By Steven Hawley
Citing threats ranging from identity theft and consumer fraud, to attacks on critical infrastructure, a group of companies within the OASIS open standards organization that includes IBM and 17 others, have launched the Open Cybersecurity Alliance (OCA). This initiative intends “to connect the fragmented cybersecurity landscape with common, open source code and practices”
Why it matters
Anyone who has ever been involved in an IT integration project knows the challenge. In large commercial platforms, there can be millions of requests per minute and it simply “has to work.” The OCA’s goal is laudable and there’s lots of work ahead.
My own experience in building a “seemingly simple” cloud DVR service was full of unexpected delays because some of the components we had chosen had hitherto never been integrated. It involved interoperability between an encoding platform, storage, security, three management platforms, and consumer apps, and was part of a larger multiscreen TV service. Product (not sales) engineers involved said it would be ‘no problem’ but when the operator committed them to the project, it became a different story. Features had to be added into product development cycles, which took negotiation and time. Testing took weeks. Everybody had to sign off. This, for a system that has thousands of requests per hour.
Multiply this exponentially to get a sense of the OCA challenge. Let’s hope it’s not one of those efforts that gets a lot of publicity and then fades away. From an anti-piracy perspective, we really need it to help combat the theft of credentials and content by industrialized pirates.