|
|
Browse by Tags
All Tags » the Cloud (RSS)
-
The latest issue of the Architecture Journal is available for download here (I am breaking the news even before the rest of the pages are updated from issue 15 to issue16: see how much I care about you?;-)). What makes this especially interesting is that issue 16 is entirely dedicated to identity! I have to admit that I've yet to read most of the articles, but I've definitely went through 2 of them: One is an interview/profile with Kim Cameron. It's a nice read, and I am sure you'll enjoy to know more about Kim The other is an article from yours truly, titled "Claims and Identity, On-Premise and Cloud Solutions". It expands on this post , and rolls in various others Writing for the Architecture Journal is a big honor, as you can see from the list of high profile former contributors, and I am very grateful to Diego for having my article in this issue. Thanks man! And thanks also to Gianpaolo , with whom I had many deep discussions that helped me to keep the abstraction tangents to what i hope is an acceptable level :-) As usual, if you have feedback feel free to send it my way Read More...
|
-
Well, it's almost one month since I wrote the last " useful " posts : you would not believe how incredibly busy I am on stuff I can't talk about just yet (but soon, very soon). In this quick update I am excited to report that I am going to speak at TechEd New Zealand & TechEd Australia ! As strange as it may sound, the 114 flights I've boarded since I moved to Corp (October 2005) never took me under the equatorial line; furthermore, it's since first grade that I'm told how cool it is that New Zealand is at the exact antipodes of Italy, has roughly a boot shape as well, etc... that's the farthest place from home I can travel to without leaving the planet :-) I am going to deliver 2 sessions , both in NZ and in AU: Identity & Cloud Services (Architecture track, level 300) The shift towards cloud computing is one of the major trends in today’s IT industry. As resources and assets are increasingly hosted off-premise, traditional strategies for access control and identity management are proving incapable of handling distributed scenarios and cross-boundary communication. This presentation briefly outlines how architectures relying on claims-based identity management, security tokens and open standards can address cloud computing scenarios with the same ease with which they can handle traditional ones. The identity capabilities of Biztalk Services will be featured as a concrete example of an application of the new paradigm. “Zermatt” Developer Framework: Putting Authentication Read More...
|
-
On a flight between Seattle and Tokyo. I've just put down The Big Switch , and decided it's time to write about cloud computing and how identity management is going to play a key role for the success of the new paradigm. As you go though this post, please remember that (as always) you are reading my personal opinions/views and not a press release from my employer :-) Cloud Computing: a nanointroduction The word "Cloud" is well on its way to be one of the most hyped & overloaded term in the recent history of IT: just enter "Cloud Computing" in your search engine of choice and be prepared to navigate a huge result set. A good way of ramping up on the topic would be to read the recent Forrester report " Is Cloud Computing Ready for the Enterprise? "; or, if you are less technical, you can start by reading the aforementioned The Big Switch (as long as you read those *** grano salis , without ever turning off your critical thinking module). For the purpose of understanding this post, I'll give you here my usual oversimplified stance: Cloud Computing is mainly a new deployment model. Let's say you are the solution architect of an enterprise, and you are in the process of setting up a new capability for your company. As usual, the two big alternatives are build the solution yourself, buy it as a service if available or all the intermediate approaches which combine the two. If you decide to build even just a little piece of the solution, you are implicitly stepping up for running Read More...
|
-
On the 23rd I'll be in Singapore, practically my third home, and will present at the Singapore's Regional Architect Forum (the famous RAF). There is something in that country that charmed me already during my first visit in '89, and every time I have half a chance I try to go visit. Meeting my good pal Linda is certainly one of the things I like of going to Singapore: you would no believe the staggering amount of great work she gets done, all without ever losing her smile :-) A close second would be the levels of the customers & the industry in general there. Singapore's IT is often ahead of the curve, which makes it a perfect audience for very new ideas and approaches. That's why I am looking forward to present on S+S, cloud services and how the new paradigms are already affecting the way in which we deal with identity management. I will also give a chalktalk about the internet service bus , I hope to elicit some deep discussion and explore with Singapore's architects the implications of architecting solutions with tools like the ISB (without ever forgetting the identity aspect, of course). Also in this case Gianpaolo will present on S+S. I am sure he will provide a lot of food for thought, I can't think of anybody more qualified for explaining the topic. besides, his sessions are always fun :-) see you there! Read More...
|
-
In a couple of weeks I'll be in Kuala Lumpur, at the IASA's IT Architect Regional Forum Conference ; I will present on identity in the context of S+S and cloud services, which happens to be the topic that intrigues me the most nowadays. I am really excited for the session, but even more so for the chance of meeting fellow architects and discuss how these new ideas apply to their scenarios. Also: I never went to Kuala Lumpur, and I am very very curious about everything. I'll be there with my good friend Gianpaolo , who will present (surprise surprise) on S+S. I had an exclusive preview of his session, and it's *great*. Don't miss it. Looking forward to be there and spend some time with him and Aaron ! Read More...
|
-
I am delighted to announce a slight change in my role: from now on I'll focus on identity architecture, especially in the context of S+S and cloud services. YEEEEEES!!! If you are a regular reader of this blog you may have gotten the impression it was already the case. Actually, for the last three years I worked with enterprise early adopters and connected systems (WCF, WF, CardSpace). If you ever read a case study on those, chances are I may have worked on the project in some form: I had the chance of working with the best and see a wiiide range of scenarios, I loved it (most recent example here ). It's simply that when it came to blogging I just loved to dig deep in identity topics , then the articles and the book , the sessions , so... I now have the chance of staying on the topic full time. Fantastic :-) P.S.: recently Mike challenged me to surprise everybody and make a post of just three lines (I think he was poking fun at me for the the unmanageable length of this , this and this ). I thought I could do it with this post, but it turns out I am actually unable to... scary :-) Read More...
|
-
Almost one year ago I briefly mentioned the Biztalk Service SDK, here and here . A new version has recently been made available: you would not believe the amount of new features that were added to it in this timeframe. The main reason of excitement for me is that this new release supports managed cards ! It's a bit late at night here in Redmond and the drowsiness makes me feel less than bright right now, so I better defer detailed explanations to tomorrow (or the weekend). Anyway, for the identirati tuned in, this basically means that the service bus offers a R-STS that will accept, among many other means of authentication, also third party's managed cards. The behavior of the R-STS can be influenced by using the Biztalk Services identity portal , or by management API; you can translate attribute claims into authorization claims (if an incoming claim has a certain value you can issue a token which tells to the ultimate destination that the caller is authorized to perform the call; you can copy the input claims directly in the issued token so that the info is preserved; and so on). "Artist" rendering below: Again, I'll be more verbose in a later post: in fact, I plan to walk you through a sample that will make you hit the ground running exactly with that feature. The managed card support is the feature that I find most appealing ( surprised ?), but in fact there are many other great additions such as X509 authentication, REST management APIs, support for multiple languages ... Read More...
|
-
On the Paris-Seattle flight, coming back after 2 weeks spent stuffing myself with all sorts of food with the excuse "after all, you can't find this in USA" :) Before hurling myself back in the vortex of daily work, and celebrate the end of the year with something crazy, I want to take some time writing down some hallucinatory (=vision without execution) thoughts about omnidirectional identities . Be warned, this may be just pointless rambling at this point. Few weeks ago I chatted about this in front of a microphone with John Udell , digressing along a crazy tangent instead of answering his questions about the book (I eventually came back to Earth and answered properly :)). I don't know if he'll deem those fragments publication worthy, but just in case I'll make a brain dump here. It's not that there's much more to do in this small seat anyway (just finished the latest Eco . He didn't mention underbite at all, I'm happy). Looking back at the activities related to identity in the past year, I am glad to report that amazing progress has been done. Something that makes 2007 very different from 2006 is the kind of work that was made: in 2007 the accent was on execution. The vision behind the metasystem is still being explored, sure, like Kim's series on linkage or the discussions about display token and first law demonstrate; and I feel that conjugating the metasystem and claims in enterprise environment is an area that still need focus (especially in fighting old forma mentis that Read More...
|
-
It's that time of the year again: the end of June marks the end of the fiscal year, and for us it's time to reflect on what we've done in the past 12 months. Vast majority of the things I've done are internal-only or with high profile customers that can't be mentioned publicly until their PR departments give the green light, hence I won't discuss those here; however I think it's interesting to share with you a summary of some of the things that I worked on, just to give you a measure of how .NET3.0 (especially CardSpace in my case) is relevant. It should give you an hint of how much impact you can have working in my group, so you'll be able to put announcements like this in the right perspective! I also hope that this will boost your confidence that the content of our upcoming book is based on very solid real world experience, earned by working daily with our key accounts in the identity space: the PG intent is tempered by immersing it in requirements from customer actually shipping solutions based on this thing that we call CardSpace. Which, by the way, is the reason for which I'm still at the computer at this time... big stuff is going on in cardspaceland! Projects, Briefings, Deep Dives This year I've worked with or briefed more than 45 enterprise companies on CardSpace/WCF/WF, good part of it at the very top of the fortune100 and global100 (ah, btw: just subscribed to Fortune. I was buying it all the times anyway). Sometimes it was just a 2 hours personalized QA, some other Read More...
|
-
Yesterday night I was going through the unresolved parts of the inbox, a fairly boring task, when Dennis rescued me: he chimed in via Messenger reminding me that a new version of the BizTalk Services SDK is out. It wasn't hard to switch my attention to something far more exciting, and I promptly installed it. If you had the old version of the SDK on your machine, I suggest uninstalling it before installing the new one. For the ones that were bold enough to play with the new binding at low level: the changes in the machine.config show how the assembly hierarchy and the object model changed: <!-- <system.serviceModel> <bindings> <relayBinding> <binding name="metadataExchangeRelayBinding" /> </relayBinding> </bindings> <client> <endpoint address="" binding="relayBinding" bindingConfiguration="metadataExchangeRelayBinding" contract="IMetadataExchange" name="net.relay" /> <metadata> <policyImporters> <extension type="Microsoft.ServiceModel.Relay.Description.RelayBindingElementImporter, Microsoft.ServiceModel.Relay, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> </policyImporters> <wsdlImporters> <extension type="Microsoft.ServiceModel.Relay.Description.RelayBindingImporter, Microsoft.ServiceModel.Relay, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> <extension type="Microsoft.ServiceModel.Relay.Description.RelayBindingElementImporter, Microsoft.ServiceModel.Relay, Read More...
|
-
Dennis announces the CTP of the Biztalk Services, one of the webbyest CTP we have: those are actually services, the only thing you need (if you want a quick start) is the SDK . There is much to be said about this new release, and I hope I'll be able to play with it soon (dear Editor, don't worry: I know I have to send the next chapter first :-)). However, I think that the most exciting news is in the following Dennis words: "your service opens at a URI on the connect.biztalk.net machines. Then a client connects to that URI and can start sending messages. We don’t want to be in the way of your app, so our relay will immediately try to establish a direct connection between clients" See? True P2P! What are you doing still reading this post, aren't you toying with it yet? :-) BTW, take a close look to the Identity Selector in the screenshot in Dennis' post: I'm sure that the loyal readers of this blog will recognize some of the cards (thanks James for pointing this out!) Read More...
|
-
[Edit: Added Silverlight SxS con WPF/E] In short: this is a tutorial on invoking Cardspace from a Sliverlight [WPF/E] control and how to use Silverlight [WPF/E] for showing data from a token . So easy that a long haired architect can do it :-) Silverlight [WPF/E] is Microsoft's technology for developing rich internet applications, but it is also going to be CROSS PLATFORM ( the CTP it is already available for Mac ). In light of the awesome work of the Bandit guys on an identity selector on other platforms , I believe it is important to start thinking about how to use this new RIA technology together with identity. In recent times I'm hearing more and more people interested in Rich Internet Applications, or RIA. That usually brings the discussion pretty quickly on Silverlight [WPF/E], our cross platform presentation technology that leverages a subset of XAML for doing cool things inside your browser. I am often asked how to plug CardSpace into it, so I thought to put toghether a post that shows how to do that. As you know it's few years that I am a server guy, so I don't spend too much time on colorful stuff: however I also like to cross pollinate different technologies, and I especially love to do it with CardSpace (I did it with WPF , with WF , with WCF and WPF ). Yesterday night I downloaded the WPF/E SDK , the WPF/E runtime for Windows and blocked 1 hour on the calendar of my excellent colleague Laurence Moroney , probably the best mentor I could get for ramping up super fast Read More...
|
-
In short: I discuss Sidebar Gadgets, and I show you how to invoke a CardSpace-protected WCF service from a simple Gadget. Full source code is provided, along with detailed commentary on the road I've followed for getting there. Added bonus: the code shows how to apply an arbitrary configuration file to WCF, an issue often encountered when hosting WCF code in processes you don't control. Sidebar Gadgets are mini applications which live in the Sidebar, a UI element on the Windows Vista desktop. They are extremely handy for keeping an eye on information you are often interested to; they are also very good at providing you a quick-reach UI for tasks you perform often. As you know I wear the server guy hat, so I'm not really the best person for explaining the advanteges of Gadget: I would suggest visiting Michael and Jaime blogs if you want more details on the subject. When I thought of how the gadget model could be useful for me, I realized that much of the information I'd like to keep an eye on happens to be confidential (like being notified if I received a wire transfer, or getting the access statistics from my website); the actions I want to take when I react to changes in those data are also requiring high security levels (like accessing a portion of my home banking for giving approval for a certain utility bill to be paid). So, would not be great if we could use CardSpace for authenticating the services accessed by a Gadget? I thought for few nights about the issue, devised a Read More...
|
-
Few days ago I have posted a tutorial on combining WPF/E and CardSpace for securing rich internet applications. Literally hours later Daniel Bartholomew , the great guy that extended dotnetnuke with a cardspace ready module , followed the tutorial and published the live example on the web! You can experience that by visiting his test page . Thank you Daniel, this is AWESOME !!!!!! :-) Read More...
|
-
In short: Gianpaolo presents a daring proposition about a deregulated IT . I believe that GP's idea is a very valid one. In the post below I explore the implications of a world where consumerism is brought to the extremes of IT deregulation: in such a world user centric identity management and user control/consent are key enabling aspects that cannot be ignored . From time to time I have nice chats with Gianpaolo, during which he gives me glimpses of his thinking about where IT is going. I especially liked his considerations about consumerism and deregulated IT: not that he finally made a post on the topic , I can share some of the trends and implications I draw from it. The foundation of this entire matter lies in becoming fully aware of the trend that has been dubbed as consumerism. This is already a pretty loaded term already, however I really like the position of Peter Sondergaard (Gartner director of global research), as captured by David Berlind at the Gartner Symposium/ITxpo: Sondergaard went on to describe how consumer technologies and configurations now rival and often exceed in the prowess of the corresponding technologies found in the organizations that are used to serving consumers on their terms ("their" being the organizational side). "Consumers are rapidly creating personal IT architectures capable of running corporate style IT architectures" said Sondergaard. "They have faster processors, more storage, and more bandwidth. In 2012, expect consumer technologies to Read More...
|
|
|
|