• Can you Feel the RSA Buzz?

    31Mar
    Categories: Interop! Comments Off

    Everyone is feverishly preparing for the RSA Conference next week. We not only have OSIS Interop activities going on digitally, but RSA has donated us a room for Tuesday and Wednesday (April 8 & 9 2008) – the plan is to have working sessions for participants able to be physically present between 11am and 4pm both days, and then to party it up — showing off all of our products during 4-6pm both days. You are welcome to stop by and chat any time, but you’re going to have the best experience during the open houses, since that is the time when all of the Participants will be around and set up to show you their stuff.

    If you are interested in meeting a bunch of the movers & shakers in user-centric identity, you should come and visit us — Both OpenID and Information Card providers are participating, and many of the participants have solutions that knit the two technologies together.

    From a Pamela Project perspective, I’ve just updated PamelaWare for Joomla to work on Joomla 1.5 — it is not nearly enough for distribution yet (lots of things still to update), but it is good enough to kick the tires. I’d pretty well given up on Joomla v1.0 after they completely rewrote the password storage mechanism during a point release (surprise!). We were already hacking core Joomla files anyway in that version – it just wasn’t pretty. Joomla 1.5, on the other hand, is definitely pretty.

    The test site is here: http://pamelaproject.com/jostest15 — check it out! Joomla 1.5 supports OpenID out of the box btw, so my test instance can be used to check out that functionality too! From a test perspective, I’ve added an unregister function, so you can try a card, and then remove your entry either to try again, or just to keep your data from being stored.

    Tags:

  • No User Context Decisions in your Enterprise?

    27Mar
    Categories: MS/AD/InfoCards/CardSpace Comments: 2 
    Photo Credit:  CarbonNYC (http://www.flickr.com/photos/carbonnyc/76468122/)

    Enterprise76468122_b4f810a0ac.jpg use of information cards have been a topic of great thought for me leading up to my talk at the Directory Experts Conference in Chicago this month and culminating in a panel at last week’s Novell BrainShare conference, in which Patrick Harding, Kim Cameron, Dale Olds and myself talked to the lovely Carolyn Ford on this very subject.

    At DEC, the predominant opinion given to me by the experienced & capable Enterprise administrators present were as follows:

    “We don’t want users to be interrupted at all — so why would we ever want or need information cards?”

    If in the Enterprise you are responsible for, your users do not need to make a single context decision, if you the Administrator and your stored data can do it all in every situation — fantastic. My experience has been that many Enterprises find that the profile data they are able to serve from an Enterprise Directory or even a Meta-Directory cannot always suffice, and that measures have to be taken that deviate from the Zen of a single network profile in order to achieve business objectives. I’d like to put a few situations in front of you that I believe demonstrate common cases where undesirable measures are taken in order to get around an IT assumption that user context decisions are never necessary.

    Situation #1: Do you ever have to assign two different accounts for the same application to the same user?

    The only reason why a user might be issued two accounts for the same resource is because there is something critical but different about each account – and guess who chooses which account is appropriate – the user. The Enterprise cannot do the thinking for the user in this case – in fact, the Enterprise may not even know that both accounts belong to the same worker.

    There are many many reasons why an Enterprise might feel forced to issue multiple accounts to a single user — it could be due to a need to completely separate conflicting roles. It could be due to a need for a certain privilege to only be available to a user under specific, acknowledged (and audited) circumstances.

    Situation #2: Do your users ever have to logon to a separate network domain just to get to a specific application?

    I see this at client sites every so often, often in cases where mergers and acquisitions have resulted in a fragmented Windows network. Users are forced to internally access a VPN in order to create a separate network session in order to get to a single application in an untrusted/unconnected domain still within the overall company perimeter. Maybe there is a better way to do this without Information Cards, I dunno – but it seems to me that cases like this where users have no choice but to exit their soft comfy SSO/Kerberos world using nasty clunky VPN software, using an Information Card might be a cheaper, nicer, more user friendly option.

    Situation #3: Did you ever want to impress upon your workforce a sense of the solemnity of a given decision?

    Currently, most workflows for approval of provisioning or service requests are implemented by a simple HTML button — “yes” I approve or “no” I reject. What if what you need in your Enterprise is something more along the lines of “I, Pamela Dingle, acting in my capacity as Manager of Business Unit X, approve this message”?

    Situation #4: How many smart cards are hanging from your users’ belt-loops?

    If your user is required to select the right smart card for the job, they are making context decisions – and in fact, I’d argue that you’ve already bought into the card metaphor :). In this case, chances are that the hardware solution would trump any kind of information card solution — for now. In the future, as information cards become more integrated with physical devices, the line may get awfully blurry…

    Perhaps situations like the ones I’ve described above might influence you to take a closer look at information cards. Perhaps, there still isn’t enough to convince you yet. That’s ok – there is a lot more to come, this is just a small piece. I’d love to know what people’s experiences are in general around the concept of the need for user context decisions in the Enterprise – are such decisions as diametrically opposed to common SSO/IWA administrative philosophies out there now as I imply here?

    Tags:

  • Tarnishing the Sport

    24Mar
    Categories: hockey & life Comments: 5

    This Monday Jonathan Roy, a backup goalie for the Quebec Remparts, participated in a playoff game hockey brawl where he skated to his counterpart on the other team, challenged that team member to a fight, and then proceeded to pummel the team member, despite the fact that his opponent did not defend himself, did not return a single blow. The video is here, just in case you think maybe I’m just a squeamish girl who can’t handle a good hockey fight.

    Jonathan Roy then proceeded to flip the bird to the entire crowd in the arena before skating off the ice.

    Yes, fighting is part of the game of hockey. The other players on the ice were fighting. Jonathan’s actions were something else. A very critical something else.

    Shame on you, Jonathan Roy.

  • The Ultimate Solution

    18Mar
    Categories: Funny Things Comments: 2

    I howled when I saw this — wish we all could solve end-user problems so well.

    • Minimal end-user training needed before they understand how to use the product
    • Minimal day-to-day administration needed after initial configuration
    • End-user is happy with the service & user retention is high
    • Service Provider can hire maintainers with little experience (toddlers even)…

    [youtube=http://www.youtube.com/watch?v=4PcL6-mjRNk&rel=1&border=1]

  • Minimum Population of a "real" Social Network

    17Mar
    Categories: The Age of TMI Comments: 2

    Marc Canter says (or at least implies) that a social network with 5 people in it isn’t a real social network. I couldn’t disagree more.

    There are 4 people in my immediate family, and let me tell you, there is no more social network out there.

    What defines a social network? Number of hits? Ad revenue? If you ask me, the tool doesn’t define the social network – the community does. And I believe communities come in all sizes and shapes. I see nothing wrong with a small group of people wishing to collaborate in the cloud – it sounds a heck of a lot nicer than Facebook, truth be told.

    My favorite social networks are not the monster amalgamations of strangers that form the current la-dee-da Web 2.0 acquisition market. My favorite social networks are kind of like the corner bar — where everybody knows your name (or at least your nick) and where you have a history that means something to others, while simultaneously caring about the history others have built with you. Why did Flickr users grieve when they lost their original identifiers? Because it was a little piece of their community history, taken away, diluted into a homogenized mix by a service with altered goals.

    Saying a social network isn’t successful or shouldn’t be counted because it is small is like only counting a restaurant as successful if it has a franchise attached – who cares about the corner cafe, when you could have a Burger King, right?

    I care. I suspect a lot of other folks care too.

  • DEC 2008 – This one’s for you, Wook

    10Mar
    Categories: conferences Comments: 1 
    Photo Credit: Martin Kingsley

    Well, the Directory Experts Conference 2008 has come and gone.

    This conference always blows my mind. The content is extremely technical. The community is close-knit, and supportive. The conversations in the hall are at least as technically complex as what is presented in the sessions.Peach!

    For me, one very enlightening session was the last: an audience full of highly experienced Active Directory experts in the audience, facing a whole stage full of Microsoft staff. The conversation was candid, and there were items discussed that have been standing items for numerous DEC conferences (and likely to be for a few conferences more).

    The strongest worry in the room involved IT response time to Mergers and Divestitures, ie forest-level splitting, renaming, and shuffling. One of the audience members simply noted that the pace of change of infrastructure must be able to match the pace of the business. If the stage had been full of Sales Reps, I’m sure that there would have been a lot of head nodding and warm fuzzy noises – but the truth is – it’s a hard problem. It isn’t something the team can just ‘whip up’. I think that the audience got the resource trade-off that would have to happen before their wish list could actually become shippable product, while the dev team had a chance to hear the pure, unadulterated panic in the voices of those airing the issue. You don’t get better communication with a vendor than what I saw at DEC.

    I had a great time with my own presentation – I’m pretty sure I learned at least as much from the folks I met and discussed information cards with, as what I imparted to the people in my session — I can’t wait to synthesize my impressions and start a discussion here – I think that my conclusions will surprise some people.

    Until then, I will leave you with the results of this year’s Wook Lee Challenge – Wook couldn’t be there this year and wasn’t able to respond remotely (like last year) — so a committee of brave souls dedicated themselves to picking up the torch :) As a result, this year was the First Annual IT Pro-am Wook Lee Memorial Challenge. Here’s hoping next year it won’t be memorial anymore, and Wook can resume his rightful position as challenge responder :) Wook, we cannot replace you, we can only endeavor to live up to your example.

    Our challenge was to create a movie trailer about Forest Recovery and involving Joe Richards – creator of Joeware. Aaron Steele provided the artistic genius, and the whole merry band (Sean Deuby, Laura Hunter, Adam Greene, Chris Lowde, Joe Kaplan, Aaron and myself) had a great time coming up with the following cast and characters of “Indiana Joe and the Forest Recovery of Doom”:

    • Joe Richards as “Indiana Joe” (Indiana Jones)
    • Dean Wells as “Outa RAM” (Mola Ram)
    • Stuart Kwan as “Shortly Rounded” (Short Round)
    • Guido and Wook as eeeevil skeletons (since they both didn’t attend, they are ‘dead’ to us, thus the ‘memorial’ in the memorial challenge too, heh)
    • The lovely Princess Jorge as “Willie Boot” (Willie Scott)

    You have to open this poster up in large format to truly appreciate all of the little bits – enjoy!

Disclaimer


These thoughts are mine. Everyone else can get their own blog.