• Home

  • Documents

  • Get into the Groove: solutions for secure and dynamic collaboration
6
At a glance: What is Groove? Teaming up across boundaries Groove 2007 architecture Communication & Collaboration Get into the Groove: solutions for secure and dynamic collaboration In today’s global economy, your project teams may be spread across departments, offices, time zones – even continents. And thanks to rapid advances in computing technology and the proliferation Yung Chou of broadband Internet and mobile devices, you face increasing expectations of service quality and availability. More than ever be- fore you’re likely to be working with peo- ple you’ve never met in person. At the same time, you need to work with team members in context and without worrying about the underlying complexities of secure communi- cation and data synchronisation. Microsoft Office Groove 2007 is a new col- laboration tool in the 2007 Microsoft Office system that enables teams to collaborate dy- namically, effectively and with advanced se- curity, even when team members work for different organisations, work remotely, or need to work offline. I’ll introduce you to Office Groove 2007 and explain the archi- tectural underpinnings that make it an ideal tool for dynamic team collaboration. The Office Groove platform includes both decentralised client software (Office Groove 2007) for information worker pro- ductivity and centralised services (Office Groove Server 2007) for traversing network boundaries efficiently, enforcing IT manage- ment and integrating data with other server- Prerelease info in this article is subject to change. 58 To get your FREE copy of TechNet Magazine subscribe at: www.microsoft.com/uk/technetmagazine

Get into the Groove: solutions for secure and dynamic collaboration

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Get into the Groove: solutions for secure and dynamic collaboration

At a glance:What is Groove?Teaming up across boundariesGroove 2007 architecture

Communication & Collaboration

Get into the Groove: solutions for secure and dynamic collaboration

In today’s global economy, your project teams may be spread across departments, offices, time zones – even continents. And thanks to rapid advances in computing technology and the proliferation

Yung Chou

of broadband Internet and mobile devices, you face increasing expectations of service quality and availability. More than ever be-fore you’re likely to be working with peo-ple you’ve never met in person. At the same time, you need to work with team members in context and without worrying about the underlying complexities of secure communi-cation and data synchronisation.

Microsoft Office Groove 2007 is a new col-laboration tool in the 2007 Microsoft Office system that enables teams to collaborate dy-namically, effectively and with advanced se-

curity, even when team members work for different organisations, work remotely, or need to work offline. I’ll introduce you to Office Groove 2007 and explain the archi-tectural underpinnings that make it an ideal tool for dynamic team collaboration.

The Office Groove platform includes both decentralised client software (Office Groove 2007) for information worker pro-ductivity and centralised services (Office Groove Server 2007) for traversing network boundaries efficiently, enforcing IT manage-ment and integrating data with other server-

Prerelease info in this article is subject to change.

58 To get your FREE copy of TechNet Magazine subscribe at: www.microsoft.com/uk/technetmagazine

Page 2: Get into the Groove: solutions for secure and dynamic collaboration

TechNet Magazine January 2007 59

based systems. This article will cover only the Office Groove 2007 client software and the Office Groove Server Relay. Look for future coverage of the deployment capabilities of Office Groove Server Manager and the inte-gration capabilities of Office Groove Server Data Bridge.

Office Groove 2007 is the client software that enables individuals to work as teams within collaborative virtual workspaces. Office Groove 2007 enables teams to accom-plish collaborative tasks, even when team members work for different organisations, work remotely, or need to work offline.

Office Groove Server 2007 gives IT organ-isations enterprise-class server software and tools for deploying, managing and integrat-ing Office Groove 2007 clients across the en-terprise. Among the components included in Office Groove Server 2007 is the Office Groove Server Relay. Office Groove Server Relay provides a store-and-forward service that automatically routes encrypted data changes between Office Groove 2007 clients when they can’t connect directly. Also includ-ed are the Office Groove Server Manager and the Office Groove Server Data Bridge. I’ll dis-cuss those more in a future article.

Individual workers can use the Office Groove 2007 client software to form a team by creating workspaces, adding tools and data, and inviting other Groove users to join the workspace as team members.

As team members collaborate in a work-space, Office Groove 2007 works in concert with Office Groove Server Relay to keep each team member’s copy of the workspace synchronised, even if no two users are online concurrently. The data within each Groove workspace is always protected by 192-bit Advanced Encryption System (AES) encryp-tion, whether it’s stored on a team member’s local disk, being transferred between client workspaces on the network or being tempo-rarily stored on Office Groove Server Relay.

Using Office Groove 2007From a user’s perspective, Office Groove 2007 client software consists of five key el-ements: the launchbar, the workspace, tools, presence and communication, and alerts. The launchbar is the starting point for using Groove and provides easy access to a user’s workspaces and contacts.

A Groove workspace (see Figure 1) is where you share information and work with others on a specific task or project. A workspace is intended for a small group of approximate-ly 2 to 50 members. Common projects and tasks executed in a Groove workspace might include document reviews, project-specif-ic meetings, threaded discussions, review-ing and sharing published content, tracking tasks or issues, and collecting or aggregating structured data.

Tools are applications that can be added to workspaces for sharing and manipulating

structured and unstructured data. Structured data is captured with tools like the Groove InfoPath Forms tool and the Groove Forms tool; unstructured data includes items such as documents, discussion threads and imag-es. Two new tools available in Office Groove 2007 include the SharePoint Files tool for synchronising files between a Groove work-space and a SharePoint document library and the InfoPath Forms tool for importing InfoPath solutions into Groove.

Presence and communication function-ality includes built-in member presence awareness, workspace chat, messaging and

Collaboration anytime, anywhere

Photo: Alberto Incrocci/The Image Bank

Page 3: Get into the Groove: solutions for secure and dynamic collaboration

Communication & Collaboration

60 To get your FREE copy of TechNet Magazine subscribe at: www.microsoft.com/uk/technetmagazine

integration with Microsoft Office Commun-icator 2005 and 2007. Alerts are text and au-dio notifications of events and activities that direct user attention to the relevant events and activities in a workspace.

Teaming up across boundariesYou don’t need special network or domain privileges to create a new workspace or ac-cept an invitation to join an existing work-space. Any user can create a workspace and send an invitation with Groove instant mes-saging or e-mail to prospective members. Furthermore, any Groove user can accept an invitation, join the workspace, become a team member, share information and col-laborate on a project without IT or network affiliations with other Groove members. This functionality is what enables dynamic team collaboration, even if team members are from different organisations or share no common infrastructure.

When you send a workspace invitation, you don’t even have to worry whether the recipient is an existing Office Groove 2007 user. Recipients who don’t already have Office Groove 2007 installed on their com-puter can be invited via an e-mail message and will be prompted to download a free tri-al version of Groove.

When you join a workspace, a copy of the workspace is transmitted over the network and stored on your computer. Office Groove 2007 can receive an initial copy of the work-space from any member who is online when the workspace invitation is created if the in-vitation is sent via Groove messaging. After the transmission is completed and a locally stored copy of a workspace is ready, you can enter the workspace and begin working with other members.

Staying in syncIf a workspace member changes content in the workspace, a ‘delta’ is created, repre-senting a logical unit of workspace synchro-nisation. The tool used to make changes determines what a delta contains. For ex-ample, a delta could be drawing a line in the Sketchpad tool (a shared whiteboard appli-cation that can be added to a Groove work-space), changing an entry on a calendar, adding a member to the workspace or the bi-nary differentials between a changed file and the previous version.

When a delta is created by a user, Groove first updates the user’s local copy of the work-space, then sends the delta to the rest of the members for execution in their local copies of the workspace. When all members’ copies

Figure 1 The Groove Desktop

Page 4: Get into the Groove: solutions for secure and dynamic collaboration

TechNet Magazine January 2007 61

of the workspace have introduced the delta, the workspace is synchronised. Though each member keeps a delta log locally with the as-sociated workspace, Groove includes built-in logic to conclude that, after a delta has been executed by all members, the delta can then be deleted from the log.

If you are online, changes are synchronised in near real-time. If you’re offline when deltas are executed by other workspace members, those deltas are sent to queues in your desig-nated Office Groove Server Relay. The deltas are then consumed whenever you reconnect to a network and can establish a connection with the Office Groove Server Relay. In this way, all members’ copies of the workspace can be updated or synchronised regardless of the network status of any single user at the time a delta is sent. Above all, once a mem-ber saves a change to a workspace, Office Groove 2007 and Office Groove Server Relay carry out the transmission of the delta and subsequent synchronisation automatically and transparently to all members.

Factors such as how long a member has been offline, how much has changed in the workspace, how much network bandwidth is available, and how many members are on-line affect the time and computing resources Office Groove 2007 needs to automatically synchronise a workspace.

If a member has not entered a workspace for 21 days, Office Groove 2007 will no lon-ger synchronise that workspace for the member. This design decision is based on the assumption that it is more efficient to sim-ply re-invite the user and get a fresh copy of the workspace as opposed to synchronising 21 days of data with unpredictable amounts and intricate data dependencies developed over time. To avoid this scenario, it’s a good practice to leave Office Groove 2007 run-ning while connected to the Internet when-ever possible so Groove can synchronise soon after changes are introduced and keep the workspace content updated at all times.

If necessary, a workspace manager can uninvite a member from the workspace. To protect the privacy of the workspace, this ac-tion will consequently delete the workspace stored locally on the uninvited member’s computer and generate a new workspace-specific encryption key for distribution to all remaining workspace members. If an un-

invited member is online, deletion of the associated workspace occurs as soon as the uninvite message is received. If the user is off-line, the uninvite message is queued at the designated Office Groove Server Relay and dequeued and executed the next time the user connects.

Data transmission detailsThe way Office Groove 2007 transmits data is in some ways similar to making a phone call. When Alice calls Bob, for instance, if Bob answers, a logical phone-to-phone con-nection is established. If the call is not an-swered, Alice might leave a voice message that Bob can hear the next time he dials into his voice message box.

Office Groove 2007 will always try first to initiate a direct client-to-client connection between users. The direct connection is car-ried out by a proprietary protocol, Simple Symmetric Transmission Protocol (SSTP), using TCP port 2492. This client-to-client connection is bidirectional and transmits data asynchronously with near real-time performance. If a connection on port 2492 is blocked or the endpoint client is not reachable on the network, the sender client automatically transmits messages to the re-cipient’s designated Office Groove Server Relay, which queues up the messages to be consumed whenever the recipient recon-nects (see Figure 2).

These two different connections – client-to-client and client-to-relay – do not neces-

Figure 2 Client-to-client and client-to-relay communication models

Page 5: Get into the Groove: solutions for secure and dynamic collaboration

Communication & Collaboration

62 To get your FREE copy of TechNet Magazine subscribe at: www.microsoft.com/uk/technetmagazine

sarily imply a performance discrepancy that will be noticed by users. In most corporate network configurations, both connections offer a similar user experience.

A client-to-client connection is preferred, yet may not be allowed or available. A client-to-relay connection, using outbound connec-tions from the client to the Office Groove Server Relay, is often the least common de-nominator. The client can initiate connec-tions to the Office Groove Server Relay using one of three available ports and protocols: SSTP/:2492, SSTP/:443, and SSTP encapsulat-ed in HTTP/:80. The client will automatically try each protocol/port combination in order. Office Groove 2007 can HTTP POST to the user’s Office Groove Server Relay to publish the presence information and can HTTP GET to consume inbound messages and deltas. In addition, Groove clients can HTTP POST to an intended recipient’s Office Groove Server Relay for outbound messages and deltas.

No matter which of the three connection types clients use, data is always encrypted and digitally signed to ensure confidentiality and integrity. At the same time, with HTTP en-capsulations, Office Groove 2007 can com-municate across firewalls and beyond any organisational boundaries.

Presence awarenessOffice Groove 2007 subscribes to presence information from all contacts in the con-tact store. The store is the superset of your contact list (visible from the launchbar) plus

all workspace members. While it is true that when you have a contact in your contact list you subscribe to that person’s presence, you also subscribe to his presence if he is not in your contact list, but is in a workspace with you. In other words, subscribing to pres-ence occurs automatically when you learn of someone, either through workspace mem-bership or by adding to contacts.

Device presence is required first, though, before user awareness can be established. Device presence indicates that a user is logged into an Office Groove 2007 account on a particular computer, and the computer’s IP address is transmitted to the user’s desig-nated Office Groove Server Relay. Device awareness within a subnet is achieved with LAN Device Presence Protocol (DPP), a pro-prietary protocol that provides discovery and online status of devices without the need of a server. LAN DPP works only within a sub-net, however.

Device presence on a WAN requires a con-nection to an Office Groove Server Relay (see Figure 3). A user publishes device pres-ence to his designated Office Groove Server Relay and any contacts subscribing to the user’s presence can connect to the relay and consume that device presence information automatically. WAN presence cannot occur without a relay being contacted. Once you receive another contact’s device presence, you can go directly to that second contact to establish awareness.

Conflict resolution Because Office Groove 2007 employs a de-centralised model for collaboration, data conflicts can occur from time to time and are handled differently based on the tool and data type. Whenever a user is online, Office Groove 2007 will synchronise the local copy of a workspace automatically with oth-er members. But when a user is offline and making changes to a workspace, other online and offline members may be making chang-es as well. When reconnected to a network, the Office Groove 2007 client will identify the dependencies and serialise the changes, as applicable.

If there are conflicts, such as two people modifying the same data while offline, for example, Office Groove 2007 ensures that no data is lost and that all users have the same Figure 3 Groove user presence awareness

Page 6: Get into the Groove: solutions for secure and dynamic collaboration

TechNet Magazine January 2007 63

view of the data. Many tools have discrete deltas, making conflicts in structured data very uncommon. For instance, Alice and Bob both respond to a discussion item at the same time. Regardless of network status, no conflict will occur since each entry is a self-contained transaction within the associated discussion thread.

For unstructured data such as documents, it is possible to create a conflict. One user may stay offline for an extended period af-ter modifying a file. During this period, oth-er members working online may have made changes and synchronised the file several times. In this case, Office Groove 2007 warns the user that there is a conflict on the docu-ment and automatically creates a copy of the file. Each file is titled with a name identify-ing the member whose changes are causing a conflict. At this point, user intervention is required to reconcile the conflict and the points of conflict should be clear.

Roles and permissionsOffice Groove 2007 includes a built-in, roles-based permissions framework that affords content safeguards to workspace creators within the decentralised nature of a Groove workspace. In Office Groove 2007, a role is an access control mechanism for permitting users to perform tasks in a workspace and ac-tivities with individual tools. There are three built-in roles: manager, participant and guest. By default, workspace creators are managers and those invited to workspaces are partici-pants. Default permissions for each role can be changed by a manager. A manager can in-vite others as managers and a member’s role can be changed by a manager.

The tool permissions associated with a role are customisable as well. The workspace rights and tool permissions associated with a role can therefore be configured at a work-space manager’s discretion. This role-based model in Office Groove 2007 is an effective way of controlling access. Figure 4 illustrates some of the default permissions.

ConclusionThis article has given you a high-level over-view of the decentralised, hybrid architec-ture employed by Office Groove 2007 and Office Groove Server 2007 to enable dynam-ic team collaboration. From an IT adminis-trator’s point of view, Office Groove 2007 and Office Groove Server Relay allow teams to work together efficiently both within and across organisational boundaries, both on and off the network, without compromising data security or significantly increasing serv-er infrastructure costs.

To learn more, visit the Office Groove 2007 Web site at: microsoft.com/office/preview/ programs/groove and the Office Groove Server 2007 Web site at: microsoft.com/office/preview/servers/grooveserver. And there’s no better way to learn about Groove than get-ting your hands dirty and testing it out for yourself. Sign up for the beta program today at: microsoft.com/office/preview/beta ■

Groove Feature Manager Role Participant Role Guest Role

Workspace Invite, Uninvite, Add tools, Delete tools, Delete workspaces

Invite, Add tools None

Calendar View, Add, Edit, Delete all entries View all entries; Add, Edit, Delete own entries View all entries

Discussion View, Create, Edit, Delete all documents View all documents; Create, Edit, Delete own documents View all documents

Files View, Add, Modify, Delete files and folders; Modify permissions and download settings

View, Add, Modify files and folders; Delete own files View files and folders

Pictures View, Add, Rename, Delete View, Add, Rename View

Notepad View, Create, Edit, Delete View, Create, Edit, Delete View

Sketchpad View, Create, Edit, Delete View, Create, Edit, Delete View

Figure 4 Default permissions by role in Office Groove 2007

Yung Chou is a Technology Specialist for Microsoft Office Groove. He is both a Microsoft Certified Systems Engineer (MCSE) and a Certified Information Systems Security Professional (CISSP).


A Secure Collaboration System for Coal Supply Chains in ...€¦ · A Secure Collaboration System for Coal Supply Chains in Australia Shiping Chen and Chen Wang Information Engineering

A Secure Collaboration System for Coal Supply Chains in ...€¦ · A Secure Collaboration System for Coal Supply Chains in Australia Shiping Chen and Chen Wang Information Engineering

Documents
SECURE FILE SHARING AND COLLABORATION: THE PATH TO INCREASED PRODUCTIVITY AND REDUCED RISK€¦ ·  · 2018-04-233 Secure File Sharing and Collaboration: The Path to Increased Productivity

SECURE FILE SHARING AND COLLABORATION: THE PATH TO INCREASED PRODUCTIVITY AND REDUCED RISK€¦ ·  · 2018-04-233 Secure File Sharing and Collaboration: The Path to Increased Productivity

Documents
Secure Mobile Collaboration with Citrix XenMobile and ... · Secure Mobile Collaboration with Citrix ... the likelihood of Man in the Middle attacks. ... Mobile Collaboration with

Secure Mobile Collaboration with Citrix XenMobile and ... · Secure Mobile Collaboration with Citrix ... the likelihood of Man in the Middle attacks. ... Mobile Collaboration with

Documents
Installation Instruction - WEG€¦ · FLANGE O-RING HANDLEASS'YFLANGE GROOVE ... Secure O-RING into groove. ... Attach the PLATE LOCK LINK to the PLATE LOCK FLANGE using the

Installation Instruction - WEG€¦ · FLANGE O-RING HANDLEASS'YFLANGE GROOVE ... Secure O-RING into groove. ... Attach the PLATE LOCK LINK to the PLATE LOCK FLANGE using the

Documents
Secure File Sharing and Collaboration - SCC · Secure File Sharing and Collaboration 3 2 Service Definition 2.1 Functionality & Features – File Sharing and Collaboration The platform

Secure File Sharing and Collaboration - SCC · Secure File Sharing and Collaboration 3 2 Service Definition 2.1 Functionality & Features – File Sharing and Collaboration The platform

Documents
Secure Microsoft 365 Collaboration · 2020. 7. 10. · Microsoft 365 security controls. Secure Microsoft 365 Collaboration Find & Priorize Aggregate access, sensitivity, and activity

Secure Microsoft 365 Collaboration · 2020. 7. 10. · Microsoft 365 security controls. Secure Microsoft 365 Collaboration Find & Priorize Aggregate access, sensitivity, and activity

Documents
Secure enterprise collaboration in the cloud

Secure enterprise collaboration in the cloud

Documents
Fundamentals of Secure Collaboration in the Mobile Workforce … · 2018-11-27 · Fundamentals of Secure Collaboration in the Mobile ... • How do you manage all the ... EMM CORE

Fundamentals of Secure Collaboration in the Mobile Workforce … · 2018-11-27 · Fundamentals of Secure Collaboration in the Mobile ... • How do you manage all the ... EMM CORE

Documents
Secure Collaboration – The Impossible Paradox...The result is the Secure Collaboration Paradox: how to control and protect information, while also allowing open collaboration . On

Secure Collaboration – The Impossible Paradox...The result is the Secure Collaboration Paradox: how to control and protect information, while also allowing open collaboration . On

Documents
Microsoft India - Forefront Secure Collaboration Solution Presentation

Microsoft India - Forefront Secure Collaboration Solution Presentation

Technology
Connect My Teams - community.cisco.com€¦ · Cloud platform for secure business collaboration Secure Meetings Team Collaboration Calling Powerful cloud architecture Award winning

Connect My Teams - community.cisco.com€¦ · Cloud platform for secure business collaboration Secure Meetings Team Collaboration Calling Powerful cloud architecture Award winning

Documents
Secure Group Collaboration in an Open Environment

Secure Group Collaboration in an Open Environment

Documents
Secure Instant Messaging and Collaboration for Your Enterprise · Secure Instant Messaging and Collaboration for Your Enterprise With the Protection You Need. BBM Enterprise.

Secure Instant Messaging and Collaboration for Your Enterprise · Secure Instant Messaging and Collaboration for Your Enterprise With the Protection You Need. BBM Enterprise.

Documents
The MONDO Collaboration Framework: Secure Collaborative Modeling … · 2017-07-27 · The MONDO Collaboration Framework: Secure Collaborative Modeling over Existing Version Control

The MONDO Collaboration Framework: Secure Collaborative Modeling … · 2017-07-27 · The MONDO Collaboration Framework: Secure Collaborative Modeling over Existing Version Control

Documents
Cisco Next-Generation Cryptography: Enable Secure ... · PDF fileWhite Paper Cisco Next-Generation Cryptography: Enable Secure Communications and Collaboration Opportunity: Secure

Cisco Next-Generation Cryptography: Enable Secure ... · PDF fileWhite Paper Cisco Next-Generation Cryptography: Enable Secure Communications and Collaboration Opportunity: Secure

Documents
How One to One Sharing Enforces Secure Collaboration - xonom

How One to One Sharing Enforces Secure Collaboration - xonom

Presentations & Public Speaking
Real Time, Secure Collaboration

Real Time, Secure Collaboration

Documents
The Perfect Move - · PDF fileThe Perfect Move Secure and ... Inside / Outside Unlocking Inside Outside ... OPOSSING HARDWARE GROOVE - up OPOSSING HARDWARE GROOVE - down

The Perfect Move - · PDF fileThe Perfect Move Secure and ... Inside / Outside Unlocking Inside Outside ... OPOSSING HARDWARE GROOVE - up OPOSSING HARDWARE GROOVE - down

Documents
Secure Medical Collaboration

Secure Medical Collaboration

Healthcare
BoF: Secure OTA Collaboration - eLinux.org · BoF: Secure OTA Collaboration Ricardo Salveti, ... Not going to be covered in this BoF: ... Safe and reliable process

BoF: Secure OTA Collaboration - eLinux.org · BoF: Secure OTA Collaboration Ricardo Salveti, ... Not going to be covered in this BoF: ... Safe and reliable process

Documents
Towards a Secure and Borderless Collaboration between …downloads.hindawi.com/journals/scn/2018/1572812.pdf · 2019. 7. 30. · Towards a Secure and Borderless Collaboration between

Towards a Secure and Borderless Collaboration between …downloads.hindawi.com/journals/scn/2018/1572812.pdf · 2019. 7. 30. · Towards a Secure and Borderless Collaboration between

Documents
SPUnite17 Secure Collaboration with AIP

SPUnite17 Secure Collaboration with AIP

Technology
Secure enterprise meeting solution for team collaboration

Secure enterprise meeting solution for team collaboration

Documents
Egress Switch User Network meeting Yorkdownload.egress.com/docs/Egress_Switch_User_Network_York_pres… · Switch Secure Workspace •Next generation secure online collaboration •A

Egress Switch User Network meeting Yorkdownload.egress.com/docs/Egress_Switch_User_Network_York_pres… · Switch Secure Workspace •Next generation secure online collaboration •A

Documents
Get into the Groove: solutions for secure and dynamic collaborationdownload.microsoft.com/.../issue3/58_63_groove_solutions.pdf · 2018. 12. 5. · At a glance: What is Groove? Teaming

Get into the Groove: solutions for secure and dynamic collaborationdownload.microsoft.com/.../issue3/58_63_groove_solutions.pdf · 2018. 12. 5. · At a glance: What is Groove? Teaming

Documents
Frost & Sullivan: Secure Video Collaboration

Frost & Sullivan: Secure Video Collaboration

Documents
Hardware-Software Collaboration for Secure Coexistence

Hardware-Software Collaboration for Secure Coexistence

Documents
Enable Secure Mobile & Cloud Collaboration

Enable Secure Mobile & Cloud Collaboration

Technology
GCCS-Unplugged Secure and private communication and collaboration

GCCS-Unplugged Secure and private communication and collaboration

Internet
Secure and private collaboration - LinuxDays 2015 Kolab and Univention

Secure and private collaboration - LinuxDays 2015 Kolab and Univention

Software