OPEN SESSION: MOBILE MANAGEMENT FORUM

Thursday 11^th April 2002

Boston 1, Newport Beach Club, Disneyland Paris

Chaired by Mike Lambert, CTO, The Open Group

Attendee Introductions

The meeting began with personal introductions being provided by all present including expressions of the topics they are seeking to address within the Mobile Management Forum.

Chandra Olson, Lockheed Martin Corporation

Chandra’s role is an Infrastructure Architect. Right now Lockheed have only 2 approved mobility products; the RIM Blackberry and cellular data card. The company has an objective to pursue device approvals and certification in readiness for a managed deployment of mobile & wireless technologies.

Richard Paine, The Boeing Company

Richard has been serving as chair and chief customer contributor of the MMF Sessions Management Working Group which published a requirements document for Sessions Management. Using this document Boeing is pursuing an RFI for Session Management. Richard is also working on the Mobile and Directory activity. A current problem facing Boeing is they are unable to make decisions on QoS since there is insufficient infrastructure integration to establish and audit mobile communications QoS.

Boeing also have a part of the company called “Connexions by Boeing” which is delivering an internet connection service in aircraft. This effort surfaced lots of issues around mobile and moving subnets. They break the rules of how IP is designed to work. This issue is further complicated by the many military customers who have need for robust ad-hoc networks. What kinds of technologies can be applied.

Security is a big stumbling block at the moment. Boeing have had a wireless architecture since 1994 but twice now the deployment and money has been cut back owing to security not being adequate.

Richard also serves on the 802.11i committee of IEEE.

Ikuo Shinozaki, Sony Corporation

Ikuo works within the software division of Sony Corporation. This division provides the Operating System and Middleware for consumer products. Main interest are content conversion and Session Management. Sony is wanting to stay appraised of the current trend in these areas. The personal mobility products industry are a little behind the enterprise at the moment and so there is value to Sony in monitoring Enterprise product and service development and use thinking here to inform their personal/consumer product developments. Key to successful personal products is usability and transparency of infrastructure.

David Diskin, The US Dept of Defence (DISA)

Prime inhibitor for the deployment of Mobility in Defence is Security. MMF Focus in this area would be highly beneficial.

Susan Stanton, Partners Healthcare System

Partners are a first time visitor to the Open Group. They are about to conduct a mobility study. Going into this study they have already recognised the need to address concerns of harmful interference and device security. The study will comprise two pilots. The first will be in a health centre with wireless notebooks being used as staff access and update patient records. The second project is for inpatient treatment using Symbol devices for medication administration. Susan is here to learn of experiences to date and understand which issues are being addressed for the future, especially concerning types of devices, wireless LANs and the wireless internet.

Chris Gervais, Partners Healthcare System

Chris works with Susan and his specific interest is in Identity Management. This is needed to securely manage the large and varied healthcare worker population. He is also interested in how to bring applications to devices and how to service the needs of peripatetic workers spread across a distributed healthcare service and handling their changes of working location.

Michael Krasner, Krasner Consulting

Another first time attendee, Michael’s main interest is very large scale mobile applications and how to build and roll out to millions of users. The ability of standards to scale to meet these needs is of particular interest.

William Estrem, University of St. Thomas

Bill is Director of the Information Management Program in the University’s Business School and originally became involved to learn. Bill wanted to use mobility for distance learning and they have built an architecture that has global scope. Currently internet based it will become more “disconnected” in future. The University campus is ripe for 802.11 deployment. Currently using a single access point, the students are planning a WLAN deployment and are designing a network layout. Bill is very interested in Security (AAA). This is a significant concern for research.

Stephan Wappler, Lynx-ctr GmbH

Stephan’s previous focus was as part of the AAA group and remains his main concern - Security and Authenticatio, Authorisation nad Accoutning.

Renee Barnow, McKinley Marketing Partners

Renee provides communications services for the Messaging Forum and was attending to hear more about the work and direction of the MMF.

Martin Kendrick, Brand Communications

Martin is the Managing Director of Brand, a vendor specialising in communications products, particularly in the area of Session Management. Martin is Co-Chair of the Session Management Working group with Richard Paine.

Lee Hunter, CC and C Solutions

Lee is currently working at the University of Sydney and is here to learn. He wants to persuade the University to invest in Wireless LAN coverage as a service and partially to attract students but also to enhance the service provided to the faculty.

Colin Seward, Cisco Systems

Colin works for Internal IT Management and has been the project lead on a pilot looking at extending Corporate services and information to mobile devices. Colin expressed that it is good to be at a meeting with other end users and not just with vendors. He is interested to share experiences.

James (Jim) Debalina, Motorola

Jim’s interest covers the full breadth of mobility and has expertise in both public and enterprise mobility infrastructure issues.

Introduction to the MMF.

The Chairman provided an introduction to the MMF, and explained the appointment of Peter George and Stef Coetzee as Co-Directors of the MMF following the resignation of Gregory Gorman. The Chairman reported that Gregory is currently founding a new company to deliver services in the Wireless LAN industry.

Mike reviewed that when the MMF was formed we were at the peak of the wireless hype, so we need to test the original premise on which we started work. For example 3G should be broadly available now but it isn’t and will be impacted by WLAN coverage by as much as 50%.

Discussion developed agreeing that what has been over hyped is 2.5G and 3G – what has been under hyped is WLAN. We are all connected at high speed at this conference hotel and struggling to get a signal on cellular.

The focus of today’s meeting is to review our progress to date, assess the development of the industry, and consider how our efforts can be focussed to help achieve the Integrated Information Infrastructure (In3)

The definition of Mobile and Wireless became a topic for discussion. Mobile is not just devices and handsets but the connectivity models as well. Mobile does not assume Wireless, Wireless does not assume Mobile. However Mobile and Wireless is a winning combination. It is important that we separate the two topics and identify the issues. That is why we are called the MOBILE Management Forum.

The Open Group’s involvement in mobility is as a heavy user holding four conferences a year and bringing together 200 people who all want to do email remote from their offices. The number one mobile application today is email. The Open Group was the first organisers of a conference with a wireless LAN in Europe and tested to destruction the Wayport Public LAN installation at the hotel in Austin.

In summary MMF members are talking about mobility, not wireless. They also talk about problems, not products.

In3 and Relevance to MMF

The Chairman proceeded to deliver a presentation on the Integrated Information Infrastructure. The following notes should be read in conjunction with the published slides.

When xOpen was formed it did interfaces to UNIX. Then attention turned to application portability. Latterly it has been hard to say in once sentence what the Open Group does. In essence the organisation had no elevator pitch. The In3 approach has given the Open Group back a focus and a vision. In summary we are trying to enable an enterprise to get at the information locked in its systems.

In3 came about from a process. Interviews with many CIOs surfaced a requirement for access to information. We asked them to put a monetary figure on how much this was worth. Our members collectively suggested 100s of millions lost. But more significant is that people have died because of this issue. – Aeroplanes have crashed with faults the FAA knew about but had not been able to communicate. Patients have died because elements their records were locked in systems not available to the physicians providing treatment.

Some CIOs estimated they spend 30% of IT budget coping with the problem. The message is that the problem is universal. The basic challenge is therefore that IT needs to cope with business mangers changing policies. And this integration needs to be both inside and outside the company.

An explanation of the In3 message is to get the right info to the right person at the right time in the right place.

Linking info together with XML and SOAP may achieve this, but it may also get the info to the wrong person so we need to be able to set policy and provide control. To achieve this we integrate existing systems in a controlled manner, rather than gather all information into a single tidy place.

An In3 is a desired state for an Enterprise Infrastructure specific to the needs of that Enterprise.

One of the challenges is being able to understand and express business policy.

By defining a technical architecture we can get people talking a common language and using words to mean the same thing.

The Open Group cannot develop an architecture. It can develop a framework from which an enterprise can develop it’s own.

Some of the concepts of real time computing need to be brought into the In3 Architecture. Examples include the 4 second rule on the internet (a response time of longer than this and a user worries and begins clicking buttons) and the One Working Day rule on Wall Street for deal recording and closure. (Global Straight Through processing). This does not negate the Swivel Chair or Sneaker-net route.

The role of the MMF is to look at the ability of an organisation to set and implement a mobility policy. This can only be achieved in small steps. However the mark of success is every-time we do something which helps an organisation achieve an In3 we have advanced the cause. The Open Group is an Enterprise led organisation.

The presentation finished with a proposal that the MMF modify it’s focus to addressing how existing Standards efforts fit into the overall architecture framework and work on filling the gaps and resolving overlaps.

How are we differentiating or defining “the Enterprise”? Is it organisations that establish their own, or those that rely on public, infrastructure? How do we ensure those public infrastructure companies and service providers also meet the needs of the 90% of businesses which is made up of SME’s? We must make sure we include Public Infrastructure and Web Service providers in our Enterprise involvement efforts.

How do we take the basic standards being developed and deployed and persuade the owners and authors to enhance it? Example is security added to 802.11 protocols.

We could approach this in two ways.

1 Add to the work of the Standards organisation by suggesting changes to the existing standards.

2 Education of enterprises seeking to implement products using the standard as to the issues and recommendations for ways of overcoming themin ways that do not break the standard but adds a level of tighter definition.

In either case, the objective of the Open Group efforts is not to change the behaviour of the underlying Standard. So for example we can recommend the implementation of VPNs on Wireless LANs.

It was agreed that to succeed (in the example used) we must be bearer agnostic. Therefore all the policies must be consistent and above the carrier layer.

We must also be sure not to work only with a standards organisation, but also with the consortia that exist around them (WiFi and WECA around IEEE 802.11). We help the supply side get their market acceleration by showing how the integration can take place. This means the large guys who can afford to go in first (and get the biggest benefit) and hone the requirement and solutions to the point were the solution becomes a commodity and this is when the SME can afford to buy with confidence.

Colin Seward – Cisco, Mobility Centre of Excellence

Colin presented on a Business Mobilisation Project. He works for the internal IT Department. Please see published slides for full details. Highlights are recorded below.

Pilot started in May 2001 to ensure they had a complete architecture in miniature. The original scope was 20 users, this grew to 60. Every time they saw a team doing their own thing they were encouraged to join the pilot so there was a little scope creep.

Security

The solution implemented used a One Time Password approach. Technically it is very strong but users don’t like it. Since users must log on every time using a pin code data entry of this pin code is challenging on a PDA or phone because of the keyboard or handwriting mechanism used to enter the code on the devices. Users eventually boycotted use of these devices for connection.

The WAP gateway didn’t come with a authentication server so they had to add their own home grown product discontinued by Cisco because of lack of interest in the market.

Content

Peramon technology provided the access to Eudora and Meeting Maker. Proof of concept with Content re-purposing tool. Tried with Cisco.com page to IPAQ and other clients. The page has a metadata framework so they can rely on that to build a hierarchy. Important when building dynamic personalised content. There is still a lot of work to be done though. They use a customer profiling register to personalise the information for the person/device. VoxML was also implemented. It has been a lot of work to break down pages into 800,000 objects necessary to ensure the trans-coding engine can work effectively.

Phase 2 is to push the profile back to the authoring process so what is produced is for an intended end device type. Then the templates can be built and let a content transformation engine to the final tweaking for the specific device. This phase will run from summer 2002 until end of year.

Identity Management

The need for Identity Management in vital to any project where users have multiple devices and can choose to have information delivered to them on their device of choice. Web service definitions need to be influenced by the receiving device – example was a news feed from OneSource. ELearning is also implemented using Backweb to deliver Video on Demand (VoD). Through this mechanism Cisco can give the user the choice of device on which to consume the VoD.

The conclusion is that the easiest route to deploying mobile apps still remains the use of a laptop PCs with a data card (WLAN or GPRS as appropriate). Since the average email load of a Cisco executive is 35-40 Meg per day WLAN is favourite and a PC is the correct form factor to process this volume of work.

Cisco wrote up their pilot findings in November. The future plan is to take the models developed in US and Europe and flip them into roll out in the other theatre.

Lessons were also learned about the success of the pilot according to the profile of the user against the technology adoption life cycle. In post pilot analysis they recognised they had a fair mix of users across the spectrum from Technology Enthusiasts to Sceptics. In future they will make more use of the users profile to target devices and services appropriately across this mix.

Cisco has established a Mobile Centre of Excellence in IT to co-ordinate and drive activities going forward.

Joint Session with MaD Working Group. – Ed Harrington

The MMF and Directory working group has spent 9 months developing on the Mobile Executive Use Case Scenario originally produced by the MMF in 2000/2001. This new document now highlights the Directory requirements to support the demands of the mobile executive.

The group needs to define the next steps to finish the document and have it adopted. This will involve review by both the Mobile Management Forum and Directory Groups.

As a result of the document work the Working Group has come up with an architectural model which requires some enhancement as to what directories can do. Mobile environments require information which is real-time or close to it (location services etc). Directories do not typically support rapid update scenarios such as this, they are designed and optimised for read only. To be effective in the mobile space they came up with a need for a method to capture the static and transient information.

It was noted that more involvement is required in the Joint Working Group from MMF members.

ACTION: Call for more active participants in the MaD work from the Mobile Management Forum to ensure mobility assumptions are correct. MMF members are requested to advise Peter George or Stef Coetzee of their wish to participate in this work.

The DMTF and DEN presentation showed there is clear convergence between technology, standards and the requirements. The proposed next step is to conduct an official analysis to see how close we are together.

We should also investigate co-operation with the TMF as regards SLA managament as both DMTF and Open Group have relationships with TMF.

It was agreed by the meeting that the Open Group, and in this case the MMF, should focus on Standards Integration.

In summary the proposed next steps outlined by Ed Harrington are:

1 Review/Evaluate DMTF CIM Schema and Model

2 Review/Evaluate work of ITU and BQM

3 Review the Business Scenario

4 Publish the Business Scenario

5 Prove that Directories can help solve the issues – to do this we create a challenge and launch it in October.

Review Process

This is a publication of findings and so we don’t need Membership comment on anything other than it be an accurate reflection of findings. The possible outcomes still need some discussion. DIF work might be until late May. We might possibly convene a joint telephone call to approve. We should aim to achieve sign off by mid-May at the latest.

ACTION on the MMF to approve and provide feedback on the Business Scenario by the end of April 2002.

ACTION: Suggestions for Next Steps to be sent to Ed Harrington ASAP for inclusion by 19^th April @ ed.harrington@nexor.com

Mobile Directory Challenge

Discussion proceeded as to the practicality of launching a challenge and the desired time frame. It is considered possible by October but there is still a lot to work to do. January would be safer.

Ed Harrington – we have been invited to present in June at San Jose in June. Will we get a response from the DMTF in time for October? It was also suggested that Cisco’s experience (and the benefit they could gain from participation) positions them ideally to participate in the challenge.

The MMF meeting questioned what activities were ongoing as regards Identity Management in the DIF as this had already been highlighted as a significant area of interest within the MMF. Chris Harding responded by showing a video of the Identity Management discussions by the Directory Group

The MMF leadership asked fro the DIF’s opinion on how this issue spans Directory and Security? There is another Business Scenario being developed by the DIF to explore this issue. They will take any input that there needs to be as regards mobility considerations and include in the joint SaD document on Identity Management. Standards prioritisation will be suggested by MaD, and the DIF was encouraged by MMF to consider how best to include the MMF in this initiative so that we do not forge independent, uncoordinated relationships with the Security Forum.

New technologies are easier to force/encourage interoperability. As we move forward to realise the In3 Vision, the Open Group needs to work its own In3 Project to ensure its Forum workings interoperate.

There was also some discussion on how the MMF could work with the QoS Forum. There is an opportunity to work with the TeleManagement Forum and QoS as joint activity .

Mobile Management in the context of In3

The meeting discussed what is meant by Interoperability? A useful working definition of interoperability could be “the ability of two or more entities or components to exchange information and to use the information that has been exchanged to meet a defined mission or objective”.

The Open Group embarked on some work with the CIO’s of some major corporates to develop the In3 concepts. What was discovered with the business scenario work? First it was discovered that we needed a general yet useful working definition for interoperability. There were many definitions, all of which were fairly specific to technologies or areas of specialization, for examples object interoperability was defined to discuss a technical issue, or library interoperability described a subject area issue. When it came down to it the definition that was most useful was one that again was general enough, but provided the fundamental characteristics.

First interoperability applies to situations where there is more than one entity.
Second the entities involved need to communicate information.
Third the entities need to be able to use the information exchanged.
And lastly the result should be measurable against a defined mission or objective. I.e. there had to be a good reason to exchange and use the information.

This definition is fairly general, but it is very useful.

Pain Points surfaced in the discussions

· Lack of effectiveness of business operations

· Lost opportunity to add value to the business

· Increasing IT costs

· Lack of effectiveness of IT

· Reduced management control

· Increased operational risk

On the road to getting to the customer problem statement on the last chart there were many questions and responses around how the issues are manifesting themselves. These “pain points” are indicators, some of which you may identify with and some you may not. But let’s look at these indicators. The first one is lack of perceived effectiveness of business operations. Whereas there is continued increase in costs of running the business, there isn’t an perceived increased in time to market, or time to deliver. There is also a perception that there is still an inability to provide effective services to customers.

The next pain point is the perception of lost opportunities to add value to the business. The belief is that non-discretionary spending continues to rise while spending on adding business value is decreasing because we’re spending just to keep things operational. The result is that new features are sacrificed just to “keep things running”

Increasing IT costs is always something that is scrutinized. When some organizations look at their environment they are seeing redundancy and duplication in IT assets, which cause unnecessary increases in maintenance costs and an increased reliance on (expensive) IT service providers to integrate things. Here there is an imbalance that needs to be addressed.

Of course related to all the above is the perception of an overall lack of effectiveness of the IT organization. Poor service provision to users , IT changes not implemented when the business needs, and IT is seen as a restraint, not an enabler.

Another area where the pain is exposed is in the perception that there is little management control of the IT environment. The IT and business environment are just too complex to manage, IT is not driven from strategic architecture and it is difficult to balance short and long term choices. These pains feed on each other.

Finally many point out that as we continue down this path there is increased operational risk. Increased security risk, dependence of safety criticality, and IT becoming a "choke point" all are risk factors that need be addressed.

As mentioned previously In3 deals with extending the reach to break down barriers. This can be viewed through the following notional levels:

Level 1 is where barriers are broken down within the traditional enterprise. In this extent one can assume a certain level of shared corporate language. Though departmental languages do exist and must be accommodated when providing information integration.

At level 2 one looks to break down barriers between the enterprise and its immediate partners. These partners are those organizations that are in the same industry and therefore share a common industry language. Here sometimes the customers are in the industry, sometimes there not - again this is merely an example.

At level 3 one looks to break down barriers with other organizations that are involved in the business but outside

Within the enterprise and extended to business partners:

Suppliers and the like that are part of the industry. Within the enterprise and extended to business partners, and other organizations such as banks that are in another industry.

Back to the big example. In order to understand how broad the problem applies let’s just ask what the business environment looks like at a 40,000 foot level. Again this picture is illustrative and not intended to represent each and every organization. For example some companies have their own distribution centers, and some others don’t. But let me make the main points.

The first point is that there are numerous facilities of different kinds and in different locations within the business environment. The environment is and forever will be distributed and there is now and forever will be different domains crossed. As an implication there is usually a set of users who are mobile within the environment and this mobility must be supported. Mobility is another of those incontrovertible characteristics of the majority of today’s organizations.

Another major point than needs to be made is that the business relationships are with these other organizations many of which are not in the domain of your organization, e.g. the banks and legal institutions may not be in the domain of the retail business. The shape of the organization and its business relationships is dynamic. One partner may become part of the company through acquisition, and then become a risk sharing partner, then a competitor. All of this could happen fairly quickly.

The scenario includes a possibility of interfacing with the general public, which presents some challenges as the general public does not necessarily share the same language as that of the business. Finally the distinction between those “inside” and those “outside” the organization is situational and blurring.

From the feedback received prior to the meeting a range of areas of indicated interest were shared with the meeting for discussion and consideration.

These included:

· QoS/TMF/MMF co-operative work

· Next steps?

· TMF/SLM mobility enterprise SLA inputs

· DMTF

· Mobile Challenge

· DMTF mobility working group - CIM

· Session management

· Taxonomy of Standards

· Messaging Forum

· Business Scenarios

· Other areas to discuss:

· Architectural and configuration models for mobile applications

· Independent conformance testing;

· Providing an Enterprise interoperability kit/method

The next focus area to be discussed was that of services. This included discussion around topics including:

· Physical security of devices

· Access security and Firewalls

· QoS contracts (selection and enforcement)

· State Management (including Synchronisation, System and Device Software management)

Strong support was forthcoming for the topics of device management, access control and physical security.

Desired state management was seen as critical from a usability point of view. To date the MMF had seen that in the scope of the Synchronisation effort. The Synchronisation working group Open Synchronisation Framework Document is a useful point of reference in this context. It is not complete, but offers an opportunity as input to any ongoing efforts in this regard from the MMF. Cisco mentioned that they see the need for guidelines to turn synchronisation into a utility/commodity as a means to improve the end user experience. Motorola saw synchronisation as primarily a data base and data management issue. The meeting discussed how complexity for the end user increased once a user has a dependency on more than two devices. As the number of devices increases the issue gets overly complicated. Spanning the phone, PDA, laptop and desktop becomes too complicated.

Rich debate followed on what behaviours from end users would the MMF consider in scope as it zeroes in on what is useful to focus on. One view was segmenting the population between those who have accepted wireless and those that are still wire-line intermittently connected. This gained some support - further discussion brought forward the importance of QoS definitions. This would help ensure that both wireless and wire-line behaviours can be accommodated with appropriate class of services defined for both. A sector of the MMF still disputes that synchronisation is of value. There was a strong view that certain sectors of industry would not be able to assume wireless connectivity for a number of years yet. A good example offered for the need to have synchronisation was for home health care workers and other field personnel in remote geographic locations where there was no wireless coverage.

Firewalls were seen as an issue by the meeting. SOAP tunnelling was flagged as a concern. The Security Forum does not appear to focus on this area yet. This led the meeting to reinforce that this may need a joint activity with the Security Forum.

The meeting discussed the need for a project to produce an architectural model for mobility. This activity is seen as a good base for any mobility oriented conformance testing and certification activity. Broad support was expressed for developing architectural models for mobile coupled with appropriate business scenarios that went beyond the executive scenario and embraced field workers.

The problem of providing enterprise buyers with confidence in evaluating solutions before deploying was discussed. The meeting saw end-user device certification and conformance in an enterprise context as valuable; this was discussed in the context of certifying the device in the context of the service to be used. The meeting supported the need for a certification and conformance testing of the device/service combination. A possible way to progress this is to go to the carriers and gain support for a conformance activity in The Open Group as a trusted objective broker.

Desired state management is seen as critical this needs to be transparent to the end user and should not require recall of devices to upgrade firmware or software on the device. The meeting felt that adequate standardisation does not exist to provide this.

Location awareness was raised as a critical issue in various industry sectors – in the meeting we had strong representation from the medical, transport and military requirements where presence and location are critical

The meeting went on to discuss the relationship between applications and roaming attributes, and the need to be sensitive to the content delivery network. The conclusion was that this could be provided by policy based networks.

Data encryption on the device was discussed. There are different levels required for different applications. It was recognised that some apps could be satisfied by encryption in the transport but for others end to end encryption was critical.

The meeting also discussed the benefits of a use case scenario for embedded system as remote sensors. These are communicating devices that could be installed across a broad range of devices and equipment that needs to communicate to central control points.

Boeing expressed the need for a single point of billing for cellular and wireless LAN billing. They went on to share that 802.11i will not be a standard for another year or more; and as such is there anything that needs to be done for the next year or two. Should we assume that you will always have VPN on top of WLAN. One also needs to think that denial of service, authentication etc etc is (or should be) of great concern. The meeting concluded that the MMF need to be specific to make sure that we speak of security in its component parts – encryption, authentication/identification, etc. rather than broad generalisations to ensure understanding.

A discussion on whether bearer security had any relevance if one was going to have end to end security anyway to overlay it. There is still a need for certain classes of service where full end to end security might not be provided

The meeting then went on to review input received from member companies on focus areas of interest to them in the context of Services and that they believed the MMF should focus on :

NetMotion Wireless

· Architectural and configuration models for mobile applications

· Independent conformance testing;

· Providing an Enterprise interoperability kit/method

Sony Corp

· Transparent over the air provisioning of any mobile devices

· Includes ongoing software and ‘desired state’ updates

· Ongoing service management to improve usability and hide complexity from end users (“Service Chain Management”)

University of St. Thomas

· Web services and interoperability for mobile devices (also Mobile Directories)

· Location + position based mobile services

XcelleNet

· Management of mobile for enterprises

· Wireless application gateways

· Web services for mobility

The meeting went on to discuss to discuss the next subject area on the agenda – Devices.

Subjects discussed under this heading included:

· Device characteristics

· Display characteristics

· Machine to machine interfaces

· Usability considerations

· Ergonomics

· Health & Safety

· Power Management

The meeting discussed the perception gap that challenged the industry between measured RF radiation and subjective concerns from individuals. The general opinion was that an objective measure did not exist in the industry to provide an objective measure.

During the device discussion, authentication on device when it wakes up after standby was surfaced as a usability issue. If cumbersome authentication schemes had to be entered every time, the users would get fed-up and the application would suffer user boycott. Various solutions were discussed to ease the burden on the user whilst still satisfying the security need. These included discussion on how many factors were required? Two levels were considered typically adequate in today’s implementations – pin-code, some form of biometric security (finger print, voice recognition) or a smart-card

Sony voiced concerns on hacking and virus exposure as PDAs and notebooks become more permanently connected to the internet.

Cisco mentioned usability obstacles given the conflict where encryption mechanisms on storage cards generated on one device would not necessarily be portable across different devices.

The Device discussion also surfaced a concern, common among many enterprise users, that mobile devices are subjected to networks compatibility and efficiency testing and introduced and withdrawn by carriers and service providers based on these test results which are not made public. The enterprises are therefore not able to make an informed decision as to the suitability of a device for adoption. Cisco particularly would like for there to be an independent authority which normalises the tests and collects the results making them available for Enterprise use.

There was also significant interest in ergonomics and device usability. The meeting did not surface any specific suggestions on relevant actions from the MMF other than the points raised by members in response to the survey, as noted below and shared with the meeting.

NetMotion Wireless

· End user lack of confidence in selecting a hardware vendor.

SystemSoft

· More focus on notebooks and laptops (especially for security and usability). Do not get too focussed on phones and PDAs;

Sony Corp

· Security (in the fullest sense of the word) and safety is of greater import than before

University of St. Thomas

· Industrial automation; industrial applications including remote sensing, supervisory control and data capture

· Usability improvements for mobile

· Interoperability for mobile devices

The last area of the four areas of focus that the agenda was divided into was that of Connectivity.

Subjects discussed under this heading included:

· Session Management work to date

· Intra vehicle LAN as well as inter LAN/WAN.

· Roaming

· Transparent reconnect/restart,

· QoS of communication layer.

· Location services and awareness

· Least cost routing.

Richard (Boeing) and Martin (Brand) presented a review of the Session Management requirements document that Boeing had used in an RFI. The next steps discussed and proposed were to form a liaison with MWIF and DMTF respectively to extend the reach and impact of this work. The meeting discussed whether to build on the work already started to develop an architectural framework for session management. Martin voiced strong support for this.

Issues and comments surfaced in the member survey around Connectivity included:

Boeing

· WLAN and cellular telephony convergence and integration

· Requirements (including highlighting issues) around Authentication Authorisation and Accounting in the context of WLAN and cellular

· Session persistence challenge has largely been addressed by MMF sessions management work

NetMotion Wireless

· Security recommendations for enterprise deployment of Wireless LANS

University of St. Thomas

· Security (Wi-Fi, TLS) in mobile environments

A number of other activities were proposed in the survey for consideration

NetMotion Wireless

· Education on mobile for enterprise capabilities

· ROI models for mobile

PASS Consulting

· make enterprises comfortable with what is possible

· provide a clear roadmap to enterprises for B2E deployment

· Develop business models for mobile apps;

· Document Best Demonstrated Practice

· Collate and Publish use case scenarios

The meeting saw the value in these suggestions and felt that more work could be initiated on other business use case scenarios. The meeting also agreed to the approach of providing an architectural framework for mobile and setting MMF activities in an In3 context.

SystemSoft Corp

· Document ways to improve corporate productivity through mobile access to corporate resources (anywhere, anytime, wired/wireless). The meeting discussed this point and saw it in an In3 context.

University of St Thomas

· Address problem of proprietary data structures; lack of standardization; There followed some discussion on how this fits with SyncML, and what is needed beyond that offered by it. An overall architectural model and interaction with the Enterprise Management Forum and DMTF as an approach gained support in the meeting.

XcelleNet

· Provide a forum for suppliers to resolve technical differences. None of the supply-side members engaged with this point in the meeting.

The MMF Mission Statement was presented to the meeting at the close of this section of the agenda.

Accelerate the integration of mobile applications into any information infrastructure by bringing together supply and demand side organisations to ensure delivered solutions meet customer requirements.

Mobile Management Forum Survey Results Summary

About the Survey

· Sent to

· All MMF members via the OGMMF Mailing list.

· All MMF supporters

· All delegates registered for the Managing the Mobile Workforce Plenary

· Only 5 responses by “soft” deadline (15th March)

· Many more responses received since 1st April.

· Incomplete responses lead to slight statistical anomalies.

Closing Session

The final session of the meeting was to review where the MMF had been, summarise what we had covered this week and to propose actions for the quarter ahead. The mechanism used was to capture an order of priorities form all attendees and then cluster the output to arrive at an understanding of agreed next steps.

Where have we been focused?

1. Sessions Management - Developed requirements for maintaining a secure, reliable session while mobile.

2. Synchronisation - Outlined an Open Synchronization Framework between devices.

3. Authentication, Authorisation, Accounting (AAA) - Drill down into the issue that existing and current proposed standards are not perceived to meet the needs of a mobile enterprise end user.

4. Content Trans-coding and Transformation - Define a common set of characteristics that support single creation of content for delivery to any device.

5. MaD - Mobile and Directory joint working group. - Business Scenario produced (executive on the move)

What happened this week

· Re-examined objectives to energize MMF

· Discussed MMF as integration point for mobility standards

· First step - discussed mobility liaison with DMTF

· Largest attendance at meeting since this time last year: busy day!

· Reviewed In3 as a foundation for MMF work

· Discussed/Analyzed findings of March 2002 detailed member survey

· Enterprise mobile infrastructure integration case study to set context

· Joint MMF meeting with DIF (MaD)

· MaD Working Group - agreed milestones for business scenario finalization

· Initiate Identity Management discussions

· Meeting defined proposed work priorities:

· Reviewed work to date

· Related activities to industry advances in the last year

· Scheduled new activities based on member survey feedback

What is the focus for the next quarter

· DMTF liaison to be progressed

· MMF/DMTF mobility working group with DIF proposed for June DMTF meeting

· DIF/MMF/DMTF mobile directory challenge discussed

· In3 Architecture Project

· Mobile architecture framework using existing Open Group disciplines

· Taxonomy of Standards to be refreshed

· Open Group MMF positioned as integrator for mobile standards

· Established MMF Mobile Security Project

· Invite participation from the Security Forum

· Session Management next steps

· Establish liaison with consortia to gain broader industry acceptance

• MWIF; DMTF; TMF

Priorities are to be reviewed with members unable to attend this meeting by end of April and further input sought.

Forum Management

The discussion concluded that there are a couple of points the MMF must pick up.

1 How do we engage more people to get involved. (We have a whole load of members who cant be here for economic reasons.)

The membership asked us to investigate video conferencing or some other interactive method for getting people involved. Webcast technology could work well and will be investigated for the meeting in Boston.

ACTION: Forum Directors to investigate interest in, and capability to provide, Webcast facility for MMF meeting in Boston.

2 We need to establish formal Reporteur roles into Alliance organisations and Standards Bodies

ACTION: MMF members to propose organisations for productive alliance, and nominate/volunteer individuals to fulfil the role of Reporter.

3 It is important to Re-establish Governance of the group.

The existing steering committee has not been visibly active for 9 months. It was agreed that the MMF leadership would re-structure the MMF Steering committee once the project teams have been structured as nearly all of it’s members have either left, or changed company. The meeting agreed that it is time to restructure the MMF into new project focuses to reflect the revised needs of members, as determined by this meeting.

The MMF leadership will establish a new steering committee to reflect the renewed focus.

The Open Group and the Mobile Management Forum expressed their appreciation and would like to recognise the efforts of our outgoing steering committee over the last couple of years.

ACTION: MMF members not in the meeting are invited to specify a project working area you are prepared to participate in (either as defined by the meeting or a new area of focus you would like to champion). Peter and Stef to follow up with all members not able to attend the Paris meeting.

Members are advised that the next quarterly meeting will be in Boston, MA, USA on July 24th & 25^th. It is proposed that the Wednesday will be an all day meeting. To accommodate all the US organisations that were unable to attend our meeting in Paris, the first day of this meeting will be an open meeting for all interested parties. On Thursday 25^th July the MMF will progress activities in the project teams including arranging joint sessions with the other forums, but particularly Enterprise Management, Directory, Security and QoS.