Finding the state's long-distance telecommunications market sufficiently competitive, the New York Public Service Commission (PSC) has relaxed price controls for AT&T Communications of New...
OASIS: A Mirage of Reliability
the Internet for 12 hours.7 An officer of AOL remarked to IEEE that "the equipment the Internet is built on is not telco-grade. 'Just reboot the router' is not a rational statement."8
Moreover, with all the attention paid to the Web portion of OASIS, has anyone paid enough attention to the "back-end" systems such as dispatching and billing, or are these tasks expected to be performed manually?
Is the Internet the right model for electronic commerce in the first place?
In industries marked by small, well-established supplier chains, electronic commerce has carried on quietly and successfully for over a decade without the Internet. The automotive, retailing, pharmaceutical, and transportation industries, for instance, emphasize well-defined and timely transactions as opposed to high-tech communications. These industries define "real-time" to mean within a day, never within an hour or a minute.
What benefits could be realized by implementing an information system on the Internet? For most firms engaged in electronic commerce, the advantage probably comes from the easy access to a large retail market. Indeed, technophiles would be comfortable making a credit-card purchase from a vendor across the Net (to date, not a single credit-card number has been stolen during a transaction9). But the OASIS market remains limited to a few hundred utilities and energy brokers at this time, not millions of end users. The technology cuts both ways for the privilege of riding the Internet wave. Millions of potentially
adversarial individuals will acquire the opportunity, electronically, to "stick their keys in the door" and see whether they can get in.
The classic definition of risk holds two parts: magnitude and probability. For the electric industry, those two elements can be restated as follows: 1) How severe are the consequences of entering a fraudulent order into the transmission system?, and 2) Given 40 million Internet users and an unproven security infrastructure, how likely is a successful system invasion? Until real safeguards prove effective, the OASIS system must rely for its defense on "security by obscurity."
To maintain most of the innovations of the OASIS and overcome most of the security issues, the system could and should run on a private data network. This network would not be private in the physical sense; the OASIS nodes would be connected by circuits leased from telecommunications carriers. In most cases, utilities are already implementing digital voice and data networks that feature this capability, and the marginal cost of an OASIS link is negligible. Connections to other utilities can be meshed physically or logically to provide reliability through redundancy. In this way, OASIS could use the same Internet Web software and electronic commerce techniques, while ensuring network performance and avoiding externally launched attacks.
The larger issue clouding the formation of a real-time network for information is the management of transmission per se: Transactions must take place within the physical-capacity constraints of the transmission network. Whether a transaction should take place depends on the capacity of the
system to transmit current to one or more points of delivery. The engineering decision as to whether such a