copyright owner, the same basic technology may also be used in "secure" versions of portable MP3 players, which began to appear on the market this summer.
The heart of these new protection systems is a way of encrypting the content so that it can be decrypted only by a compliant playback device. The IBM/4C scheme is also designed to control the limited copying of prerecorded DVDs that the recording industry, unlike the movie industry, is willing to allow. The owner of a DVD-Audio disc will be able to make the copies authorized by the music owner only by using a compliant DVD recorder incorporating the IBM/4C protection approach. When a permitted copy is made, the unique serial number of the blank disc on which the copy is recorded becomes part of the key used to encrypt the content. If a bit-for-bit copy is made onto another blank disc, the serial number of that disc will not allow the proper decryption, and the content won't play.
In developing the scheme, Lotspiech raised the hurdle for would-be hackers, who had already found a loophole in the protection mechanism currently in use on DVD-Video and posted it on the Internet last October. "Because the scheme relied on a single, secret key, once it had been cracked, there was no protection at all," says Lotspiech. His system avoids that danger by relying on so-called broadcast encryption, an offshoot of the scrambling system used by cable TV. Whereas the video protection scheme depends on a single secret key shared by all the discs and the machines that play them, IBM's broadcast encryption scheme assigns a unique set of keys to each player. That is possible because every DVD player contains a bank of 16 "slots," each of which is given a value corresponding to one of 400,000 sites in the key block on the disc (or other medium). The total number of ways of matching the 16 slots with the 400,000 s
ites is so large — "it's greater than the number of protons in the universe," says Lotspiech, half-joking — that each device can have its own set of slots. Although a particular player may at some point be hacked, and the keys in its slots disseminated over the Internet, those slots can then be invalidated on future media releases. "This invalidation does not hurt the innocent devices," explains Lotspiech, "because they will have at least one slot different from the hacked device."
Ironically, there is one loophole that cryptography cannot block. "Copy protection is only as strong as its weakest link," says Bell. "You can put as much encryption as you want into protecting content on a disc, but for $500 or less you have a cracking device; it's called a DVD player, and out of the back comes a very high-quality analog signal. The notion that analog is inferior is not fundamental; your ears are analog."
That loophole, however, can be circumvented by the use of watermarks — embedded code, unaffected by encryption or decryption, that can also control copy options and that has the added benefit of surviving digital-to-analog conversions. "A compliant device used to copy a disc with a 'single copy allowed' watermark would, in the process, alter the watermark to read 'no more copies.' As a result, any attempt at using a compliant recorder to make a second-generation copy from the authorized copy would fail, even using the analog input," says Bell.
Bell, who has been working with representatives from Matsushita, Toshiba and Intel to make sure that the new scheme's standard corresponds to the requirements of the music industry, acknowledges the challenges that lie ahead. "The distributors have been living in a world of physical stores, and they are now faced with the need to operate in a world of increasingly electronic distribution. It's a difficult and painful transition that will depend on the music companies' willingness to adopt some new business models, but it's going to happen, and a robust copy protection scheme will be critical to its success."
John Lehmann-Haupt is a freelance writer who lives in New York City.
The Well-Preserved File
By John Lehmann-Haupt
Previous generations would have marveled at our
ability to store vast quantities of text and images in compact digital formats. But that technological advance has not come without a price. While the long-term preservation of documents used to mean warding off the ravages of temperature, humidity, insects and acid-based paper, the archiving of digital files poses an entirely new challenge. Because of the rapid evolution of computer hardware and software, what's readable today may be unreadable in a few decades.
The problem has already arisen at many institutions, making data from early space probes inaccessible to NASA scientists, blotting out POW/MIA files from the Vietnam War and making student records impossible for universities to retrieve. Although the problem has been acknowledged for years, it was only recently that Raymond Lorie, a computer scientist at IBM's Almaden Research Center, found himself in a position to develop a solution. His interest had been piqued by an article about the preservation of digital data in the January 1995 issue of Scientific American by Jeff Rothenberg of the Rand Corporation.
Rothenberg had proposed to solve the archiving problem by saving not only the data but also the program originally used to create and store it, the operating system of the computer able to run the program and a detailed description of the computer's architecture — its memory structure, instruction set, input/output (I/O) interface and so forth. Armed with that information, a future user could write software to emulate the operation of the original computer; that is, the emulator would enable a computer with a different architecture to run the original program. However, there would also need to be some textual "metadata," or information, to allow the future user to find, access and recreate digital documents — essentially, a user's guide to running the old application.
Although Lorie agreed with the concept of "encapsulation" — archiving data files along with the means to read them — he saw potential drawbacks with the proposed implementation. "Saving a program may be necessary for archiving all of its functions, but it's more than you need for data archiving," he says.
Instead, Lorie proposes saving only a program that could decode and present the data to future users. When returning data to the user in the future, the program would have to follow a logical model defined when the data is archived. The purpose of the model is to describe the elements of a file. For example, a file containing images of paintings would include such elements as the artist, title, date and location of each work. Each element would have a tag (similar to the tags used in XML, the new markup language that labels information by type), and the definition of the tags and the relationship among them would be stored in the metadata in such a way that it could be read easily in the future. For example, the metadata would specify, first, that the file is a collection of paintings; that the next element is the name of the first painting; the third, the name of the artist and so on. "In this sense, the metadata provides a logical view of the data," says Lorie.
In Lorie's scheme, the decoding program follows that logical view, extracting the physical bits representing the elements described by the metadata. Although the program would run on an actual future computer, it is written using the instruction set and architecture of a "universal virtual computer" (UVC) — a machine that need never be physically built, but merely described in detail. All that would be needed in the future is an interpreter, a program that reexpresses the UVC instructions in terms of the instruction set of the future computer, so that the program could run on it.
Using the UVC and the metadata would require a key, which would include the information needed both to encapsulate data and to retrieve it in the future. The key would include a description of the preservation method, the conventions for organizing the metadata and the specification of the UVC. Because it would be stored in many different places — on paper, on the Web, in time capsules and so on — the key would be easily accessible for future generations.
But what if the entity to be archived is not simply data but a program? Then, the program in its executable form — on the original computer — must be saved and an emulator (which makes one computer "look like" another one) must be made available. Lorie believes that leaving the task of writing an emulator for future generations is risky. "Since the computer of tomorrow obviously doesn't exist today, how can we be sure the emulator will work correctly?"
Lorie's solution is to write the emulator software today, when the original computer is well known and available, and to make the software executable on a UVC. "All that will be necessary," Lorie says, "is to have an interpreter program for the UVC code." This is the same interpreter needed to execute the decoding program in the case of data archiving discussed above. "So, while the approaches for data and program archiving are somewhat different," Lorie explains, "both are based on using the UVC to express the logic that needs to be executed in the future."
Lorie emphasizes that, while the data archiving problem is well understood, the design of the UVC is still under development. "There are also questions about exactly what should be stored," he adds. "For example, just how much of a document's formatting needs to be saved?" Similarly, he explains, there are special challenges in the program archiving area, particularly in preserving the look and feel of a user interface.
Lorie also admits that, unless they are lucky enough to find the all-important key — and understand it — any future space aliens combing the ruins of a vanished human civilization in hopes of deciphering its digital detritus will come up empty-handed. But, for the rest of us, he contends, a UVC may be just the tool we need to build the electronic extension of our digital past.
Banning Broken Links
Short of waiting interminably for a response — or not being able to get connected at all — there are few online experiences more frustrating than encountering a broken hyperlink, an irksome event signaled by a "404 file not found" message. Such events tend to occur because, in the dynamic world of the Web, Webmasters are often unaware of other pages that may reference pages on the sites that they maintain. If a page is moved, deleted or renamed — accidentally or intentionally — in the course of routine updating, the links to it from other pages may not be changed until someone complains.
While a number of tools on the market alert site designers after links are already broken, until recently there has been no way to avert the problem of missing pages on an intranet before they occur. Last year, in an effort to address that problem, researchers at IBM's Almaden Research Center developed a solution, code-named LinkIntegrity+. Currently at the prototype stage, it prevents the unwitting or unauthorized deletions that lead to broken links within one or more domains of an intranet.
According to Nagraj Alur, project leader for Data Links solutions, "LinkIntegrity+ is intended to ensure that, once an intranet site has been launched, all the links refer to existing pages." It does that by first determining how the pages relate to one another and then verifying the links before storing that information in a database. Armed with that information, the new tool prevents any page updates that would result in broken links.
LinkIntegrity+ is an application of Data Links, a database technology developed at Almaden that has been part of IBM's DB2® Universal Database since version 5.2. Data Links allows a relational database to manage data stored outside the database — in flat files — as if it were actually within the database. Metadata — information about a file, such as author, content and date of creation — links the database to the file that may be identified by using either the Internet standard Uniform Resource Locator (URL) syntax or the Microsoft Windows® Universal Naming Convention (UNC) notation. Data Links intercepts commands to modify the file, such as delete or rename, and determines whether the file is referenced in the database. "If it is referenced," says Alur, "the user will be unable to delete the file until the reference in the database is deleted."
In addition, LinkIntegrity+ — by keeping track of the link relationship among the various Web pages — prevents the inadvertent or malicious deletion of a database entry referencing a linked page. Thus, it works in tandem with Data Links: the latter prohibits the unintentional deletion of a file referenced in the database by users performing file system commands, while the former keeps the database entry itself from being deleted.
Not only does it prevent unwanted deletions, but the new tool reminds Webmasters to update references within their own domain, and actually keeps track of all the Webmasters referring to a given page across the entire intranet. If a page is deleted or renamed in one domain, an instant notice is sent automatically to all the Webmasters within the system whose pages are affected, reminding them to update their links. The tool also supports the enforcement of an installation's guidelines for Web content, such as the inclusion of appropriate headers/footers, disclaimers and so on.
Intranets are instrumental in creating community and facilitating the sharing of information. Without the fear of broken links, a company has a much easier job of keeping its intranet vital. "A Web site is dynamic, sometimes even anarchic," says Alur. "That is the beauty of the Web, but a site needs to be able to change in an organized, systematic and rapid fashion. Without slowing down the process, LinkIntegrity+ guarantees that changes are made in a coordinated manner."
www.almaden.ibm.com/cs/datalinks/
