The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries.
Inputs from Shibboleth has gone into SAML specifications thro' out.
Here is a detail demo on its usage: http://www.switch.ch/aai/demo/medium.html
Shibboleth uses an single sign-on system like Pubcookie for authentication services.
Pubcookie is an open source software that can turn existing authentication services into a solution for single sign-on authentication to websites. http://www.pubcookie.org/docs/how-pubcookie-works.html
Wednesday, November 19, 2008
Reuse Metrics
Dr. Jeffrey Poulin identifies 3 fundamental metrics useful in measuring software reuse:
1) Relative cost of writing for reuse (RCWR)
Developing s/w intended to be reused requires incremental effort. Poulin estimates that it requires 50% more effort to write a reusable component.
2) Relative cost to reuse (RCR)
Reusing components designed for reuse doesn't eliminate 100% of effort. There is a cost of 20% assigned to reuse preexisting components.
3) Software reuse payoff
Using these simple metrics, s/w reuse achieves breakeven within 1 reuse of a component ie. using an RCWR of 1.5 and an RCR of 0.2.
This s/w reuse metrics can form a reasonable baseline to justify services reuse in SOA scenario.
1) Relative cost of writing for reuse (RCWR)
Developing s/w intended to be reused requires incremental effort. Poulin estimates that it requires 50% more effort to write a reusable component.
2) Relative cost to reuse (RCR)
Reusing components designed for reuse doesn't eliminate 100% of effort. There is a cost of 20% assigned to reuse preexisting components.
3) Software reuse payoff
Using these simple metrics, s/w reuse achieves breakeven within 1 reuse of a component ie. using an RCWR of 1.5 and an RCR of 0.2.
This s/w reuse metrics can form a reasonable baseline to justify services reuse in SOA scenario.
Tuesday, November 4, 2008
Endpoint Security
Endpoint security consists of a number of different activities such as traditional anti-virus and anti-spyware, as well as other security activities.
There are many endpoint security tools, each with a narrow focus such as:
• Anti-virus
• The personal firewall
• Host intrusion prevention
• Anti-spam agents
• Application control
Yesterday’s endpoint security has little integration. These separate agents are difficult to manage, especially from an end-user standpoint. These agents impact the end-user experience because they consume resources extensively. The amount of processing that is required to look at every virus, every file, every kernel activity, and everything that is happening on a given device is enormous. If a system has different agents that have to look at all the different traffic, the resources consumed may be five or six times more.
Tomorrow’s endpoint security is likely an integrated agent that is focused on stopping all types
of malware, whether it is a virus, a worm, spyware, social engineering attack, or some kind of spam-based attachment.
Hmmm...seems integration is the buzz now...
There are many endpoint security tools, each with a narrow focus such as:
• Anti-virus
• The personal firewall
• Host intrusion prevention
• Anti-spam agents
• Application control
Yesterday’s endpoint security has little integration. These separate agents are difficult to manage, especially from an end-user standpoint. These agents impact the end-user experience because they consume resources extensively. The amount of processing that is required to look at every virus, every file, every kernel activity, and everything that is happening on a given device is enormous. If a system has different agents that have to look at all the different traffic, the resources consumed may be five or six times more.
Tomorrow’s endpoint security is likely an integrated agent that is focused on stopping all types
of malware, whether it is a virus, a worm, spyware, social engineering attack, or some kind of spam-based attachment.
Hmmm...seems integration is the buzz now...
Sunday, October 19, 2008
Maven Build Process
I just noted that my article on Maven build process published in JDJ (April'08 Issue) is now available online:
http://java.sys-con.com/node/535316
http://java.sys-con.com/node/535316
Puzzles
(Source: Henrey E.Dudeney)
1) Find their ages: "My husband's age" remarked a lady, "is represented by the figures of my own age reversed. He is my senior & diff betn our ages is one-eleventh of their sum."
2) Find ages of Mary & Mark:
Mark: Do you know, that in 7 yrs time our combined ages will be 63 yrs?
Mary: Is that so? And yet it is a fact that when you were my present ages you were twice as old as i was then.
Ans:
1) Find their ages: "My husband's age" remarked a lady, "is represented by the figures of my own age reversed. He is my senior & diff betn our ages is one-eleventh of their sum."
2) Find ages of Mary & Mark:
Mark: Do you know, that in 7 yrs time our combined ages will be 63 yrs?
Mary: Is that so? And yet it is a fact that when you were my present ages you were twice as old as i was then.
Ans:
Saturday, October 11, 2008
Opengroup @ Virtual EA conference
This is the key pts from the presentation made by OpenGroup during the Virtual EA conference on Sept 30, 2008.
Benefits of SOA:
Improved information flow
Agility
Ability to expose internal functions
Lower devlopment & maintainence costs
Ability to optimize performance, functionality, cost
Using TOGAF ADM for SOA:
ADM is similar to that followed for other architectures except for the following phases:
Business architecture-Define business vocabulary & service context
Information system architecture-Identify functions to be performed by services
Technical architecture-Define service stds & infrstructure
SOA provides many features but architect needs to select the ones needed for the enterprise.
Benefits of SOA:
Improved information flow
Agility
Ability to expose internal functions
Lower devlopment & maintainence costs
Ability to optimize performance, functionality, cost
Using TOGAF ADM for SOA:
ADM is similar to that followed for other architectures except for the following phases:
Business architecture-Define business vocabulary & service context
Information system architecture-Identify functions to be performed by services
Technical architecture-Define service stds & infrstructure
SOA provides many features but architect needs to select the ones needed for the enterprise.
David Linthicum @ Virtual EA conference
This is the key pts from the presentation made by David Linthicum during the Virtual EA conference on Sept 30, 2008.
Current issues:
Competing frameworks
Hype driven confusion(SOA 2.0)
Lack of leadership Processes moving outside firewall-Cloud computing,SaaS..
More enterprise apps web delivered
SOA and EA must synergize together & not operate in separate worlds.
EA Megatrends:
SOA
SaaS
Web2.0
Enterprise2.0-mashups,inside-out,outside-in
Enhance & not replace existing EA.
Current issues:
Competing frameworks
Hype driven confusion(SOA 2.0)
Lack of leadership Processes moving outside firewall-Cloud computing,SaaS..
More enterprise apps web delivered
SOA and EA must synergize together & not operate in separate worlds.
EA Megatrends:
SOA
SaaS
Web2.0
Enterprise2.0-mashups,inside-out,outside-in
Enhance & not replace existing EA.
Subscribe to:
Posts (Atom)