The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries.
Inputs from Shibboleth has gone into SAML specifications thro' out.
Here is a detail demo on its usage: http://www.switch.ch/aai/demo/medium.html
Shibboleth uses an single sign-on system like Pubcookie for authentication services.
Pubcookie is an open source software that can turn existing authentication services into a solution for single sign-on authentication to websites. http://www.pubcookie.org/docs/how-pubcookie-works.html
Wednesday, November 19, 2008
Reuse Metrics
Dr. Jeffrey Poulin identifies 3 fundamental metrics useful in measuring software reuse:
1) Relative cost of writing for reuse (RCWR)
Developing s/w intended to be reused requires incremental effort. Poulin estimates that it requires 50% more effort to write a reusable component.
2) Relative cost to reuse (RCR)
Reusing components designed for reuse doesn't eliminate 100% of effort. There is a cost of 20% assigned to reuse preexisting components.
3) Software reuse payoff
Using these simple metrics, s/w reuse achieves breakeven within 1 reuse of a component ie. using an RCWR of 1.5 and an RCR of 0.2.
This s/w reuse metrics can form a reasonable baseline to justify services reuse in SOA scenario.
1) Relative cost of writing for reuse (RCWR)
Developing s/w intended to be reused requires incremental effort. Poulin estimates that it requires 50% more effort to write a reusable component.
2) Relative cost to reuse (RCR)
Reusing components designed for reuse doesn't eliminate 100% of effort. There is a cost of 20% assigned to reuse preexisting components.
3) Software reuse payoff
Using these simple metrics, s/w reuse achieves breakeven within 1 reuse of a component ie. using an RCWR of 1.5 and an RCR of 0.2.
This s/w reuse metrics can form a reasonable baseline to justify services reuse in SOA scenario.
Tuesday, November 4, 2008
Endpoint Security
Endpoint security consists of a number of different activities such as traditional anti-virus and anti-spyware, as well as other security activities.
There are many endpoint security tools, each with a narrow focus such as:
• Anti-virus
• The personal firewall
• Host intrusion prevention
• Anti-spam agents
• Application control
Yesterday’s endpoint security has little integration. These separate agents are difficult to manage, especially from an end-user standpoint. These agents impact the end-user experience because they consume resources extensively. The amount of processing that is required to look at every virus, every file, every kernel activity, and everything that is happening on a given device is enormous. If a system has different agents that have to look at all the different traffic, the resources consumed may be five or six times more.
Tomorrow’s endpoint security is likely an integrated agent that is focused on stopping all types
of malware, whether it is a virus, a worm, spyware, social engineering attack, or some kind of spam-based attachment.
Hmmm...seems integration is the buzz now...
There are many endpoint security tools, each with a narrow focus such as:
• Anti-virus
• The personal firewall
• Host intrusion prevention
• Anti-spam agents
• Application control
Yesterday’s endpoint security has little integration. These separate agents are difficult to manage, especially from an end-user standpoint. These agents impact the end-user experience because they consume resources extensively. The amount of processing that is required to look at every virus, every file, every kernel activity, and everything that is happening on a given device is enormous. If a system has different agents that have to look at all the different traffic, the resources consumed may be five or six times more.
Tomorrow’s endpoint security is likely an integrated agent that is focused on stopping all types
of malware, whether it is a virus, a worm, spyware, social engineering attack, or some kind of spam-based attachment.
Hmmm...seems integration is the buzz now...
Subscribe to:
Posts (Atom)