1. 1 Emerging IT Technology: Potential Regulation of Service Oriented Architectures D. Coleman PHD student, School of Public Policy George Mason University

2. 2 Agenda  Introduction  Method of Approach  Regulatory Analysis  The ICANN Model  Can Regulation be made real?  Conclusion

3. 3 Introduction  Imagine: the ability to plan a road trip and get interactive weather/road conditions/gas prices across state and national borders (and translate from Spanish to English if necessary) the ability to do a literature review, consolidate sources, do a plagiarism check, all from within windows and all in real time  Imagine the Service Oriented Architecture (SOA)

4. 4 Consumer Service Provider 3 rd Party Provider Service Contract Broker Authentication Provider/PKI Retail Wholesale Client Service UDDI* SOAP Service Introduction: SOA flows Service Oriented Architecture – A General Model  Key supporting technologies: Internet/Internet Protocol version 6 (IPv6) Public Key Infrastructure (PKI) Relational Databases UDDI – Universal Description, Discovery and Integration SOAP – Simple Object Access Protocol PKI – Public Key Infrastructure

5. 5 Method of Approach  Survey and analysis paper Identify technologies that impact Identify regulatory issues  “Free the net” vs. public good  Methodologies to regulate Analyze need (qualitative at this point) Provide possible solution vectors  Vectors not solutions per se  Breadth and depth of topic implies further research

6. 6 Regulatory Analysis: Policy Areas  Trust People/machine identification People/machine authorization  Interdependencies Internet Telephony Data protection (privacy) Security Censorship  Complexity e.g. 3000+ Central Process Units (CPUs) for one subset of one governmental SOA each processing at 2.6 GHz

7. 7 Consumer Service Provider 3 rd Party Provider Service Contract Broker Authentication Provider/PKI Retail Wholesale Client Service UDDI SOAP Service Introduction: SOA graphic Service Oriented Architecture – A General Model Trust Identification Trust Authorization Data Protection

8. 8 Regulatory Analysis  Hypothesis: Some form of governmental regulation is needed in the SOA environment.  Assertion driven by: Potential for becoming the key world wide utility Ongoing nearly religious discussion on control of information flows (internet censorship) The engineering structure of the future SOA environment will have trust as its central issue

9. 9 The ICANN model  Internet Corporation for Assigned Names and Numbers (ICANN) Private and largely independent company, originally chartered by the US Department of Commerce with international participation. Assigns classes of Internet Protocol (IP) numerical addresses, Assigns top level domain names (e.g. yahoo.com). Effort enables directories of addresses. Funded from fees for service Widely, but arguably unfairly, disparaged. Yet, often cited as vehicle for further regulation on premise of “if not ICANN, who”?

10. 10 Can Regulation (as in SOA) be made real? the what and the how  What to regulate Trust relationships between service user and service provider Engineering fidelity  How to regulate - Options Regulatory control over PKI or other trust mechanisms Use of the tort system for failures

11. 11 Can Regulation (as in SOA) be made real? the who  ICANN - Not within scope of current charter (and/or possible business plan)  Existing UN organization - International Telegraph Union (ITU) Current sponsor of Worldwide Summit on Information Technology Not known for organizational agility  New UN organization ??  Federation of national authorities - In an industry that grows a generation every 18 months?  Industry self regulation – Current US mode

12. 12 Conclusion  Do we need regulation – yes, probably  Do we know the what, the how and the who when it comes to regulation? Not yet, needs maturity in both process and technology. Not yet, needs organizational innovation  Scope for further research Economic impacts Further understanding of technology (complexity especially) Further understanding of process Further understanding of equity issues.