There are, today, pressing fiscal reasons for corporations and government entities to work more closely with partners, contractors, suppliers, customers or citizens and others via the Internet. Successful enterprises must be able to instantly, securely and reliably connect the right people together with each other and with the right information and processes. This must be done, however, while protecting the organization’s networks, data and online operations.

Through a dizzying patchwork of approaches, including pinpricks through firewalls, special virtual private networks, elaborate "DMZ" alleys for staging area applications and servers, and many other creative measures, companies have been struggling to open access. One of the common threads through all these attempts is that they are almost all tailored to a given group of people using specially designated systems and methods that have not scaled to a broader array of applications and users. The management of these varied short-term measures is itself becoming a security and cost center problem.

The market is demanding easier, more scalable, less costly and more comprehensive solutions. In response to this need, various consortia have developed suites of technology standards for security and transactions, and a myriad of hardware and network layer offerings. Perhaps the most relevant emerging standard is the Liberty Alliance specification, supported by American Express, GM, Nokia, Sony, Novell, Communicator Inc, Trustgenix and others. But the technology standards alone are merely tools without a blueprint to guide them. "Gated community" solutions can provide the framework and operational functions necessary to extend the enterprise while protecting the borders. This approach to extending the enterprise and bridging systems among different organizations provides a powerful and elegant balance of strategic and security needs.

Today, an organization can be defined by its information networks. The digital enterprise comprises the constituent users (employees, customers, partners, etc.), their communications and transactions. The boundary of the electronic environment is the boundary of the business.

Threats to the digital enterprise are tantamount to threats to the business or government unit itself. Strategic objectives require ever more porous boundaries in the network – opening holes and connections for all manner of external users and applications. Consequently, the job of protecting the enterprise becomes more urgently difficult.

From the perspective of information security and assurance, it is common knowledge that barriers to access are good. In selecting the most efficient and lowest risk methods to cross these barriers, it is useful to review the purposes they were erected to achieve. These barriers exist to assure valuable resources are accessible only to authorized users: intellectual property is tied to licensed users, trade secrets and sensitive communications are strictly limited to insiders, and transactions are conducted only with customers under contract, among other reasons. Of course, they also serve the purpose of maintaining walls and watch towers against wrongdoers of various ilk, from petty thieves and hackers to threats against national and economic security.

Clearly, bringing systems and people together from different organizations inside or beyond a single business or government is a "must do", not a "nice to have", based upon the new requirements of the information economy. While business lines blur, hardening the critical information and network systems underlying these interactions becomes more important now than ever before. There needs to be a way to openly connect people to processes and devices across organizations, while avoiding additional exposure to attacks or creating other vulnerabilities.

As organizations attempt to strike a balance between conflicting security and business needs, both the public and private sector also have an economic imperative to apply solutions that will bring down costs, enhance productivity and enable greater revenue. Technologies that permit the right connections and information sharing between the right people at the right time can dramatically enhance productivity. More importantly, extending the enterprise to bring customers, buyers, suppliers and other economic partners in closer interoperation can speed recognition of and open new channels for revenue, and can also reduce transactional drag and other inefficiencies.

Wherever practicable, however, organizations need to extend the useful life of existing technology systems. The last several years have seen an unprecedented outlay of money, dedication of staff and other resources focused on acquisition of new technologies both in government and throughout the private sector. Plans that call for the tearing out of existing systems that are still operating well for their intended purpose have the effect of increasing costs. Sometimes this is necessary, but technical architectures that allow continued use of backend and other systems over a longer period, while still achieving strategic business goals, are preferred.

An Online Gated Community addresses the challenges and balances outlined above. Such a community is comprised of users who are members of different organizations – within or outside a given enterprise. These users are virtually connected with each other while securely and reliably excluding unauthorized users and other intrusions. A digitally networked gated community can be as large or larger than a nation-state, or as minute as a handful of small businesses or smaller, and may be home of many different types of people and activities. But the gates represent a boundary inside of which a common code exists. Common codes of conduct, commercial code, and computer code, when properly applied, blur together into community. The notion of a common code inside a bounded community allows for open, high velocity, and creative styles of interaction inside the gates.

The secure electronic boundaries, because they are manifested technologically, can cut across organizations, enterprises, and geography, bringing together exactly the right people, processes and information. But the technology only supports and reflects the real boundaries, which are expressions of business, policy and legal agreements to cooperate across organizations, tied directly to practical goals and objectives. This can be thought of as an "open but bounded" system, because clear, enforceable boundaries allow participants to form real-time, lower risk and faster transactional relationships with others on the inside.

The concept of a gated community is distinct from other methods of connecting users securely. For example, technology offerings called "virtual private networks" or "value added networks" focus upon securing particular parts of the connection between users, devices and networks. They focus upon encrypting and authenticating end-points over protocols like "IPsec" and "SSL" (common security technical specifications). While very useful, these approaches are very different from the online gated community solution. The gated community approach directly addresses the multi-faceted needs of users to work together in an extended enterprise. A gated community includes adequate technical security, but also supports other functions and components, resulting in a flexible, scalable and safe cross-organizational environment of users.

The basic building blocks of an online gated community include:

The first building block, Identity Management, deserves a deeper treatment. The proliferation of user accounts across networked systems is creating a security problem, because it invites users to keep their various passwords in handy locations. In addition, the current trends are quickly moving toward a ceiling in terms of available business channels and partnering opportunities. The overhead of administering too many systems becomes a hard stop to new business arrangements. Pressure to provide simple to use, yet secure ways for users to sign into the various systems behind the gates is significant.

This means better "Identity Management" solutions are needed. The concept of a "single sign-on" technology has been bandied about for many years as a proposed technical response to this need. However, the typical underlying assumed business model supporting single sign-on is a centralized, hierarchical organization. This approach is an especially poor fit for most organizations today. Hierarchical structures are even harder if applied to multiple networked enterprises that must cooperate with, rather than command, each other.

One way to cut the problem is to view "Identity Management" as a means of determining who is "inside" vs. "outside" the community of authorized users of a business system, and the ability to easily add new communities into the fold while making the intersections between affiliated communities transparent to end-users. In this way, it is possible to rapidly create new business combinations among partnered organizations, clusters of customers and suppliers. Identity management solutions also provide a way to keep up with the dynamically changing internal employee and contractor environments, ever subject to reorganization, mergers and other recombination.

Conceptually, there are three basic ways to achieve identity management:

Inhibitors to forcing a single central digital identity system include entrenched but incompatible practices across lines of business, non-interoperable internal legacy systems and data models, and interdependencies with different external systems. For a variety of reasons, people develop settled cultures around particular ways of doing and naming things. Other challenges to centralized single systems include the additional security vulnerabilities associated with systems monoculture, core choke points and other points of failure, and stunted innovation.

However, this approach may be appropriate where the organizational lines of command can support a single, centralized system and where there is a business need to exact uniform lines of control and homogeneous back-end systems and business methods. In certain limited cases, the significant increase in costs necessary to force different organizations to fully adopt an identical approach is warranted.

The second building block, "Messaging, Presence and Collaboration" also deserves deeper treatment. Creating gates and boundaries does not, in itself, create community. Shielding insiders from outsiders is necessary, but insufficient to yield the true benefits of a gated community. The ability for those inside the affiliated organizations to see each other, communicate, share access to resources, and form small working groups is critical. There is precedent for the creation of successful online communities of various degrees of functionality. Successful online communities all share several traits: they provide space for users to cluster based upon their own areas of interest, they provide some form of "presence" awareness so that users know when their associates are online, and they enable users with no prior relationship to meet and become acquainted inside the safety and context of the gated community.

There are "moments of value" in any transaction, such as when a contract is finalized, a decision is made, or important information is received. Strategic use of instant messaging and collaboration applications within a gated community can be a key method for enhancing that value. For example, through the process of a large business to business or government procurement, the ability to remain in close contact with the appropriate sales, management and technical staff at each organization can reduce the time to implement, more rapidly surface issues, and deepen knowledge transfer and requirements setting.

In the context of public sector domestic security, one can imagine personnel being far more efficient at guarding the homeland thanks to the real-time connections to the right people in affiliated public safety, law enforcement and intelligence communities. The ability to have access to the vast array of information known throughout government can make the difference for those in the field making quick decisions. To support these and other types of strategic uses of messaging and collaboration, organizations could designate certain employees as "on deck" to field certain types of interactions, as needed. With relatively little change in staffing, bringing the right people together in a secure and spontaneous fashion can dramatically increase mission success and revenue opportunities, as well as reduce costs and other delay.

The notion of "digital presence" is perhaps one of the most important and fundamental technical underpinnings of online community. Networked community architectures suggest that knowledge should flow when, where and to whom needed in the same way information fires across synapses in a brain. People with an interest in certain types of information gain easy access to it based upon the seemingly serendipitous connections with like-minded people. People are excellent conduits of information, and naturally convey whatever is relevant to their peers. Linking people with related interests together globally in an organized yet flexible online community allows, for the first time, knowledge to flow with nearly no friction from geography or social boundary.

There are many government initiatives today that could leverage "Community" solutions to great effect. Clearly, there are effective applications of this solution in the public sector ranging from coordinated provision of services to beneficiaries of several government programs, to ease of use for regulated companies dealing with an array of oversight agencies at all levels of government. But domestic security presents one of the most difficult and pressing needs for the benefits gated communities can yield. For example, imagine the following scenario:

A lone law enforcement officer (whether police, U. S. Coast Guard, or otherwise) happens across a suspicious looking situation at a port. A suspicious vessel or activity triggers an initial on-the-scene inquiry. Upon seeking the identity of one of the parties, the law enforcement officer will need a rapid and effective method of validating that identity, determining if that identity is on any known watch list or otherwise presents obvious issues for follow up. In addition, gaining some knowledge of the business or manifest of the vessel or the stated activities of the parties can trigger still other opportunities to verify the information and establish whether there is a potential urgent intervention needed, or other less pressing government intervention

Technically, the process might include establishing a real time link to relevant agents or other employees from different parts of government, each with access to parts of the information and analytical puzzle. This might include creating an ad hoc forum in which appropriate staff resources can congregate in support of a single emerging event in the field or among analysts. In the forum, users would already have a high degree of certainty that the other users are who they claim to be and that they are the appropriate people in their organizations. This is due to the inherent properties of identity management inside a gated community. In addition, the forum could house personnel from different organizations, who connect using very different systems in the back-end and via different networks. The forum can provide an easy way to get current telephone numbers, as needed, to talk directly, and can support inside the online channel a chat interface and sharing of data through direct links or otherwise.

Of course, other less dramatic but also critical components of homeland security will include bringing many relevant but heterogeneous organizations together, both inside and beyond the boundaries of the new Department of Homeland Security. This will include the ability to coordinate large installed user bases, leverage common network services, and open access to resources inside the larger organization to those both inside and outside the Department who need it when they need it. There are also opportunities to create economies of scale in a gated community inside the new homeland security "community of communities" without the need for ripping out legacy systems or unnecessarily forcing together practices and organizational cultures.

This is a good example of an environment where there may be opportunities for both centralized systems and also a keen need for federation. Federation will be especially useful as a technical and governance framework when federal and state homeland security communities begin to integrate their systems, interactions and communications more closely. Under the U.S. constitutional system, a single centralized system of command and control is not appropriate for systems spanning federal and state boundaries.

In the private sector, the financial industry presents powerful opportunities for the use of online gated communities. The current state of affairs in this industry, resulting from competition, globalization, customer demands, regulatory requirements, and risk management needs are a good fit for the structure and benefits of online gated communities.

Taken as a whole, no other economic sector is further along the technology adoption curve than the financial industry, with information systems permeating nearly every aspect of the business. However, as is common across the economy, the systems are of different types, frequently require different methods of use, and are of limited interoperability. Another important aspect of the financial industry is that it is better understood as a series of industries, variously overlapping or disparate. From retail banking with individual consumers, to commercial transactions to institutional investing to bank-to-bank transfers and far beyond, the business models, practices, applicable regulations and market needs of the varied sub-sectors within the financial industry are broad indeed. As such, the financial industry is well suited for the online gated community architecture – allowing each well-defined community to cluster.

Despite the fact that the financial industry is actually a "community of communities", it is nonetheless useful to consider it as an industry with many commonalties, including:

Globalization and ever-larger conglomerations of financial services companies are creating a new market playing field, with new pressures to compete and to cooperate. The new market reality is that companies must be faster, leaner, better coordinated and more flexible. At the same time, they are getting bigger, more complex and juggling more lines of business. Online gated communities can be used to help members of widespread business units share information, leverage central services, and connect to common customers. The architecture of these extended enterprise solutions also fits well with the business models of partner organizations that may need to federate rather than merge in order to cooperate in a given environment while maintaining autonomy in other arenas.

Customers across the sector are getting more sophisticated and demanding higher quality and better-coordinated services. The commoditization of many types of financial services makes competition across the industry more pressing than ever. Meanwhile, customers are starting to balk at the proliferation of passwords and non-synched systems that comprise their workday. As other industries begin to provide more seamless, coordinated and high quality online services to customers, they start to expect the same state of the art offerings from every sector. This introduces yet another form of competition, across otherwise non-competing industries, to satisfy customer service expectations. The online gated community allows end-users to see a portfolio of their various accounts and relevant points of contact across an enterprise, much like a customized portal.

Regulatory requirements across the financial industry have long separated this sector from others, and have recently taken on a new relevancy and urgency in terms of information technology. Legal rules with specific impact on technology systems in financial services include a raft of new "Know Your Customer" and "Anti-Money Laundering" requirements emanating since the attacks of September 11, 2001, the Sarbanes-Oxley statutory and emerging regulatory requirements for new types of reporting and compliance related to financial statements and internal controls, and various consumer protection and privacy requirements addressed to special electronic consumer notices, disclosures and internal processes. The drive toward more corporate transparency and accountability in the wake of the Enron, MCI and other large-scale scandals has been a driver of new legal requirements. The auditing, archiving and security features of online gated communities are well attuned to the new regulatory requirements and risk management needs affecting the financial sector.

Envision the following scenario: After speaking to a large client, a trader seeks to quickly conduct three transactions at three different financial institutions. To take advantage of prevailing market conditions, it is necessary for this trader to act as quickly as possible. The lag time introduced by having to log in to three different systems, while acceptable in other circumstances, may be a severe obstacle in this situation, with measurable economic consequences. Traders have been known to keep the passwords to various trading systems in plain view, believing the savings in time and resulting ability to get a better deal is well worth the potentially increased risk. Security should always safeguard but not unduly hamper legitimate lines of business. The ability of this trader to securely and seamlessly gain access to all trading systems participating in a broader online gated community would be a win for every participant.

This sort of scenario has already taken hold with great success for other transactions within the financial industry. In 1999, Securities.Hub addressed the challenges confronting Wall Street with a federated Online gated community solution. The resulting community, SecuritiesHub, (owned by Citigroup, Credit Suisse First Boston, Goldman Sachs, JPMorgan Chase & Co., Lehman Brothers, Merrill Lynch, Morgan Stanley, UBS Warburg, and Communicator Inc) is a leading provider of financial information to the fixed income online community. SecuritiesHub co-mingles more than 800 analysts and trader's daily news and research, bond market prices and data from Wall Street's eight leading dealers. Over 24,000 institutional investors from more that 60 countries currently use these services, making SecuritiesHub an excellent example of successful online gated community.

Online Gated Communities can provide the tools and the models necessary to solve the emerging requirements facing the financial industry by enhancing speed and access to critical information and systems across increasingly competitive global markets. Allowing coopetition among a diverse group of participating organizations, while yielding the ability to create a "community of communities", makes this architecture a good fit for the financial sector.

The pharmaceutical industry, sprawling and diverse as it is, is essentially about the business of creating and selling chemicals. The search for "New Chemical Entities" (NCE) has intensified, as competition and change in the pharmaceutical industry has heightened. Much depends upon research and development, and the economics of this industry reflect this fact. The pharmaceutical industry has one of the highest ratios of research and development to sales of any economic sector – equaling as high as 1/5 total sales. The factors that determine success in R&D revolve around capacity for collaboration, communication and coordination among partnered research organizations.

Mergers and acquisitions are one of the major trends over the last several years in the Pharmaceutical Industry. The industry giants have become ever larger, while smaller niche players continue to be acquired. Meanwhile, even as the bulk of the large industry players increase, the commercial output of the newly aligned companies has actually been less than the combined number of products commercialized by the individual organizations prior to the mergers. Meanwhile, the race to find NCE’s is hastening. Exacerbating the competitive challenges are the advent of more complex technologies, changing regulatory environments, and ever-smaller periods of exclusivity for new compounds which further fuels the need to reduce the time-to-market. Under these circumstances, the pressure to assure more efficient and effective work among employees and other affiliates is urgent.

Pharmaceutical companies rely upon tight working relationships among many partners and affiliates in the research, development, marketing and sales cycles. During R&D, Contract Research Organizations (CRO) and globally sprawled labs within the newly enlarged corporate structures all must work in close connection. CRO’s are being used increasingly to off-load some of the labor and computationally intensive work of quickly moving new compounds through the pipeline, and more rapidly ruling out those that are unsuitable. The scale and complexity of the interlocking research initiatives across affiliated universities, private CRO’s and numerous internal labs and research units in the pharmaceutical sector presents one of the most difficult management problems in today’s economy.

The utility of an online gated community in this market is compelling. Among other benefits, the gated community structure provides:

Across the public and private sectors and throughout the emerging information society, the pressures to enable secure yet open access across organizations are growing. Organizations must balance the protection of sensitive, high value and mission critical information and systems against the imperative to open access to a growing and diverse set of people, processes and devices across enterprises. Online gated communities offer a reliable, efficient and scalable means of achieving this balance. In addition, when applied in a way tailored to the context of participating organizations, online gated communities can qualitatively enhance existing work channels by unleashing the genius of individuals and teams – free to collaborate, learn, transact and innovate.