Federated and Free

Distributed and Decentralized Applications
on OpenShift



presented by

ryan jarvinen / @ryanj
Engineer, Open Platform Evangelist
Red Hat


One thing that the cloud has taught me

is to plan for failure

Is your social network provider too big to fail?

"What's the worst that could happen?"

Who owns your data?

Terms of Service

No negotiation

Subject to change at any moment

You may be banned without warning

change of terms

Can your data be exported in an open format?

Who brokers your identity?

  • your email provider?
  • your phone company?
  • credit agencies?
  • your SSN?
  • google, apple (have you rooted)
  • facebook
  • linkedin
  • twitter
  • github
cloud deal gets worse



Focused on:

  • stopping discrimination
  • preserving your right to privacy

German Telemedia Act

What about laws in the US?

As we move our lives online, we often lose the ability to negotiate with the businesses we deal with on a daily basis

No democratic process to work with

Only free market supply and demand to rely on

Establishing an Open Protocol for decentralized identity on the web

identity standards

open protocols, but currently access control is still generally centralized

what happens when we get locked out?

Or, better yet, what is our switching cost?

In a way, the tech industry has recently been strugling with the same question in regard to hardware / infrastucture (IaaS)

Who is the customer? Do I have any control?

As a consumer, I seek out utilities that specialize in serving my interests

  • Cell phone contracts (why I buy my own cell phone hardware)
  • Does your ISP prioritize their own video streaming solution over other data sharing the same wire?
  • "I like being able to fire people"
  • I like businesses that develop and adopt standards, enabling communities, ecosystems

Who does your online presence broker recognize as their customers?

Most are advertising or info focused

App.net - the open version of twitter?

  • you are the customer!
  • correct incentives?
  • is adertising a valid form of monetization? (opt-in, personalized?)
  • can I host my own? is there lock in?
  • is it a walled garden? will it ever reach crtitcal mass? will it become too big to fail?
  • platform and product are still tightly coupled

Identity managers have incredible control over their platforms

  1. Identity and platform must be decoupled
  2. We need a platform as a service!
  3. We want open systems all the way down

Starting over from scratch

With an Open Cloud

The solution will need to be:

  1. open, secure
  2. properly monetized, good incentives
  3. no lock in, minimal switching cost

Reality check:

  • uptime is critical
  • decouple platform and product. pay for serice uptime
  • interop, portability is critical

But who wants to do all of this work anyway?

Thats why we have OpenShift Online

don't like RedHat? Try GetUpCloud.com

I have a feeling that you may see some major IaaS providers offering their own OpenShift managed hosting service soon

Open Source the Cloud

  1. OS - liberated!
  2. Infrastructure - liberated! (OpenStack, RDO)
  3. Platform - liberated! (OpenShift)
  4. Integrate with OpenStack or other open systems to use your existing identity, authentication, authorization services.
  5. Host your own OpenID, OAuth, etc..

The cloud is a free market for services. We're seeing a lot of specialization in storage, compute, caching, hosting, monitoring - all being handled by different open and pluggable vendor solutions.


  • Domain registries that support OAuth-style provisioning

Meanwhile, back in cloud city…


Establishing a protocol, or not:

  • decouple identity and data / activity
  • interact with folks across social hubs (federation)
  • OpenSocial (old, now proprietary?)
  • tent.io (developing a protocol, asking great questions)
  • pump.io (streams)
  • leveldb (streams, streams, streams)

Figure A:

Figure B:

The solution will need to be…

Are we there yet?

  1. open, secure
  2. properly monetized, good incentives
  3. no lock in, minimal switching costs

Data formats, standards, projects to keep an eye on:

  • RSS 3.0
  • Activity Streams 3.0
  • GNU Social

Open App store

practical killer apps, an open realtime office

even for the windows users

Building communities around an open infrastucture, OS, and platform

  • OpenShift Origin
  • Code For America
  • CryptoParty

code for america

An organization built around:

  • Civic app development
  • Community building
  • Hackathons
  • Democracy
  • Open data policies


take back your data, take back your identity

  • define your own TOS
  • pay for uptime, not for usage terms
  • treat your utilities like utilities

Walls of cryptography

Types of crypto:

  1. Disk encryption
  2. File encryption
  3. Network i/o encryption

Who controls the lines of transmission?

ISPs, telcos, NSA (prism, xkeyscore)?

Fully Homomorphic Encryption

  • Support for blind processing operations
  • Data stays encrypted while being transacted upon


For information about running your own OpenShift:


Or, sign up for a free OpenShift Online account

Thanks for following along!   --ryanj