I was reading James McGovern's blog today and it reminded me of a conversation I had at work yesterday. James focus is on vendor product - something that is certainly of interest to us, but beyond that we also have to deal with our internal applications.
There are three issues that always pop-up when we try to integrate a new software product.
How do we authenticate?
How do we authorize?
What was the user try to doin the first place?
We are starting to get a good handle on #1 - but I would like to see us authenticate at fewer points and establish a trust network between applications. SPNEGO, SAML, WS-Federation, Liberty, and perhaps OpenID are all promising.
The James' blog speaks to the second part - authorization - The next big frontier. What roles can the principal hold (for this application)? The application part of that sentence is ways controversial. This is where XACML fits in.
The third piece - what were we doing is a tongue-in-check reminder that the user was actually trying to do a job before security "got in the way". The user likely had some kind of established context that should, ideally, be available to the next application. Although not always the case, it is a frequent requirement. For example, the user may have been working with a customer in the CRM application, and now needs to work on the customers Loan in the credit management application. This customer and loan context information needs to be carried forward. There are no good soutions for this that I know of. This is the undiscovered country.
Any thoughts out there?
Wednesday, January 31, 2007
Friday, January 19, 2007
Will we need a Fortress for our cores?
Two news theme over the last several months strikes me as mutally relevant.
First there is the information coming from Intel about future core densities. The Gulftown processor will likely make its debut in 2010 and will contain 32 cores. Intel research is also working on an 80-core research prototype. As the InformationWeek article discusses, software will need to change to accomodate.
Speaking of software, Java is a significant development language for the business world. What will business applications do with an 80-core engine? Multi-threaded applications - wherein the threads are explicit to the programmer are not the way to go. To the typically programmer I say "You can't handle the threads".
So what is the second news theme? Fortress - a research effort coming out of Sun Research. It is targeted at High Performance Computing; A replacement for Fortran. Am I suggesting that we rewrite all of our applications in Fortress? No. But Sun is implementing Fortress on the Java Virtual Machine. So there are some good possibilities that future Java language features will be able to drive out the same multi-threaded behaviour for which Fortress is striving.
First there is the information coming from Intel about future core densities. The Gulftown processor will likely make its debut in 2010 and will contain 32 cores. Intel research is also working on an 80-core research prototype. As the InformationWeek article discusses, software will need to change to accomodate.
Speaking of software, Java is a significant development language for the business world. What will business applications do with an 80-core engine? Multi-threaded applications - wherein the threads are explicit to the programmer are not the way to go. To the typically programmer I say "You can't handle the threads".
So what is the second news theme? Fortress - a research effort coming out of Sun Research. It is targeted at High Performance Computing; A replacement for Fortran. Am I suggesting that we rewrite all of our applications in Fortress? No. But Sun is implementing Fortress on the Java Virtual Machine. So there are some good possibilities that future Java language features will be able to drive out the same multi-threaded behaviour for which Fortress is striving.
Thursday, January 18, 2007
Bank loses data
Bloomberg.com: Canada: "CIBC's Talvest Mutual Fund Loses Client Data Files"! This cannot happen too many more times before companies will be forced to put the technology in place to ensure that data that leaves their premises is encrypted. That won't be cheap, but it seems that the cost is inevitable.
Historical revisionism
Historical revisionism - what does this have to do with technology. Well last month I was trying to figure out how to make Sametime display my picture. I found a very informative article about exactly that process. I thank the author for publishing the information.
However I was shocked by how difficult the process is. Perhaps suitable for the corporate world, but still awfully painful - especially when you compare that process to the drag-and-drop simplicity of MSN Messenger.
I made a civil comment on the topic - it seemed that the author and his readers may very well be infleuential in improving the process. I thought I was being helpful. I kept checking back to see if anybody responded to my observation. Sure enough. Today I discovered that my comment was deleted!
Now this is not a great travesty - certainly not in the same league as what the wikipedia artcile covers. And not the first time it has been reported in the online world. New York times artciles and Whitehouse pages have suffered the same fate. But it is the first time it has happenedto me.
But this is the internet, and this blog is the solution. Now you all know that changing your display picture in sametime is very difficult - and I won't delete your comment - unless it has something to do with Russian brides ;-)
However I was shocked by how difficult the process is. Perhaps suitable for the corporate world, but still awfully painful - especially when you compare that process to the drag-and-drop simplicity of MSN Messenger.
I made a civil comment on the topic - it seemed that the author and his readers may very well be infleuential in improving the process. I thought I was being helpful. I kept checking back to see if anybody responded to my observation. Sure enough. Today I discovered that my comment was deleted!
Now this is not a great travesty - certainly not in the same league as what the wikipedia artcile covers. And not the first time it has been reported in the online world. New York times artciles and Whitehouse pages have suffered the same fate. But it is the first time it has happenedto me.
But this is the internet, and this blog is the solution. Now you all know that changing your display picture in sametime is very difficult - and I won't delete your comment - unless it has something to do with Russian brides ;-)
Subscribe to:
Posts (Atom)