A place for every service and every service in its place…

Simone Pringle, Enterprise Architect Information Technology Division

Posted by: Simone Pringle, Information Technology Division, Enterprise Architect


Imagine you manage an office supply store and that you sell everything from staples and paper clips to binders, pencils, printers and computers.  Chances are, you’ve organized your store in such a manner that your customers can easily come in and find what they are looking for: “Binders in aisle 4; pencils in aisle 7”.  In fact, you probably posted signs at the end of each aisle, making it clear to your customers where to find things.  If instead, supplies were randomly scattered throughout your store, customers would have difficulty finding what they need: they would quickly become frustrated, leave and never shop at your store again…  Additionally, if your store had a catalog that you mailed out to your customers, you would likely have a table of contents or an index that would help customers find and order items from your catalogue. 

Providers organize and index to make it possible for their clients to discover and use the goods and services they offer.

IT services are no different than other types of services, in this respect: services need to be presented to potential clients in a manner that is inductive to use.  Technical service providers rely on tools known as repository and registry to help organize and index service offerings, respectively. 

At a minimum, entries in the service repository track information about each service, such as the service name, description, business owner, service level agreements (SLAs), version(s), documentation, cost of accessing service, etc.  More sophisticated repositories will help service providers and their authorized partners track the service development lifecycle – from design to deployment, as well as the service’s dependencies on infrastructure, software tools, and other services and applications.  Different types of users will gain insight into a particular service, by viewing different aspects of the data stored in the repository: project managers can evaluate progress in the development of an updated version of the service; clients can review SLAs and compare with how the service offering meets their business needs; software architects can access the metadata to determine how to integrate with the service, etc.  Open standards efforts such as the OASIS SOA Repository Artifact Model and Protocol (S-RAMP) are underway to formalize a common data model, as well as a protocol for accessing data in repositories.

Once a service is in the repository, it still needs to be indexed in a manner that makes it easier for an interested client to discover the service.  Typically, each service in the repository is tagged as being part of one or more categories of services.  This categorization is based on a classification scheme, also known as taxonomy.  The taxonomy makes it possible for items in the repository to be discovered through the registry in a process that is similar to finding a store item following the aisle sign or a product using the index for the store’s catalogue.   The Universal Description, Discovery and Integration (UDDI) standard specifies a SOAP-based web service standard for discovering services according to published taxonomies.  Finally, access to services is controlled in a secure manner by filtering service inquiries based on authorization settings.

The Information Technology Division of the Commonwealth is designing and deploying an Enterprise-level solution for service registry and repository that will make it easier for Agencies to collaborate by publishing and consuming technical services.  Eventually, the Commonwealth’s Service “Marketplace” will make it possible for Agencies and their partners to further enhance the quality of services we provide the citizens of the Commonwealth.


ETRM Refresh (Version 5.1)


 By Louis Kaczmarek, ITD Enterprise and Infrastructure Architect

Indisputably, establishing mobile communication technical standards has led to affordable handsets that travellers can use across most of the world.  One of the reasons is because wherever you take a standards-based mobile phone, it can most likely ‘talk’ the technical bits and bytes to similarly standardized network infrastructure guaranteed wherever you are. 

So let’s talk about a technical standard that promises Commonwealth agencies (and citizens as a result) that same mobility and guarantee.

The Enterprise Technical Reference Model (ETRM) outlines the SOA(Service Oriented Architecture) framework details for the Commonwealth and sets the minimal interoperability standards needed to achieve ‘loose coupling’ between composite applications that share certain fundamental web services. It is a work in progress that is constantly evolving with more common services being funded and stood up each year.

The ETRM consists of 6 separate service domains (the current draft proposes changes to the domains marked with the asterisks) and the refresh seeks to update domains in the following key areas:

    o New Language Regarding Interchange as a Replacement
    o Registry/Repository Services Implemented Based on an HP Systinet Platform
    o Technology Specifications Added Included WS-Addressing, Soap Message Transmission Optimization (MTOM), Interchange and FTP
    o More Standards Within the WS-Interoperability Basic
    o WS-Security  Updated to Version 1.1 From 1.0

Creating an enterprise-wide services SOA framework is an ongoing process designed to strike a balance between shared generic services (which reduce redundancy and achieve economies of scale) and the customization needed by Agencies to meet program goals and the ETRM plays a significant role.
Please review the documents posted at the link above and send your questions/comments to standards@state.ma.us.

Interchange Upgrade Offers New Services

Stephanie Marsan, SAI Communications Manager, Information Technology DivisionPosted by:
Stephanie Marsan, SAI Communications Manager, Information Technology Division


Interchange, the Commonwealth’s managed file-transfer solution, was successfully upgraded on May 28, 2011.  This release of Interchange enhances existing services and offers new services that can be taken advantage of by all current and on-boarding users. 

Secure File Delivery

Secure file delivery services previously offered by SFED have now been included in the services offered by Interchange.  This service allows Commonwealth employees to send and receive files securely to anyone.  Now organizations may send files using any one of the following methods:

Web Page

Upload to a secure web page and send an automated email notification to any recipient who can then retrieve the file at their convenience. 

System Enabled

Systems can send and receive files both inside and outside of the Commonwealth using standards-based secure protocols and standard communication patterns.

To learn more about these methods click here

The Interchange enhancements were designed to support the Commonwealth’s shared technical and security goals by allowing users to select services that will comply with many of today’s regulated or required technical and security obligations.

Interchange is one component of the Shared Application Infrastructure (SAI), the Commonwealth’s growing network of shared application functionality.

For further information, please contact Stephanie Marsan, SAI Communications Coordinator, at




Infrastructure Virtualization in the Enterprise

Kevin picture

Posted by: Kevin Prefontaine, Enterprise Infrastucture Architect, Information Technology Division

“Virtual” is a buzzword used frequently in today’s technology age.  As a result of the vast interest in this flavor of technology, IT Experts have tried to simulate or “virtualize” almost every human experience.  As a musician, I have seen the virtualization of all of the tools of the trade for guitar players including vintage vacuum tube powered amplifiers from the 1960’s.  We even have virtual pets that can be cared for on our “smartphones”.   Some of these virtualizations avoid the headache and downsides of the experiences they simulate.   They can be enjoyable but don’t quite capture the essence of the actual experience.  For instance, playing a guitar through a $20 virtual guitar amplifier “app” on my iPhone can sound good, be really enjoyable, does not involve carrying around heavy equipment, and does not cost over $1000.   But it does not render the same feeling one gets when standing in a room with a vintage tube guitar amplifier from the 1960’s anymore than playing a video game.  But the difference between $20 and $1000 is certainly compelling.  In the world of Enterprise IT, that kind of cost savings is also compelling. 

Maturity Can Make the Experience Even Better

Fortunately, for those considering virtualization in the IT Enterprise world, the technology behind it has matured to a point where the experience of using virtual servers, desktops, and even storage can yield even better feature sets and performance than the physical equipment it simulates.  Multiple virtual servers of various operating systems and purposes can be deployed on one physical server.  These virtual servers are portable to other physical servers for flexibility.  Compatibility is not an issue as the virtual servers are not hardware dependant.  Performance and capacity can be optimized and tuned for enterprise applications. 

“I Don’t Want a Dumb Terminal.”

The idea of Desktop Virtualization does give one an initial feeling of the thin client/dumb terminal approach used before PC’s took over our lives.  Those older terminals were not so endearing to the end user, but desktop virtualization has reached a point where most of the capabilities of a modern PC are available in a virtual way.  For instance, virtual desktop technology now allows for the use of usb ports.  A thin client device can have usb ports that when used will be reflected in a virtual desktop “session” that is actually occurring remotely.  Some benefits of Desktop Virtualization are similar to those rendered in virtual servers in terms of simpler provisioning and desktop management capabilities and efficiencies.  An additional benefit is secure remote access to an enterprise desktop environment.  If you can access the “session” from your thin client machine at your desk in a secure manner, then you can access that session securely elsewhere. 

“Virtual Storage?  Really?”

The idea of virtualized storage might seem a bit abstract at first, but upon closer consideration it can yield an Enterprise IT Organization great flexibility when provisioning and managing storage.  The Commonwealth’s storage environment has become an ever-changing, evolving, and dynamic part of the infrastructure.  With the second data center under construction in Springfield, and the continuing IT consolidation efforts taking place across the commonwealth, storage needs are more complex and dynamic than ever before.  The tools that storage virtualization offers can help meet that challenge.   Key amongst the benefits offered by storage virtualization is non-disruptive data migration.  Data needs to be moved around within and between data centers in a fashion that keeps Enterprise applications running so that it is transparent to end users.  Also of benefit is the concept of auto-tiering between various types of storage based on performance needs.  This feature can keep track of a server or application’s use of storage and dynamically move it to a storage type that suits its performance needs.  High performance applications would then become resident on ultra-fast Solid State Disks, while stagnant data would be relegated to slower, less expensive SATA disk storage.  This process can also be done manually and allow movement between various storage types non-disruptively.

"But Why?"

Last but not least, the costs that are saved by getting to this type of Enterprise Virtualized Infrastructure Environment are yielded in multiple areas including management efficiencies, and even energy costs saved by using less hardware.  Also key are longer refresh cycles for server and client desktop hardware.  One of the strategic goals of the Commonwealth’s IT Consolidation effort is to create efficiencies and maximize resources; Enterprise Infrastructure Virtualization is vital to facilitating an environment that can achieve this goal.

HTML5: A Brief Introduction

Chidlovski Posted by: Arthur Chidlovski, Senior Web Systems Engineer, Executive Office of Housing and Economic Development

For those of us who are involved in the business of software development and building web sites, it is always very important to keep up with the latest trends in web standards. HTML5 is the latest revision of the HTML and it is a definite focus of today's web developers' attention HTML5 predecessors are HTML 4.01 and XHTML.

The history of HTML5 began with the WHATWG (Web Hypertext Application Technology Working Group) work on developing HTML and API for web applications. WHATWG was founded in 2004 by representatives of Apple, Mozilla, and Opera. They were concerned about the direction the W3C were taking with the XHTML. In 2009, W3C (World Wide Web Consortium) announced that the XHTML2 would be cancelled in favor of HTML and that was a definite green light for the HTML5 as a future avenue of web standards.

What are the features that HTML5 brings to the HTML world? In a nutshell these features can be outlined as following:

• Backward compatibility and progressive enhancement-It is one of the main reasons HTML5 is highly appealing to both browser manufactures and developers.

• New elements-Semantically rich elements (section, header, footer, nav), new elements to handle graphics and   multimedia (audio, video, canvas)

• New types of form controls-Date and time, email, URL, range, color [32], etc.

• New attributes -Charset (on meta), async (on script)

• Drop of the deprecated elements-(acronym, applet, base font, big, center, dir, font, frame, frameset,isindex, noframes, strike, tt, u)

Similar to previously introduced HTML standards, HTML5 has pros and cons. In terms of pros, HTML5 is strongly supported by the major IT players today. Google is highly supportive of HTML5 because it allows us to produce new rich web-based applications vs. desktop alternatives; YouTube is no longer locked on Flash plugins to deliver multimedia.  Apple makes rich web apps on iPhone and Mac platforms and in MobileMe. Microsoft browser manufacturers also seem to be in favor of backward compatibility that HTML5 offers.

On January 18, 2011, the W3C published a logo to represent the use of or interest in HTML5. More and more browsers began to comply with the new standards. Although HTML5 is still in development and obviously is not ready for its prime time, impressive power and the potential of HTML5 and CSS3 can already be seen in many cutting-edge web-based applications and interfaces.

Fine Tuning: How IT Efforts Map to Shifting Business Needs


Posted by: Louis Kaczmarek, Strategic Policy Architect, Department of Information Technology

Here’s a resource management question that almost everyone can relate to: how exactly do large project teams adapt to shifting business requirements?
One answer can be found in a category of IT standards designed to help service organizations build their own adaptive best-practice IT governance frameworks; we like COBIT (Control Objects for Information and Related Technology).
COBIT's IT Governance components in particular outline how large organizations can institute repeatable processes that translate corporate strategy into IT projects that deliver the most value.
Change is constant, that’s a given but how do we ensure that priorities and dependent projects are considered as these reprioritizations take place? What is the most efficient way to manage this process? If it’s a new project, what needs to be delayed or sidetracked to start this new effort? One key component is having just the "right amount" of process structure so that priorities auto-correct without excessively slowing things down. It’s not a secret that finding the perfect way to do this takes a lot of work but once completed, the benefits are substantial.

Now that we are better at deciding what to build/buy we can more effectively execute using our other favorite set of IT industry standards, ITIL (Information Technology Infrastructure Library). ITIL provides methods to ensure that what you set out to deliver is actually being built and, once you’ve built it, you are measuring how well it’s fulfilling the business driver that spawned it.



Update on IT Consolidation in the Commonwealth

John Glennon, Secretariat Chief Information Officer, Executive Office of Labor and Workforce DevelopmentPosted by:
John Glennon, Secretariat Chief Information Officer, Executive Office of Labor and Workforce Development

I am happy to report that the Commonwealth has made great progress toward reaching its IT consolidation goals since my last blog post on the topic.  In keeping with the Executive Order (EO 510) Governor Patrick signed in 2009, Massachusetts has been working towards making our IT infrastructure and services more efficient, more effective, and more secure. 

IT and business leaders across the Commonwealth have collaborated in an unprecedented way to drive change that’s delivering tangible results.  Across the Executive Department, we’ve…

  • Consolidated the number of helpdesks by over 50%, allowing us to cut costs while broadening and improving the technical support services that enable state employees to meet citizens’ needs
  • Saved millions of dollars – with more on the horizon – by combining our purchasing power to get the best deals on computer equipment and services
  • Launched LearnIT!, a training & development program for staff, which is helping keep our IT workforce up-to-date on the technology and business skills they need to keep our systems running smoothly
  • Transitioned data center equipment from various locations across the state into the Massachusetts Information Technology Center, ensuring a much greater level of security for our information and systems

And those are just a few examples of the great work that’s happening.  To hear more about specific projects from the people on the front lines, check out our IT Consolidation: Success Stories video.

To learn more about consolidation and keep up to date with our quarterly newsletters and regular email blasts, visit the IT Consolidation Communications Hub wiki page.

Finally, we would love to hear comments you have on this topic and look forward to sharing more information about this exciting initiative as it moves forward.

• If you have any questions or feedback you can provide them anonymously to the Communications working group at http://www.mass.gov/itd/itconsolidationfeedback

• If you have any questions for me, please write to me at john.glennon@state.ma.us

What can metadata do for you?

Simone Pringle, Enterprise Architect Information Technology DivisionPosted by:
Simone Pringle, Enterprise Architect, Information Technology Division

Metadata is frequently defined as "data about data".  Though at first it may seem like an almost circular definition, it accurately captures the fact that data does not exist in isolation, but rather is part of an information exchange “context”.   Information typically captured in metadata includes a description of data content and structure, as well as the activities and processes for which the data is used.  A better understanding of the metadata can help all participants maximize the benefits derived from the direct use of the data.

We rely on metadata in our daily lives, without even thinking about it!  Take for instance, drivers' licenses.  The business context for the use of a driver’s license is typically to provide proof that an individual has been authorized by an official entity, to operate certain types of motor vehicles, given possible constraints such as the use of prescription eye glasses.   There are expectations for the information that should be contained in a driver's license, such as a recent photo of the driver, his/her name, date of birth, validation period for the license, name of issuing entity, etc.  This combination of the expected data attributes and purpose of use is the metadata for the driver's license.  The standardization of driver's license metadata facilitates all processes that use the license as a means to assert one's legal right to drive.

Metadata has long been used in the context of data warehousing and business intelligence (BI) to describe the structure of the data – also known as the schema – and to facilitate data correlation and report generation.  More recently, internet-based resources, such as web services and humanly-readable web pages, have started relying on metadata as an effective means of improving the quality of search results, as well as content management.

Since metadata can be effectively used to describe the content and context of digital information, it makes it possible to create self-describing systems.  Consider, for instance, that certain types of data access require higher levels of security protections.  Documents can be tagged with metadata that indicates that access is restricted and that certain security policies apply for the distribution, storage and disposal of these documents.  By using the metadata, security infrastructure can automatically enforce policies even when the data itself is protected, e.g. encrypted.

Common applications of metadata include:

  • Inclusion of keywords in web pages, improving search engine results;
  • Definitions of web services using open standards such as the Universal Description Discovery and Integration (UDDI) and Web Services Definition Language (WSDL), facilitating service discovery and reuse;
  • Security level tagging, to enforce and manage security policies for the entire lifecycle of the data, including, access, storage and disposal;Version tagging, to allow for applications and information content to evolve in support of improved business processes, while continuing to support existing usage;
  • Mapping of data elements across information models, enabling system integration;
  • etc.

There are a number of standardization efforts underway to support broad adoption of metadata-aware business models.  In particular, individuals interested in gaining a better understanding of metadata and current harmonization efforts, should consider looking into the Dublin Core Metadata Initiative (DCMI) – http://dublincore.org/

The use of metadata provides a powerful tool to describe, catalog, find, and manage information.  It is not surprising that information management experts rely more and more on metadata-enabled tools and processes to do their work.  In the words of a colleague, "I never met a data I didn't like"…

The Health Information Exchange


Posted by: Louis Kaczmarek, Information Security Officer, Department of Public Health

Everything we do at at the Department of Public Health (DPH) relies on or reuses existing tools, and needless to say those we need to build or buy maximally follow SOA principles. But there is one trend that takes ‘interoperability’ to a whole new level: it’s called the Health Information Exchange (HIE) and Massachusetts is planning one right now. My involvement in this project is as co-chair for the Privacy and Security Ad-hoc Workgroup, working with the Massachusetts e-Health Institute; we make recommendations for them to consider as they make the HIE a reality.

You may have heard or seen how health records at your doctor’s office are increasingly being stored electronically. Sometimes doctors have to share these records to coordinate the best and most efficient care. Such an exchange of records might happen when you go see a specialist outside of your ‘network’ or when you go on a Florida beach vacation, cut your foot on a shell (or worse) and have to get stitched up before returning home. So with the patient’s permission, the HIE’s securely and confidentially moves electronic health records from one doctor to another.

It’s worth mentioning that HIEs are being set up all around the country but whatever we cook up here has to fit with MA laws and society. To ensure that it turns out that way, we’ve solicited views from as many MA-based stakeholders we could think of (plus a few outside of MA). So, if you haven’t already done so let us know what you think; after all this system is for all of us.



Standard Operating Environment and the “New Guy”

Kevin picture Posted by: Kevin Prefontaine, Strategic Infrastructure Architect, ITD

So autumn is here, and with it is a time to pave the way for new things. It’s a time to let the “old” fall away and to make way for the “new”.  In my latest career iteration with the Commonwealth, this has taken on a much grander meaning.  But how do we shape and direct the “new”?  At home, we do things like plant perennials, or plan budgets so that the spring and summer have the best chance to yield rewarding results.  Here at the Enterprise Technology Office, our efforts focus on planting and pruning work that will yield the best chance for a sustainable and a healthy IT ecosystem.  We plan to accomplish this through a complete overhaul of our Standard Operating Environment (SOE).

Who exactly is the “new guy” and what is his relation to the SOE?

Not so new to the Commonwealth, but brand new to ITD.  My journey of state service started at the Department of Mental Retardation in 1995 as an application developer/network support tech.  Moved up to the “Regional MIS Coordinator” position in ’98 and then to “Senior Network Engineer” in 1999.  I served in that role until our Commonwealth began consolidating IT workers at the Secretariat level and in 2008 I was absorbed into the Engineering group of the Chief Technology Office of the Executive Office of Health and Human Services.  And finally, I decided to catch the wave from EOHHS to ITD in taking my new position as Strategic Infrastructure Architect. 

First project out of the gate: Establish a Standard Operating Environment for the Commonwealth

Big project, but an inspiring one if you consider the perspective I bring given my first 15 years doing IT work for Massachusetts.  The idea of an SOE as a guide for many IT based decisions over those years would have been a tremendous resource.  There have been standards published from ITD but they have had varying degrees of success, visibility, and especially compliance outside of ITD.  The Agencies/Secretariats of the Commonwealth have not always seen good incentive to comply given their respective business initiatives and economic conditions. 

“But the times they are a changin…”

Consolidation of Commonwealth IT resources is mandated by Executive Order 510, a strong statement for sure, but not one that has to be feared.  The benefits of this ongoing effort for the Enterprise, as well as the citizens of the Commonwealth, will be considerable in with proper planning.  The revision of the SOE will contribute to a seamless consolidation of Commonwealth IT resources.

So, what exactly is the SOE?

At the most basic level, a Standard Operating Environment (SOE) allows the Commonwealth to take advantage of economies of scale.  Consolidated investments = bigger discounts.  But the “under the hood” benefits of a SOE run deeper.  “Like Systems” = “Like Support Models”.  The Commonwealth has many IT experts that are outstanding at supporting their various systems.  The closer they can get to supporting “like systems”, the more effective they can be at working together to support the “Enterprise”. 

Developing a common knowledge base allows for a much deeper breadth to draw from for support and reduces dependency on high priced vendor support for less complex issues. 
A broader and deeper knowledge base results in enhanced and expanded career paths.  The idea of people working collectively and cooperatively with “like systems” breeds the center of excellence mentality.    In these trying economic times, being part of something that truly strives for excellence and collaboration among colleagues is a soft benefit that we can all take advantage of.

So, how does all this benefit the citizens of the Commonwealth?

The concept of an entire Enterprise such as the Commonwealth, who have different business goals and methods, using all identical systems, seems a bit ambitious, but the more places we can find and create common ground, the more efficient and effective the Commonwealth will be in delivering its services to the citizens of the Commonwealth.

Water, food and sunlight are required to nourish a healthy garden, just as responsible spending, common technologies and expanded expertise are critical to a healthy IT ecosystem.  Ensuring that our mission critical IT environments are healthy and sustainable both now and in future, creates a favorable “customer experience” by allowing us to focus on what’s important to our customers.  A Standard Operating Environment is instrumental to achieving this.