Here is the GA version of the JBoss Negotiation project that is being driven by Darran Lofthouse.
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=149589
Why is this important?
- Allows you to do seamless SSO to your web applications running on JBoss Application Server if you authenticate to the desktop (Windows 2000/XP) via Active Directory. This uses SPNego.
- Compatible with FreeIPA (Fedora, Fedora Directory Server).
Survey: http://anil-identity.blogspot.com/2009/02/survey-jboss-with-kerberosspnego.html
Friday, January 30, 2009
Wednesday, January 21, 2009
Security issues surrounding Social Networks
Social Networks carry a lot of private information about people. This can be advantageous as well as disastrous to individuals.
Giles Hogben of ENISA has been doing a lot of research work on security issues surrounding social networks. A position paper from Giles titled "Security issues in the future of social networking", has been presented at the W3C workshop on the Future of Social Networks.
Interesting bit from Giles's paper:
The biggest repository of personal images on the internet is not Flickr but Facebook (already with a staggering 30 billion images, while 14 million new images are uploaded every day). The largest number of personal profiles on the planet is held not in a government identity registry (at least not one we know about...) or one of the much heralded Federated Identity Providers but in the data warehouses of the Social Networking providers.
Giles Hogben of ENISA has been doing a lot of research work on security issues surrounding social networks. A position paper from Giles titled "Security issues in the future of social networking", has been presented at the W3C workshop on the Future of Social Networks.
Interesting bit from Giles's paper:
The biggest repository of personal images on the internet is not Flickr but Facebook (already with a staggering 30 billion images, while 14 million new images are uploaded every day). The largest number of personal profiles on the planet is held not in a government identity registry (at least not one we know about...) or one of the much heralded Federated Identity Providers but in the data warehouses of the Social Networking providers.
Friday, January 16, 2009
Computer Forensics: Paul Wright Speaks
Paul Wright is the head of HiTech Crime Unit for the City of London Police. He has been trying hard to bridge a rapport with security experts in the industry and law enforcement. I was one of the primary drivers for Paul to come and make a keynote presentation at the Oasis Security Forum in London 2008 (http://events.oasis-open.org/home/forum/2008). At the particular keynote, he stressed the need for companies/enterprises to report break-ins/fraud etc to law enforcement asap and not to make changes to the infrastructure that has become exposed to crime. Slides.
He stressed the need for checkpoints in databases and applications that enable the law enforcement detectives to figure out what the crime involved by looking at the changes.
I would point out to an online interview that Paul has delivered here:
Interview with Paul Wright, City of London Police - 5/9/08
Picture of Paul Wright. His Profile.
He stressed the need for checkpoints in databases and applications that enable the law enforcement detectives to figure out what the crime involved by looking at the changes.
I would point out to an online interview that Paul has delivered here:
Interview with Paul Wright, City of London Police - 5/9/08
Paul Wright: All over the globe more and more instances of hi-tech and e-crime are being investigated by law enforcement agencies and other investigative bodies. Along with this increase in workload has come the realisation that crimes involving computers (either as the target of offending, as one of a range of tools, or as the principal tool used in the commission of offences) are technically difficult to investigate and raise many practical problems. One of my main roles is solving those problems and anticipating as many of them as I possibly can.Great Interview, Paul. Happy New Year 2009.
Picture of Paul Wright. His Profile.
Subscribe to:
Posts (Atom)