|
|
Browse by Tags
All Tags » Book » Wild Ideas (RSS)
-
Last week Caleb and I have been surprised in my office by Charles "Carlo" Torre and his camera. The result is an impromptu interview about CardSpace , which is currently on the front page of Channel9 (direct link here ). If you have time, take a look… we laugh a lot, but we manage to make some serious point here and there :-) and of course we mention the book , which is even on the "front frame". I have to remark that I am *always* amazed by Carlo 's skills as interviewer. He provides a fresh perspective, making the right questions, and yet he discreetly blends giving space to who is interviewed to make his point with his own personal style. And he's not afraid to put you in the spot and ask tough questions... he really takes the part of the audience. Carlo, it's always a pleasure to chat with you :-) Read More...
|
-
Ah, the beauty of models. A good model can capture the essence of a system, a phenomenon, anything: it allows you to easily manipulate things, make predictions, transport the knowledge you already have of a domain to a new one. It's just great, and as we will disclose more things about Oslo I am sure you'll have chance to experience this thing first hand. For the time being, let me dig a bit on a model factory we know very well: the identity metasystem. Back in November, during my EU tour , I had a great discussion with a policy maker: this person has an amazing understanding of the identity metasystem, a deep knowledge of the eID landscape, made all the right questions, he was just a pleasure to converse with. At a certain point he described how they were currently dealing with the problem of transporting in application form a very complex scenario, already tamed from the analytic & regulatory perspective. That prompted me to express a thought about how the identity metasystem could have helped there, and I was surprised by how well received that thought was: he told me he never heard things explained from that point of view, so I thought there could be some value in repeating that here. One of the powers of the identity metasystem, and its architectural backbone WS-*, is that it gives you the tools for describing the relevant aspects of existing relationships: who is affiliated with whom, what are the information an entity needs for making business with somebody, what the Read More...
|
-
Back in October 2005, few weeks after I moved to the US, I wrote a blog post in which I introduced the idea of a collective name for the federated resources accessible to a company. One of the names I proposed was federnet . At the time I made a quick search on the Internet to see if anybody was already using the term for something of the sort, but nobody appeared to. Well, I actually used the term in the book ; I don't know how I managed to get it past the severe reviewers of AW, but I did! :-) Now: since it appears on a publication, with its nice ISBN & classification according to the Library of Congress, I am tempted to say that it made a further step in the long road toward inclusion. We are still far from Merriam Webster or even just wikipedia , of course, but hey... you never know ;-) Before writing this post I made a short search on the term, just to see if it enjoyed any uptake, and I was pretty surprised to find an article on the CIO Magazine website that mentions the term federnet! The article, with a date almost a year after my blog post (the website says September the 13th, 2006), takes the consumer angle and a way more centralized approach, but its results are not too different from mine after all (use of standards, benefits of federation). It even mentions intranet and Internet vs federnet (though they are mentioned for assonance reasons, rather than conceptual kinship). I am sure that at the time a query for "federnet" on any search engine would have brought Read More...
|
-
...here there's the best approximation I found (short of a printout, of course, but that would be cheating:-) ). My wife just got a Sony ebook reader ; once we discovered it reads SD cards, we wanted to test it with a prerelease PDF of the book . Looks pretty good, though it's a tad too small with the format used in this particular PDF (and it would appear there's only one level of zoom available). Still, it's pretty readable: see below for one of the most complex figures. Nice! BTW, the hard copy should come real soon now... :-) Read More...
|
-
On the Paris-Seattle flight, coming back after 2 weeks spent stuffing myself with all sorts of food with the excuse "after all, you can't find this in USA" :) Before hurling myself back in the vortex of daily work, and celebrate the end of the year with something crazy, I want to take some time writing down some hallucinatory (=vision without execution) thoughts about omnidirectional identities . Be warned, this may be just pointless rambling at this point. Few weeks ago I chatted about this in front of a microphone with John Udell , digressing along a crazy tangent instead of answering his questions about the book (I eventually came back to Earth and answered properly :)). I don't know if he'll deem those fragments publication worthy, but just in case I'll make a brain dump here. It's not that there's much more to do in this small seat anyway (just finished the latest Eco . He didn't mention underbite at all, I'm happy). Looking back at the activities related to identity in the past year, I am glad to report that amazing progress has been done. Something that makes 2007 very different from 2006 is the kind of work that was made: in 2007 the accent was on execution. The vision behind the metasystem is still being explored, sure, like Kim's series on linkage or the discussions about display token and first law demonstrate; and I feel that conjugating the metasystem and claims in enterprise environment is an area that still need focus (especially in fighting old forma mentis that Read More...
|
-
In short: I describe why claims are important for every developer and architect (not just the security expert), and I provide some heuristics for helping everybody to reason about claim based systems. I don't think we did an exceptionally good job in explaining claims based programming and its implications. A lot of the literature on the subject is for security experts, hence it explains claims based programming in terms of the delta that differentiates it from more classical methodologies (ACLs, groups, etc). Other material explains the topic for the non-initiated to security, highlighting how digital identity is made of claims and so on; however the point is often lost, because while the reader can see that identity is expressed in a natural way it is not clear *how* the system is superior to classical approaches. In that case a concept easy to grasp, multiple authoritative sources backing it and some generic coolness are all ingredients for a nice information cascade . It reminds of another eminent (IMHO) information cascade : the schema-first approach to service oriented programming. Schema first is great in a number of occasions, but uselessly onerous in many tactical scenario: you don't really need to concoct an XSD for every message you send internally or to system that will never ever have to interoperate, validate complex messages or manipulate standard entities. And yet, *a lot* of people got is as a dogma (ie, without really understanding why it's useful) and started Read More...
|
|
|
|