Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Paul Downey

Technical Architect

Government Digital Service

@psd
GDS@psd
Confidentiality
Availability
Integrity
Integrity of Information
Most of the public discussion regarding cyber threats has focused on the
confidentiality and avail...
GDS@psd
Blood group
GDS@psd
“Integrity, i.e.
accuracy and
reliability”
GDS@psd
Molly Dishman &
Martin Fowler on
agile architecture:
GDS@psd
“Architecture is
about things which
are hard to change”
GDS@psd
“complexity comes
from irreversibility”
GDS@psd
“remove things from
the system which are
hard to change”
It’s quite difficult to
unboil an egg
GDS@psd
Integrity: things you
want to be difficult to
change break
GDS@psd
We need to talk
about rotting …
memorandum mori
GDS@psd
Big data
Open data
Linked data
Raw data
GDS@psd
Data proliferation
(1977)
GDS@psd
Data ≈ stuff
GDS@psd
Sturgeon’s
revelation (law)
GDS@psd
Data
warehousing
GDS@psd
Software ≈ stuff
you can easily
change that does
stuff to stuff
GDS@psd
Work out what’s
needed
GDS@psd
1. Start with needs
2. Do less
3. Design with data
4. Do the hard work to make it simple
5. Iterate. Then iterate ...
Start with needs*
* user needs, not government needs
https://www.gov.uk/
service-manual
36
GDS@psd
Registers:
important lists of
things
GDS@psd
Government has
a lot of registers:
GDS@psd
companies, charities, trade unions, courts,
schools, universities, hospitals, zoos, circuses,
inspections, licence...
GDS@psd
things people
need to be able
to trust
GDS@psd
and government
is the canonical
official source
GDS@psd
“An alternative to
scurrilous gossip &
rumour”
GDS@psd
Integrity: being honest
and having strong
principles
GDS@psd
The systems we
build should reflect
our values
GDS@psd
“As Chief Registrar of
Foo, I need to know the
Foo system of record
hasn’t been tampered
with”
GDS@psd
IOW: Should be
tamper proof
GDS@psd
https://
www.gov.uk
https://
www.gov.uk/
after-a-death
https://
www.gov.uk/
info/
after-a-death
Design with Data
gov.uk/performance
Psychic
paper
GDS@psd
“As someone with an
interest in Foo I need to
know a Foo record came
from the Foo Registry and it
hasn’t been tamp...
GDS@psd
IOW: provenance
is important
A digital signature is …
I am me I agree!&
Simon Wardley 

http://blog.gardeviance.org/
http://blog.gardeviance.org/2013/03/basics-repeated-again.html
http://blog.gardeviance.org/2013/03/basics-repeated-again.html
GDS@psd
Choosing
technology
GDS@psd
The main thing is you
must be able to change
your mind
GDS@psd
The Web is
rotting
GDS@psd
The Web is links
GDS@psd
Link rot
GDS@psd
Url shorteners
Abuse
Transnational law
Blocking
Advertising
Privacy and security
Additional layer of complexity
GDS@psd
Purl — Persistent uniform
resource locator
GDS@psd
http://
ourincrediblejourney.tumblr.com
https://adactio.com/
journal/tags/
preservation
It must be gov, yeah, yeah!
No link left behind!
Do less
Use the HTTP:
GDS@psd
Stuff rots
Writing law
demands a certain
level of
commitment
from goats, calves
and sheep
GDS@psd
Horcruxes?
GDS@psd
Backups!
GDS@psd
Physical media
My precious!
GDS@psd
Robot tape
libraries
GDS@psd
Computers rot
and fail
GDS@psd
Bitrot
GDS@psd
Digital dark ages
GDS@psd
Digital
obsolescence
GDS@psd
Digital dark ages
BBC Doomsday project
https://github.com/digital-preservation
GDS@psd
Rotten data
GDS@psd
Cruft?
GDS@psd
People inject
entropy
“People stuff up, but if you really want
to stuff up you need a computer”
– Anon
GDS@psd
“If you really want to stuff things up,
add more people”
– (paraphrasing Fred Brooks)
GDS@psd
P.E.B.C.A.K
GDS@psd
GDS@psd
Can you turn it on
and off again?
Autonomy Mastery Purpose
GDS@psd
Learn from your*
mistakes
* collective noun
GDS@psd
“Anyone who’s worked with technology at
any scale is familiar with failure. Failure cares
not about the architectu...
GDS@psd
Do things that scare
you, often
GDS
gdstechnology.blog.
gov.uk/2015/02/06/
running-a-game-
day-for-gov-uk/
GDS@psd
Fight the entropy!
GDS@psd
Ship of Theseus
ISE Shrine

– Clay Shirky, Here comes everybody
GDS@psd
Facts don’t rot!
GDS@psd
Architecture
Do the hard work
to make it simple
Knocking down the
Towers of SIAM
Register appliance
Certificate
transparency
Merkle tree magic
redecentralize.org
Build in the context of your domain,
organisation The Web
Paul Downey

Technical Architect

Government Digital Service

@psd
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Building systems with integrity
Upcoming SlideShare
Loading in …5
×

Building systems with integrity

1,312 views

Published on

Slides from http://softwarearchitecturecon.com/sa2015/public/schedule/detail/40084

Published in: Technology
  • Be the first to comment

Building systems with integrity

  1. 1. Paul Downey
 Technical Architect
 Government Digital Service
 @psd
  2. 2. GDS@psd Confidentiality Availability Integrity
  3. 3. Integrity of Information Most of the public discussion regarding cyber threats has focused on the confidentiality and availability of information; cyber espionage undermines confidentiality, whereas denial-of-service operations and data deletion attacks undermine availability. In the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity (i.e. accuracy and reliability) instead of deleting it or disrupting access to it. Decision making by senior government officials (civilian and military), corporate executives, investors, or others will be impaired if they cannot trust the information they are receiving. — Worldwide Threat Assessment of the US Intelligence Community, Senate Armed Services Committee, February 26, 2015 

  4. 4. GDS@psd Blood group
  5. 5. GDS@psd “Integrity, i.e. accuracy and reliability”
  6. 6. GDS@psd Molly Dishman & Martin Fowler on agile architecture:
  7. 7. GDS@psd “Architecture is about things which are hard to change”
  8. 8. GDS@psd “complexity comes from irreversibility”
  9. 9. GDS@psd “remove things from the system which are hard to change”
  10. 10. It’s quite difficult to unboil an egg
  11. 11. GDS@psd Integrity: things you want to be difficult to change break
  12. 12. GDS@psd We need to talk about rotting …
  13. 13. memorandum mori
  14. 14. GDS@psd Big data Open data Linked data Raw data
  15. 15. GDS@psd Data proliferation (1977)
  16. 16. GDS@psd Data ≈ stuff
  17. 17. GDS@psd Sturgeon’s revelation (law)
  18. 18. GDS@psd Data warehousing
  19. 19. GDS@psd Software ≈ stuff you can easily change that does stuff to stuff
  20. 20. GDS@psd Work out what’s needed
  21. 21. GDS@psd 1. Start with needs 2. Do less 3. Design with data 4. Do the hard work to make it simple 5. Iterate. Then iterate again. 6. This is for everyone 7. Understand context 8. Build things people can build on 9. Be consistent, not uniform 10. Make things open: it makes things better Design Principles
  22. 22. Start with needs* * user needs, not government needs
  23. 23. https://www.gov.uk/ service-manual
  24. 24. 36
  25. 25. GDS@psd Registers: important lists of things
  26. 26. GDS@psd Government has a lot of registers:
  27. 27. GDS@psd companies, charities, trade unions, courts, schools, universities, hospitals, zoos, circuses, inspections, licences, certificates, births, marriages, deaths, electoral roll, insolvencies, bankruptcies, passports, animal passports, drivers, vehicles, land parcels, land ownership, land use, legal boundaries, awards, tax rates, benefits, livestock movements, flood risk, river levels, companies, fish caught, patents, trademarks, designs, non-native invasive plants, bank holidays, clock changes …
  28. 28. GDS@psd things people need to be able to trust
  29. 29. GDS@psd and government is the canonical official source
  30. 30. GDS@psd “An alternative to scurrilous gossip & rumour”
  31. 31. GDS@psd Integrity: being honest and having strong principles
  32. 32. GDS@psd The systems we build should reflect our values
  33. 33. GDS@psd “As Chief Registrar of Foo, I need to know the Foo system of record hasn’t been tampered with”
  34. 34. GDS@psd IOW: Should be tamper proof
  35. 35. GDS@psd https:// www.gov.uk
  36. 36. https:// www.gov.uk/ after-a-death
  37. 37. https:// www.gov.uk/ info/ after-a-death
  38. 38. Design with Data
  39. 39. gov.uk/performance
  40. 40. Psychic paper
  41. 41. GDS@psd “As someone with an interest in Foo I need to know a Foo record came from the Foo Registry and it hasn’t been tampered with”
  42. 42. GDS@psd IOW: provenance is important
  43. 43. A digital signature is … I am me I agree!&
  44. 44. Simon Wardley 
 http://blog.gardeviance.org/
  45. 45. http://blog.gardeviance.org/2013/03/basics-repeated-again.html
  46. 46. http://blog.gardeviance.org/2013/03/basics-repeated-again.html
  47. 47. GDS@psd Choosing technology
  48. 48. GDS@psd The main thing is you must be able to change your mind
  49. 49. GDS@psd The Web is rotting
  50. 50. GDS@psd The Web is links
  51. 51. GDS@psd Link rot
  52. 52. GDS@psd Url shorteners Abuse Transnational law Blocking Advertising Privacy and security Additional layer of complexity
  53. 53. GDS@psd Purl — Persistent uniform resource locator
  54. 54. GDS@psd http://
  55. 55. ourincrediblejourney.tumblr.com
  56. 56. https://adactio.com/ journal/tags/ preservation
  57. 57. It must be gov, yeah, yeah!
  58. 58. No link left behind!
  59. 59. Do less
  60. 60. Use the HTTP:
  61. 61. GDS@psd Stuff rots
  62. 62. Writing law demands a certain level of commitment from goats, calves and sheep
  63. 63. GDS@psd Horcruxes?
  64. 64. GDS@psd Backups!
  65. 65. GDS@psd Physical media
  66. 66. My precious!
  67. 67. GDS@psd Robot tape libraries
  68. 68. GDS@psd Computers rot and fail
  69. 69. GDS@psd Bitrot
  70. 70. GDS@psd Digital dark ages
  71. 71. GDS@psd Digital obsolescence
  72. 72. GDS@psd Digital dark ages
  73. 73. BBC Doomsday project
  74. 74. https://github.com/digital-preservation
  75. 75. GDS@psd Rotten data
  76. 76. GDS@psd Cruft?
  77. 77. GDS@psd People inject entropy
  78. 78. “People stuff up, but if you really want to stuff up you need a computer” – Anon GDS@psd
  79. 79. “If you really want to stuff things up, add more people” – (paraphrasing Fred Brooks) GDS@psd
  80. 80. P.E.B.C.A.K GDS@psd
  81. 81. GDS@psd Can you turn it on and off again?
  82. 82. Autonomy Mastery Purpose
  83. 83. GDS@psd Learn from your* mistakes * collective noun
  84. 84. GDS@psd “Anyone who’s worked with technology at any scale is familiar with failure. Failure cares not about the architecture designs you slave over, the code you write and review, or the alerts and metrics you meticulously pore through.” — John Allspaw, Blameless Post Mortems and a Just Culture
  85. 85. GDS@psd Do things that scare you, often
  86. 86. GDS gdstechnology.blog. gov.uk/2015/02/06/ running-a-game- day-for-gov-uk/
  87. 87. GDS@psd Fight the entropy!
  88. 88. GDS@psd Ship of Theseus
  89. 89. ISE Shrine
 – Clay Shirky, Here comes everybody
  90. 90. GDS@psd Facts don’t rot!
  91. 91. GDS@psd Architecture
  92. 92. Do the hard work to make it simple
  93. 93. Knocking down the Towers of SIAM
  94. 94. Register appliance
  95. 95. Certificate transparency
  96. 96. Merkle tree magic
  97. 97. redecentralize.org
  98. 98. Build in the context of your domain, organisation The Web
  99. 99. Paul Downey
 Technical Architect
 Government Digital Service
 @psd

×