Technologies of End-User-Computing – Evolution to the sky

I’m an architect and so I spend the last 10 years to find out what my product managers want to have next to keep the product stable and changeable at the same time. So I will do that in this blog as well and try to support Oliver and his product visions with some more technical information and outlooks ¬†on what drives the End-User-Computing space into the next decade from the architects and developers perspective ūüôā


In the good old days IT departments started managing infrastructures and devices. The enterprise was able to define a 1:1 relationship between user and device. Does this management paradigm fit to our new world today? We are in 2013, driven by mobile & virtualisation paradigms changes. The end user is no more using just one device but is expecting to consume information from any device on any place all over the world. Today devices become more and more just a terminal, very similar to that what we do since years with our TV in different rooms, flats or in front of the fridge. It becomes just a window into our services and data containers.

When we started crawling – Looking back

Back in the 90’s when I started as a long haired developer the existing paradigm of agent based management did fit for enterprise desktops. Windows NT was pretty new and we started fighting with different security models on a single machine. Citrix came up with the Metaframe XP / Terminal Server idea (today they call this XenApp) and managing profiles and shares was a kill pill for enterprise environments. Managing the machine with an agent to come over technologies like Windows Installer or InstallShield that acted as a management layer was the solution of the time. And it still works geat, do we need to change?

When we started walking – Today

Today supporting fully automated workplaces with integration of document storages and single sign on capabilities is state of the art. End users are expecting these things and the application developer, especially service and systems management vendors are able to handle the LDAP protocol, talking to a locally installed active directory or just creating shares on local storage infrastructure beside the challenges with User Account Control or MAC OS X. Normally all the systems are expandable via PowerShell or other scripting languages popular on different platforms. But is that all?

The end user is more¬†emancipated then ever and enterprises need to rethink in their technology landscape to support Bring-Your-Own-Device (BYOD) and Corporate-Owned-Persnal-Enabled (COPE) programs in a “mobile first” world. The existing paradigms how we develop software need to be reviewed.

When we will start running ‚Äď Tomorrow¬†

Agentless management becomes more and more the standard for the mobile workforce or would you allow the enterprise to install an agent on your personal tablet in front of your fridge in the kitchen? No, but you would like to consume enterprise services, e.g. Podio, Socialcast or good old e-mail from that place? That’s the reason why end user computing is not the space any more of device management solutions only.¬†It seems like it is a convergence of bit three big areas

  • Identity,
  • Orchestration & Automation and
  • Data.

Following that, a new buzz word becomes visible on the sky and brings¬†Workspace Aggregators¬†into the game to drive your devices, your data and your (cloud) apps from a single pane of glass solution.¬†This enterprise portal acts as an identity provider for different service providers, e.g. Microsoft Office 365 or Google Enterprise. It also stays in touch with the different data and document providers, e.g. Evernote, DropBox, Box or your well known Windows NT based file servers and becomes the application hub for your end users. If you have a look on how the internet works, everything that is distributed widely is usable from different platforms all over the world and manifests in an Internet standard. So let’s have a look from a high-level perspective what the new important bridges are between the different applications. I will go deeper in every aspect in other blocks later on.


  • SAML2 – The quasi standard for service providers to authorise against your corporate directory, e.g. Active Directory. Currently global players e.g. Google or Microsoft offer different options to integrate SAML2 into your business. SAML2 is going to become the security protocol in a hybrid world of cloud and on-premise services. The definition who the service provider is and who the identity provider becomes nothing more than a¬†configuration switch and allows tight integration between¬†loosely¬†coupled systems.
  • oAuth2 – Where cloud apps are used, a machine to machine communication is necessary to leverage the value from deeply integrated systems. Sometimes the user, the consumer of the service, needs to authorise one service to communicate with another service in the name of the consumer. Allowing this blog engine to send a tweet in the name of the author is the result of implementing oAuth2 which will become the 2nd corner stone right after SAML2
  • jQuery – Remember all the in-house intranet applications which are using their own homegrown user account database without any way to integrate an oAuth2 or SAML2 engine. These applications need to be integrated into an identity solution as well. For this, javascript embedded in your browser works like a swiss army knife. Not that beauty and secure like the other standards but at least a very important bridging technology for the next 24 months.

Orchestration & Automation:

  • WebHooks – Orchestration and automation in the context of a workspace aggregator does not mean doing all by your own. It just provides the ability to¬†notify other systems that¬†something¬†happens and a change needs to be¬†fulfilled. WebHooks are the inversion of WebServices and means the business logic of the cloud service is able to trigger another URL to perform (orchestrate) and action. A detailed review of existing web hook approaches will follow in an additional blog post.
  • RESTful Services –¬†When we talk about WebHooks we need to talk about web services as well. A paradigm we¬†heard¬†I would say 10 years ago becomes more and more reality. Having a Service Oriented Architecture based on REST WebServices mostly implemented with the JSON data representation has the same¬†beauty¬†for an aggregator like the user interface for the end user. Having a RESTful API will become more and more a key feature when¬†enterprise¬†customers¬†selection¬†products and¬†services.
  • Workflows and Service Bus – Last but not least we will have complex non technical¬†business¬†flows in an¬†enterprise. To¬†realize¬†this, an aggregator focused technology landscape needs to support a combination of Workflow and Service Bus systems to route messages from one service to many other services or to¬†transform data into different structures. It’s more or less the data ware housing paradigm reused for the end user computing space – Extraction – Transformation – Load :-). An approach I really like is the solution the team of IFTTT is¬†working¬†on.


When it comes to data of course all important services are supporting RESTful interfaces or having APIs for building WebHooks, because the service itself is a target for orchestration and automation. From the customer perspective the cloud storage vendors do not support a generic API which can be used to orchestrate all cloud and on-promise products in the same way. This means the IT landscape of an enterprise should be filled up with an abstraction component which is able to support the different services, e.g. DropBox. Box.NET, Amazon S3, OwnCloud or the good old Windows Servers.

I would divide this abstraction component into two layers, the first one is an API abstractor to get an unified REST-API. This allows to control all data providers of this world in the same way and reduces the risk of a vendor lock in. The team of is doing a very great job in this and the API is very simple to use. I personally like this service.

The second layer is the way how we handle documents, access rights and workspaces. Today nobody wants to work with an old school “Windows Explorer¬†like” view on the data. We live in a world of real¬†artefacts, e.g¬†projects, notes,¬†foto streams, events or discussions¬†about documents.

Microsoft started this thinking nearly 8 years ago with WinFS but never released that :-(. Today there are several players on the market who are¬†offering¬†products in this space and supporting a RESTful API. One I like personally is Otixo¬†which gives me unified access to my data across different storage services. The new star on the sky could be Hojoki with it’s offering around data and documents, but these guys have still a way to go to call it¬†enterprise¬†ready.

What is your favourite technology, API, SDK or service in the three main directions? Let me know your thoughts and let’s start a technical discussion right with this blog post.

This entry was posted in Technical details and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s