Orcmid's Lair |
||||
|
2003-08-09Trusted Time - Authentication and Encryption. An important aspect of digital signatures is having authentic time stamps that confirm when a signature was made and that makes for a non-repudiatable indication of when and whom. This is something that is to be checked out further in the context of XML Digital Signatures and other schemes for establishing provenance and chains of custody. computer security, laptop security, pc security, security kits using award-winning usb etoken. This is an interesting system. The one-year Class 2 Personal Certificates go for $47.01 and the kit (including a certificate) goes for $93.32 in the US. This depends on the TokenTrust and it looks like something that it would be interesting to dig into, especially the automatic log-on for Windows XP using the token! Cryptographic Toolkit - Index. This is the unframed page that I was able to blog. To get the full framed depiction, go to the CryptoToolkit section. Cryptographic Module Validation Program. This is information on the NIST program, with links to the various sources, requirements, and so on. Digital Signature StandardsDSA, RSA, ECDSA (FIPS 186-2); SHA-1 (FIPS 180-1). A summary of the 3 Digital Signature Algorithms (DSA, RSA, and ECDSA) that are accepted under the FIPS Digital Signature Standard as of February 15, 2000. There are useful resources, including sources of all referenced specifications and standards.Digital Signature Guidelines - Tutorial. This is a nicely done, comprehensive tutorial that addresses the historical, social, and legal aspects of signatures and the challenges and opportunities for providing those facilities in digital transactions. "Open systems, by retaining a high degree of information security, even for information sent over open, insecure, but inexpensive and widely used channels. ". A key point with regard to the appeal and the opportunity. An Introduction to Public Key Infrastructure. This is a nice introduction ", covering pki, public key cryptography, public key, private key, public key infrastructure, x.509 certificates, encryption, digital signatures, certificate revocation, certificate authorities." FIPS 186 - (DSS), Digital Signature Standard. This 1994 specification includes the Digital Signature Algorithm (DSA) that is also refered to in the XML Digital Signature specification and used in examples. Federal Government > Dept. of Defense IECA PKI. The US DoD will require use of PKI certificates and signatures for access to DoD systems, starting in October 2003. Obtaining one from the Digital Signature Trust costs USD $119 for an individual certificate (good for one year). That is an X.509 certificate, the most-common one promoted by certificate authorities. Digital Signature Law Survey. Simone van der Hof's survey site that provides information on laws involving the introduction/allowance/requirement of digital signatures. Web ServicesService-Oriented Architectures and Component FrameworksCode Reuse Gets Easier - Computerworld. A column on what it takes to achieve reusability. This is worthwhile in terms of exploration of Web Services and also looking at what it takes at the development level to create and use component frameworks. Web Services SecurityThe Java Community Process(SM) JSR 106 - XML Digital Encryption APIs. This process, being led by an expert from IBM, is not so advanced as the work on XML Digital Signatures, although the group was created in March, 2001. Until some sort of public review stage is reached, there is no visibility on this activity.The Java Community Process(SM) JSR 105 - XML Digital Signature APIs. This provides information on APIs for accomplishing XML Digital Signatures. This specification has completed public review and can be downloaded here. Securing Web services. A nice find based on a link from classmate Fernando. A comprehensive discussion of the considerations and the many ways to rely on XML Digital Signature and XML Encryption as support. The 3d party issue is not addressed fully, and there is no discussion of proxy issues in trust chains. And this is a very nice compilation and explanation. 2003-08-08ACM Ubiquity Review: A Pattern Language for Web Usability. A nice review on web-site design and the application of patterns. Something I must take a look at. 2003-08-07The Java Community Process(SM) Program - JSRs: Java Specification Requests - detail JSR# 168. This is the JCP site for public review of the Portlet API WebServices.Org - The Web Services Industry Portal - Java Portlet API Specification Available for Public Review. This is the announcement of Portlets as Servlets that are designed for being presented in a web page and provide access to an aggregated service or information. Misfire correctionThe following links are ones that mostly go with earlier blogs that I managed not to capture links with.MINIUSA.COM. Another example of how the presentation in different communities differ.Response by David Notkin. These are comments submitted to an Open Integration workshop held in 1994. 2003-08-06Blogger MisFiresI just noticed that Blogger stopped providing me the little paragraph titles with links built into them. That seems to have happened around the end of June, and so all of the links I think I was blogging weren't. I installed the latest Blog This! goodie and that problem is fixed. Also, I am not required to log in every bloody moment, but that may be because I am signed onto Blogger and Blog This! recognizes the cookie. I can't be sure. I really want my own Blogger on my own machine that I can then upload to my very own site. Using an intermediary, as nice as it is, is not that successful.Information TechnologyWeb PresenceTypical PortalsThe USA site is much more playful and has more of what the US consumers are interested in as owners and fans of the car. There is also a great deal of outrageousness, including promotion of "The Italian Job," a great Mini promotion.A Very fun example of the use of portal-style structure to provide product visibility and promotion as well as recognition of owners and after-market support. The interesting positioning of "Let's motor" is also interesting in terms of how it is presented differently for different markets. . The Enterprise Edition of My Yahoo! is for companies to create online access to tools and resources. The suite includes web-based portlets and is oriented to business users and portal administrators. The product is pre-integrated with leading portal software platforms, and BEA, Oracle, SAP, Sun and TIBCO are mentioned. . This is part of the Internet Scout Project, and provides a toolkit for making portals quickly and easily. The topics are also revealing about what must be considered in creating a subject- or community-oriented specialized portal. The Internet Scout is a public project at the University of Wisconsin that also produces the Internet Scout Report, on Internet resources with special emphasis on interest to the education community. . Well, here is Portal in the large. FirstGov is the Portal of the U.S. Government. It consolidates on-line citizen services, information services, audience-focused material and hot topics. There are tabs for businesses, for federal employees, and government-to-government. A fair notion of portal. . An example of a portal, in this case a consolidation site of links, not unlike the way Yahoo organizes material, but without the Blogger theme. A Fully-Designed Web ServiceThe Cold Rooster site provides an application that incorporates the Favorites Service. A valuable aspect is that the .NET version uses Passport in a way where an user can access their Favorites from any site that uses .NET authentication.A Portal that Consolidates ServicesI'm trying to discover the difference between a Portal and a Web Service. Here is a Portal that integrates web services, so this seems like a good place for one answer!And Microsoft's View of Web ServicesHere's the MSDN Site devoted to web services. A resource for my class. Also, I realize there is some material in recent Communications of the ACM.Software DevelopmentWays to Learn JavaAnd this one is a comparison of Head First Java and Learning Java. All great material.This is great. This is a review of Beginning Java Objects from in comparison with Head First Java, just the think I want to link into my bibliographies and also include in my Java Inside-Out compilation. Very great. . This is a page that provides access to James Clark's expat, a platform independent XML parser that handles namespaces. The project is on sourceforge.net and seems to be relatively active. . My course on Web Applications starts tomorrow, and I am looking around for tools while following links in our textbook, "XML and Web Services Unleashed." Here is a site that offers a compilation of free software. I am also exploring the Cover pages for other links. 2003-08-04. A nice interview with Clifford Lynch that goes back into how he got involved with library systems, the changes that libraries are going through, and the impact. . Here is a great summary of what the Mono Runtime does, along with the technologies and approaches for the JIT Engine and other elements. I am interested in the COM integration, but I don't think I am prepared to roll up my sleeves at this point. For now, this is a great place to get more information. . This is the status of the Mono C# Compiler, MCS. Because it is self-hosting and runs on both the Mono and the .NET runtimes, this is a very interesting project. . Here's the freshmeat entry for the Mono Project. There are links from here to the essential information and materials. . And here is more about Mono and its relationship to .NET, to GNOME, and the prospect it provides for cross-platform development between Windows and Linux. . This is relevant for the continuation of Ximian support for Gnome and Mono, which may provide a clearly-independent version of the ECMA CLI and C#. The reliance on open-source for Mono will be very important.
|
|||
