* Posts by Mike Glendinning

3 posts • joined 18 Mar 2010

Review: Apple iMac 21.5in late 2012

Mike Glendinning
Thumb Up

Less fuss than a vacuum cleaner?

You should work for Apple's marketing department!

W3C squeezes XML into portability

Mike Glendinning

Myth of "human readable" XML

Agreed that the "human readability" of XML is pointless and in any case is something of a myth. We still need tools to read such files and convert the binary encoding (e.g. ASCII, UTF) into something we can see and understand (e.g. a character glyph on a display screen). EXI is no different in this regard. The only argument is over the availability of tools to do the decoding.

So it would be nice to see the vendors add support for EXI in some popular tools, for example Microsoft Internet Explorer 9, Safari, Firefox 4 and perhaps Altova XMLSpy. People might then be a little less scared by EXI.

Police National Database will have audit trail

Mike Glendinning
Thumb Down

Information Sharing, Huh?

Hmnnn, one wonders how effective the PND will be at its stated purpose of "information sharing". The political and technical barriers to individual forces uploading data are already quite high:

* Reluctance to expose "interesting" or "sensitive" data to other forces, in case it is "misused" by other forces, or simply upsets long-running operations (you don't really want somebody you have been following for months arrested by a neighbouring force on a minor offence, do you?)

* Reluctance to expose poor-quality data for risk of embarrassment or ridicule by other forces (or worse, the attention of professional standards or HMIC).

* Difficulty of meeting the onerous technical requirements of the interface specification for uploading information to PND.

So how much really useful data will end up in PND? I suspect a minor fraction of what is actually available, seriously restricting its value for intelligence purposes.

Then, each individual force will apply its own access control policies on their uploaded information. Given the lack of standardisation of working practices across the forces, these policies are all going to be subtly different, which means that visibility of information will vary from force to force. Any query across information from multiple forces is therefore going to deliver inconsistent results. How users and intelligence analysts will make sense of this is anybody's guess.

The implementation of the centralised security model is also going to be incredibly difficult and complex, because it will actually be an amalgam of 43 different security policies, one for each force (and not counting the national agencies, of course). How likely is it that the implementation of such an access control model is going to be correct, with no weaknesses or security holes?

The PND also seems to confuse the needs for the search and sharing of intelligence information (the original and primary driver for PND) with the simpler information access needs for operational policing (that is, the future replacement of PNC). It would probably have been better to create two separate systems to deal with these two very different sets of requirements.

Surely, for the search and sharing of intelligence information, a federated approach would have been better, one based on modern web search technology:

* Allow each force to host their own portion of the PND in a simple web system, defining their own upload and access control policies.

* Use a simple set of media types for information storage, loosely typed and encouraging information upload.

* Make sense of the data using modern web search tools based on Information Retrieval (IR) technology.

* Deploy standard web server and caching proxy servers for resilience, availability and scalability.

As well as encouraging "buy in" and "ownership" by forces, such a system is also likely to be easier to manage and far more resilient and secure than any centralised PND.

This is a classic example of how the design of a computer system needs to mirror the operating model of the organisation. Without the political will to actually merge them, if you have 43 separate police forces, the chances are that you need a system consisting of 43 times "something". My vote would be for a simple federated system made up of 43 identical parts, rather than one centralised system that is perhaps 43 times more complex than it needs to be!

I know a federated approach was tried several years ago, but failed due to the wrong technology choices and poor implementation, but today we have a much better understanding of how to make Internet-scale web search systems work. The public sector's reliance on large, centralised databases using (relatively) old-fashioned technology approaches is astounding. For how long will government continue to ignore what the private sector has learned about technology implementation and about web systems in particular?


Biting the hand that feeds IT © 1998–2021