The bane of social networking sites is the need to register one more username, one more password, and once more to fill in some sharable details. That is sooooo 2008. I am registering with a conference so I can select interesting presentations, and reminded once again how much I hate registering for sites. Continue reading
Social Software is turning the idea of identity on it head. Actually this is a trend that has been happening for long time, but it is being thrust into the public consciousness by the desire now to bring social systems into the enterprise: ESS. It used to be that on the Internet nobody knows you are a dog), but that is changing. What they do know is your reputation, which becomes your identity. Continue reading
OpenID is slowly slowly gaining adoption. Here is a list of resources relevant to cloud identity, authentication, and authorization.
Web site security is a very important issue to me. I find it frustrating sometimes dealing with people who operate based more on superstition and urban legends than on solid principles. Part 4 is about some strange behavior I have seen in security groups and other insanity.
Continue reading
Web site security is a very important issue to me. I find it frustrating sometimes dealing with the “security experts” in IT who operate based more on superstition and urban legends than on solid principles. Part 2 is in response to my meeting with such a “security expert”. Continue reading
Web site security is a very important issue to me. Every application, every information resource, must be built strong enough to put in the Internet, to reliably deliver information to those allowed access, and prevent delivery to those who are not. I find it frustrating sometimes dealing with the “security experts” in IT who operate based more on superstition and urban legends than on solid principles. Part 1 lays down the requirements for a secure web application. Today’s post is prompted by my meeting with such a security expert. Continue reading
For about a year I have been pushing OpenID and OAuth as a key component to a large scale “Social Process” system (see posts here, here, and here). In the past year I have tested these ideas with a project called “Process Leaves” which is essentially a wiki which supports a couple of non-profit organizations I volunteer with. In order to access the protected content, you must log in with an OpenId. Yet there is still a problem. Continue reading
I have been investigating REST oriented workflow in a secure environment for the past couple of months. I covered OpenID a few months ago which is perfect for allowing for a kind of single sign on (SSO) in a web 2.0 environment without giving any service your password. Signing on to services is important, but how do you get a service to talk to another service, without giving one of them your password? Continue reading
See my previous post on Web 2.1: How OpenID will rescue Web 2.0 where I wax lyrical on how great it will be when I can have a single ID and use it everywhere. Well, I still think it is a good idea, and I still think it is the right approach, but I am considerably more disappointed about the level of support. Continue reading
I am a self acknowledged “Site Registration Hater” (SRH). I hate registering at web sites. The whole concept behind Web 2.0 is collaboration: the content comes from individual contributors and we build the web together. But every single place where you want to make a contribution, you have to register as a “user” of that site. Continue reading
Thinking Matters 
