All,
I
thought that you might be interested in seeing this. Our PR firm creates a
weekly digest of press articles on Eclipse. This week is about 80% Higgins.
Congratulations!
January 30
"Higgins, Bandit and Microsoft: Open Source for Tight Privacy"
LinuxInsider
http://www.linuxinsider.com/story/Y2FXqfHfvWTNMT/Higgins-Bandit-and-Microsoft-Open-Source-for-Tight-Privacy.xhtml
Also appeared in:
TechNewsWorld, http://www.technewsworld.com/rsstory/55444.html
January 29
"Vendors Begin Plugging Products for RSA Show" eWeek
http://www.eweek.com/article2/0,1759,2088549,00.asp
"Users See Potential in Lotus Apps, but Rollouts May Wait"
Computerworld
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=18&articleId=280734&intsrc=hm_topic
"Open-source identity projects connect with Microsoft" CNET
http://news.com.com/Open-source+identity+projects+connect+with+Microsoft/2100-1029_3-6154094.html
Also appeared in:
ZDNet, http://news.zdnet.com/2100-1009_22-6154094.html
Silicon.com, http://software.silicon.com/security/0,39024655,39165492,00.htm
"Interesting developments in open source user-centric identity"
IT-Director
http://www.it-director.com/blogs/MWD/2007/1/interesting_developments_in_open_s_.html
"Novell's Identity 'Bandit' in Cahoots with Microsoft"
Internetnews
http://www.internetnews.com/dev-news/article.php/3656636
Also appeared in:
DevX,
http://www.devxnews.com/article.php/3656636
Enterprising Network Planet, http://www.enterprisenetworkingplanet.com/netsp/article.php/3656716
"Higgins: A 'Switzerland' of Identity Management"
ITBusinessEdge
http://www.itbusinessedge.com/blogs/osb/index.php/2007/01/29/higgins-a-switzerland-of-identity-management/
"Open source projects to showcase identity integration"
NetworkWorld
http://www.networkworld.com/news/2007/012907-open-source-higgens-bandit-rsa.html]
"Eclipse, Novell near 'Big Bang' for identity" InfoWorld
http://www.infoworld.com/article/07/01/29/HNeclipsebandit_1.html
Also appeared in:
CSO Online as "Open
Source Novell, Eclipse Identity Services Project Hits Key
Milestone"
http://www2.csoonline.com/blog_view.html?CID=28443
Also appeared in:
LinuxWorld, http://www.linuxworld.com/news/2007/012907-rsa-eclipse-novell-near-big.html
TechWorld, http://www.techworld.com/applications/news/index.cfm?newsID=7888&pagtype=samechan
"Eclipse Launches Data Tools Platform" Application Development
Trends
http://www.adtmag.com/article.aspx?id=20108
"Eclipse Foundation and Novell Collaborate on Open Source ID-Services
Integration" Application Development Trends
http://www.adtmag.com/article.aspx?id=20107
January 28
"IBM Touts Unified Comms Infrastructure For Partner Development"
CRN
http://www.crn.com/sections/special/reports/sellingsmb.jhtml?articleId=197001140
January 27
"IBM develops 'identity mixer'" BizReport
http://www.bizreport.com/2007/01/ibm_develops_identity_mixer.html
January 26
"IBM's Invisibility Cloak" Forbes
http://www.forbes.com/business/businesstech/2007/01/25/ibm-identity-security-tech-security-cx_ll_0126ibm.html
"IBM tool makes online purchases anonymous" SearchSecurity.com
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1240857,00.html
"IBM's 'Need to Know' Software" Dark Reading
http://www.darkreading.com/document.asp?doc_id=115639&WT.svl=news2_1
"Can open source lead to better identity?" ZDNet
http://blogs.zdnet.com/open-source/?p=920
"Anonymous IBM" Internetnews
http://www.internetnews.com/security/article.php/3656136
"IBM software hides consumer data trail" InfoWorld
http://www.infoworld.com/article/07/01/26/HNibmdatapriv_1.html
"New IBM Software Lets Consumers Shop Online Anonymously"
InformationWeek
http://www.informationweek.com/story/showArticle.jhtml?articleID=197000899&cid=RSSfeed_IWK_All
"IBM Software Aims to Prevent Online Identity Theft" eWeek
http://www.eweek.com/article2/0,1759,2087843,00.asp?kc=EWRSS03119TX1K0000594
"IBM Donates Privacy Code to Open Source Project" LinuxInsider
http://www.linuxinsider.com/story/linux-security/55408.html
"It's Jaw-Jaw and War-War for Java and NetBeans" The Register
http://www.regdeveloper.co.uk/2007/01/26/eclipse_jcp_netbeans/
"Aperi stalled, dead even?" TechWorld
http://www.techworld.com/storage/blogs/index.cfm?entryid=378&blogid=3
"Eclipse Project Higgins Demos Interoperability" ComputerWire
January 24
"Eclipse Releases Data Tools Project 1.0" ComputerWire
January 24, 2007
"Give Me openLiberty" Internetnews
http://www.internetnews.com/dev-news/article.php/3655671
Also appeared in:
DevX News, http://www.devxnews.com/article.php/3655671
January 23
"Eclipse Data Tools Platform offered" InfoWorld
http://weblog.infoworld.com/tcdaily/archives/2007/01/eclipse_data_to.html
"Macraigor joins Eclipse" InfoWorld
http://weblog.infoworld.com/techwatch/archives/009842.html
"IDEs for Web services - Eclipse" SearchWebServices
http://searchwebservices.techtarget.com/tip/0,289483,sid26_gci1240284,00.html
January 19
"Cool Coder Creates Eclipse App for the Arctic" Application Development Trends
http://www.adtmag.com/blogs/blog.aspx?a=20058
Higgins, Bandit and Microsoft: Open Source for Tight
Privacy
LinuxInsider
By Chris Maxcer
January 30, 2007
http://www.linuxinsider.com/story/Y2FXqfHfvWTNMT/Higgins-Bandit-and-Microsoft-Open-Source-for-Tight-Privacy.xhtml
At next week's RSA Conference in San
Francisco, the open source Bandit and Eclipse Higgins projects will
demonstrate their latest development: a reference application that showcases
open source identity services that interoperate with the Microsoft Windows
CardSpace identity management system, which ships with the Vista operating system.
When it comes to security there is no such thing as good enough. That's
why BlackBerry has the most widely security accredited wireless solutions in the
world. Before choosing a wireless solution, visit
www.blackberry.com/select/get_the_facts to get the facts on BlackBerry Business
Solutions.
The open source Latest News about open source Bandit and Eclipse Higgins
projects, both of which are working toward providing an open and consistent
approach to identity management, have announced they have created a reference
application that showcases open source identity services that interoperate with
the Microsoft (Nasdaq: MSFT) Latest News about Microsoft Windows CardSpace
identity management system.
In addition, the reference application enables Liberty Alliance-based
identity federation via Novell's (Nasdaq: NOVL) Latest News about Novell Access
Manager. It's noteworthy because it's a first-of-its-kind open source identity
system that features interoperability with leading platforms and protocols. The
Bandit and Higgins teams plan to showcase the application at next week's RSA
Conference in San
Francisco.
Multiple Perspectives
The Bandit and Higgins projects focus on developing cross-platform open
source identity services to help organizations and individuals to manage
identity information.
From an individual perspective, Higgins is a project within the Eclipse
Foundation that focuses on providing application frameworks for building
software that helps individuals securely control who has access to their online
personal information, such as bank accounts, credit card numbers, medical
information, and employment records.
While the Bandit and Higgins projects both work on developing identity
standards, the Novell-sponsored Bandit project tends to focus more on enterprise
identity management challenges. For example, an employee in a large organization
might need to access a variety of enterprise applications that reside on
different server platforms and require different user names and
passwords.
Another example might be an organization that offers Web portals to
supply chain businesses partners, all of which require secure identity-based
access. Any time someone forgets their login information, they immediately start
losing productivity Get the Facts on BlackBerry Business Solutions. It only gets
worse if someone's login information is stolen.
"For better or worse, we have an identity infrastructure in place today
-- the user name and password. Unfortunately we've discovered that this
infrastructure is less than ideal with regards to security and manageability,"
Dale Olds, distinguished engineer and Bandit Project lead for Novell, told
LinuxInsider. "That's why there are a number of new initiatives, including the
work underway through Bandit and Higgins, to design, develop and implement a new
identity infrastructure."
The reference application leverages parts of both Bandit and Higgins to
create the interoperability with Microsoft's CardSpace identity management
system, which ships with the Vista operating
system. Microsoft has been promoting Windows CardSpace as an implementation of
an identity metasystem to help provide a model for identity interoperability. At
the same time, the company is very much interested in working with others,
including the open source community, to create a standards-based identity
system.
Identities in Transition
"If you look at the protocols of the Internet Free How-To Guide for Small
Business Web Strategies - from domain name selection to site promotion., like
TCP/IP, that make it the common standard and open communications infrastructure
Barracuda Spam Filter - Free Evaluation Unit that it is -- and that's the
essence that gives it its power -- those protocols aren't owned and controlled
by any one vendor," Jamie Lewis, CEO and research chair of Burton Group, told
LinuxInsider. "They aren't a patented product that you can only buy in one
place. It's just sort of baked in, you can rely on it, and you know it works.
Well, identity is far from that, and we are in a current transitional mode to
that level of standardization and openness around identity."
Lewis likened the current position in the evolving world of identity
management to that of a football team on its own 30 yard line -- there's still
70 yards to go to get a touchdown.
"There are two basic requirements for translating the potential of recent
identity infrastructure developments into real-world benefits for users:
interoperability and a consistent means of developing identity-aware
applications," Lewis said.
"First, vendors must deliver on their promise to enable interoperability
between different identity systems serving different needs," he continued.
"Second, developers need a consistent means of creating applications that
leverage identity while masking many of the underlying differences in those
systems from the programmer. The Bandit and Eclipse Higgins interoperability
demonstration shows progress on the path toward these goals. And the fact that
they are open source software projects increases the potential that the identity
infrastructure will emerge as a common, open system for the Internet."
Vendors Begin Plugging Products for RSA
Show
eWeek
By Matt Hines
January 29, 2007
http://www.eweek.com/article2/0,1759,2088549,00.asp
The avalanche of new security products launched for the RSA Conference
2007 has already begun, even though the show itself does not kick off for
another week.
A collection of security companies introduced new products, or announced
other news, on Jan. 29 in an effort to get ahead of the crowd, as dozens of
additional products and services will be rolled out over the coming week in
expectation of the event, and during the show itself, which will run from Feb.
5-10 in San Francisco at the Moscone Center.
Among the firms getting news out the door before the increasingly popular
conference begins were Vontu, SPI Dynamics, eEye Digital Security, ScriptLogic,
NitroSecurity, Novell's Project Bandit and Extreme Networks.
Vontu, based in San
Francisco, announced its latest data loss prevention
package, which promises to help enterprises lock down the flow of information
from their networks and maintain compliance with data-handling
regulations.
Dubbed Vontu 7, the package boasts an array of upgrades over previous
iterations of the company's software, including the ability to monitor USB
storage devices and other removable media, along with expanded reporting
tools.
Among other capabilities, the Vontu software claims the ability to
protect data whether it resides on servers, desktops and laptops, and to block
sensitive data from being sent out via e-mail, Webmail or file-sharing systems.
The product also boasts new coverage for Asian languages, and will hit the
market in late March 2007 with a base price of $25,000.
Atlanta-based SPI Dynamics introduced a new Web application security
assessment platform, labeled Phoenix, that it said will greatly improve its
products' ability to find holes in companies' online sites and software tools,
including so-called Web 2.0 software programs.
As many companies build new Web applications on emerging technologies
such as AJAX,
developers are overlooking large numbers of vulnerabilities and leaving their
employers open to attack, SPI officials contend.
In addition to improving its ability to test such programs, SPI said that
Phoenix, which
will serve as the foundation for all its next-generation product lines, will
speed vulnerability testing scans, reduce false positives, allow for
simultaneous scans and support the IPv6 standard.
SPI also released its first product built on the new architecture, its
WebInspect 7 applications security testing package, which boasts a new tabbed
interface and integrated support for end users, along with the inclusion of the
Phoenix
capabilities for scanning and reports. The product will arrive on the market in
mid-February.
Software maker eEye Digital Security, based in Aliso Viejo, Calif., introduced the latest version of its
Blink Professional endpoint security package. For the first time, the vendor has
added anti-virus capabilities to the product, adding to its host intrusion
protection and applications buffer overflow protection tools.
In addition to the new anti-virus tools, which the firm developed through
a partnership with Norman Data Defense, eEye is touting the ability of the
software to fend off phishing attacks, monitor firewalls, manage group user
policies, protect data from being saved to removable storage devices and test
for local vulnerabilities. The package, available immediately, also offers
attack and security event reporting through a revamped security management
console.
Boca Raton, Fla.-based ScriptLogic launched its newest security
management platform for Microsoft's Windows products, dubbed Security Explorer
6.0. The network administration specialist is touting a redesigned user
interface, new systems controls, and support for Microsoft's new Vista operating system in the offering, which is available
immediately.
Benefits of the new interface, according to company officials, include
faster performance and greater flexibility for administrators running the
program to manage different versions of Microsoft's Windows workstations and
servers, along with centralized management of file security for such
devices.
Security management applications maker NitroSecurity, Portsmouth, N.H., introduced its newest appliance, which
aims to aid businesses in the oversight of operational and network defenses
against internal and external attacks.
Labeled as NitroView ESM (Enterprise Security Manager), the device claims
advanced network-based threat mitigation capabilities, combining security event
management and network behavior analysis into a single platform.
By embedding its relational database (NitroEDB) on the appliance, the
company said it has boosted the product's ability to provide real-time traffic
analysis and security event management, including deep packet aggregation and
correlation for an extremely large volume of files at one time. The product is
available immediately.
Officials with Novell's Project Bandit open-source authentication effort,
and the Eclipse Higgins
Project, which backs development of open-source tools, announced the achievement
of a key milestone in their ongoing joint development of identity
services.
The two groups are working to create standards-based tools that allow
companies to better integrate IT systems authentication capabilities, in the
name of allowing such systems to work together more smoothly and with less
customization.
Based on working code provided by the two projects, along with
submissions from other developers, the teams announced that they have created a
reference application to show off the promise of open-source identity services
that are interoperable with Microsoft's Windows CardSpace identity management
system, that also allow for ID federation via Novell's Access Manager platform.
The research groups are touting the application as the first of its kind and
will demonstrate how it works at the RSA show in early February.
Infrastructure specialist Extreme Networks, Santa Clara, Calif., made a handful of security
improvements to its operating system, the new version of which is dubbed
ExtremeXOS version 11.6, adding new capabilities for interaction with so-called
NAC (Network Access Control) technologies.
The company is specifically touting the ability of the software to
strengthen security policy enforcement to ward off attacks via switch-based
enforcement, and allow network administrators to install NAC systems more
securely. The updated ExtremeXOS OS is being made available by the company
today.
Users See Potential in Lotus Apps, but Rollouts May
Wait
Computerworld
By Todd R. Weiss
January 29, 2007
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=18&articleId=280734&intsrc=hm_topic
ORLANDO -- At its Lotusphere 2007 conference
last week, IBM detailed upcoming software tools designed to enable corporate
users to collaborate more efficiently by better tying together different streams
of internal information.
Users interviewed at the conference generally agreed that the promised
additions to IBM's Lotus product line could help improve their collaboration
processes. But some said it might be a while before their organizations take
advantage of the new tools.
For example, an IT administrator at an East Coast utility said its
business units use different applications and systems, posing collaboration
challenges. Processes could be improved by using some of the new features coming
in Version 8 of IBM's Notes and Domino applications, said the administrator, who
asked to remain anonymous.
The Notes 8 client is based on the Eclipse open-source development
framework and will look like a native application on Windows, Macintosh and
Linux desktops, according to IBM. The IT administrator said that should make the
software "system-independent" while also making it easier for end users to
access data.
But he added that his company's 20,000 users probably won't see the new
tools for several years. The utility is still upgrading its systems to Version 7
of Notes and Domino and won't be ready for another upgrade right
away.
Two Lotus Tools Debut
In addition to announcing plans to release Notes and Domino 8 for public
beta-testing next month, IBM introduced two new Lotus products: an
information-sharing tool called Connections, and a collaborative content-sharing
program called Quickr.
Hugh Roddick, director of application development at Health
Canada's client service
center in Ottawa, said the various IBM tools could
eventually offer major usability improvements to the government agency's 13,600
users.
Currently, many of the users are forced to rely on paper-based
communication or "cobbled-together" electronic tools, Roddick said.
Health Canada has been testing Notes and
Domino 8 for several months, and Roddick said the integration of new
functionality, such as document-editing tools, into Notes will let users run
fewer applications at one time.
Roddick added that Connections could allow Health Canada's
in-house knowledge to be cataloged in a central place. And Quickr could enable
users to run searches against 5,000 or so Notes document storage repositories,
he said.
"One of the problems we're trying to solve is that there's too much
information," Roddick said. "You've got all this corporate information, but it's
in little silos."
But Geert Van de Steen, a Notes and Domino consultant at TechTeam A.N.E.
NV in Zwijnaarde, Belgium, said his customers "would laugh at me" if he
suggested they deploy IBM's new tools. "We are professionals," he said. "We
don't need these fancy things."
Open-source identity projects connect with
Microsoft
CNET
By Joris Evers
January 29, 2007
http://news.com.com/Open-source+identity+projects+connect+with+Microsoft/2100-1029_3-6154094.html
The Higgins and Bandit open-source projects are claiming a milestone in
the development of open-source identity services with a link to a new Microsoft
identity system.
At next week's RSA Conference in San Francisco, backers of Higgins and
Bandit plan to demonstrate an early version of an application that shows
open-source identity services that are interoperable with Microsoft's Windows
CardSpace and can enable Liberty Alliance-based identity federation via Novell
Access Manager, a commercial Novell product.
"The key point here is that open-source components are providing the
ability to integrate these identity systems and products," Dale Olds, a
distinguished engineer at Novell, said in an interview. Novell is a contributor
to Higgins and created Bandit. Both open-source efforts were launched last
year.
Higgins was presented as an open-source response to Microsoft's Windows
CardSpace, formerly known as InfoCard. Like the Microsoft effort, Higgins is
meant to give people more control of their data when they do business online.
However, it also promises to provide interoperability between various identity
systems used on the Internet.
The Bandit project aims to create a set of open-source components for
services that use identity data in online transactions, whether corporate or
consumer. Liberty Alliance was formed in 2001 to outflank Microsoft's now
largely defunct Passport initiative and develop standards for federated online
verification of identity.
People working on Higgins, which is backed by Novell and IBM, plan this
summer to deliver a first version of what's called the Higgins Trust Framework.
The interoperability with Microsoft that is being shown off at the RSA
Conference is a major step towards that, said Mary Ruddy, a Higgins project
leader.
"It is a technical milestone on our way to the 1.0 release," Ruddy said.
"Higgins is a Switzerland of identity management
products; these are examples of identity projects that we're interoperating and
integrating with."
The early version of the application to be shown next week allows an
individual to use different digital identity "I-Cards" to gain access to online
sites and services, according to Higgins and Bandit. This is the metaphor
Microsoft uses in CardSpace, which ships with the Vista operating system.
Developers on the open-source projects got help from Microsoft in making
the interoperability happen, Ruddy said. Microsoft is pleased that its ideas are
finding a following in the open-source world, said Kim Cameron, architect for
identity and access at Microsoft.
"It's rewarding to see the Bandit and Higgins projects, as well as the
larger open-source community, embracing this concept and delivering on the
promise of identity interoperability," Cameron said.
Interesting developments in open source user-centric
identity
IT-Director
By Neil Macehiter
January 29, 2007
http://www.it-director.com/blogs/MWD/2007/1/interesting_developments_in_open_s_.html
A couple of interesting stories related to open source user-centric
identity came my way, courtesy of CNET. The first concerns a donation to the
Higgins Project from IBM and the second is about some important interoperability
announcements to come at this week's RSA Conference.
The Higgins Project, which I have been following closely for the last
year or so, is under the auspices of Eclipse and sets out to provide
a platform- and identity protocol-independent software framework to aid in the
development of user-centric identity management solutions. IBM has donated the
results of some work, the Identity Mixer, carried out by its Research Lab in
Zurich focussed
on enhancing user privacy. Identity Mixer exploits advanced cryptographic
techniques so that individuals do not have to provide "real" data to service
providers. Instead, they can provide pseudonyms and other credentials which the
service provider can verify directly or indirectly to provide the service. So,
for example, in an online commerce transaction there is no need to provide a
credit card num ber. Instead, the individual provides an encrypted credential
which the service provider sends to the credit card issuer for verification. The
credentials are single use in much the same way that the likes of Citigroup and
PayPal issue one-time credit card numbers.
This will necessitate changes to the way that service providers and
credit card issuers work. However, I think the potential barriers to adoption
will reduce as user-centric identity initiatives mature. As more immediate
problems, such as the proliferation of usernames and passwords and inconsistent
user experiences, are addressed then issues such as privacy assurance will take
on a higher profile and individuals will come to demand it.
On a related note, I came across this post from Bill Barnes (a product
manager for Microsoft's CardSpace) discussing another potential barrier to
adoption of such privacy enhancing techniques: the fact that they introduce
additional transaction steps. Bill discusses how CardSpace could help to address
this. When a CardSpace user selects an information card associated with their
credit card issuer, a credential representing the credit card could be sent to
the service provider alongside other information required for authentication and
authorisation.
The second story also concerns Higgins, together with the closely related
Bandit Project (which I first discussed here). The story is a little light on
details but it seems that there will be some demonstrations of interoperability
scenarios involving CardSpace and the Liberty Alliance protocols. Definitely
something to watch out for.
Novell's Identity 'Bandit' in Cahoots with
Microsoft
Internetnews
By Sean Michael Kerner
January 29, 2007
http://www.internetnews.com/dev-news/article.php/3656636
In the emerging race to create identity systems that span the Internet,
there are proprietary and open source systems.
The two are no longer mutually exclusive: Novell's (Quote) Project Bandit
and Eclipse's Project Higgins next week will show how their identity systems
interoperate with Microsoft's (Quote) Windows CardSpace ID metasystem at the RSA
Conference 2007 in San
Francisco.
Windows CardSpace, one of the key new technologies included in
Microsoft's Windows Vista operating system, securely stores and transmits
personal identities.
The open source Bandit Project is a similar effort, leveraging other open
source efforts, including Eclipse's Project Higgins.
The Bandit Project was born February 2006, though it was not officially
announced until June of the same year. There has been a lot of refinement in
Bandit since it first got started, according to Dale Olds, distinguished
engineer at Novell.
That refinement has had a lot to do with actually defining what it is
that Bandit actually does.
"This has always been a difficult thing to explain to people," Olds told
internetnews.com. "Identity is a vague notion and how to take that and distill
it into code and then make that into a sound bite and explain to somebody what
Bandit is has always been one of our biggest challenges."
"There has been a lot of refinement in the last year," Olds continued.
"Now we just focus on saying that Bandit will provide components for
authentication, authorization and audit."
While some Novell programmers spent 2006 refining Bandit, other Novell
executives inked a interoperability and patent agreement with Microsoft. But
Olds there is no direct benefit to Bandit as a result of the deal.
"We worked with the Microsoft guys well before the Novell Microsoft
agreement on a thing called the open specification promise," Olds explained.
"[For] anything that we implement as part of Bandit or Higgins, the intellectual
property must be fully cleared before we implement it in open
source."
That said, Olds did admit that there may be some indirect benefits from
the deal in the sense that Novell will be able to do more testing and receive
better tech support for interoperability issues.
Even with the potential indirect benefits and the open specification
promise from Microsoft, getting Bandit to interoperate with CardSpace still
requires a good deal of work.
Olds indicated that when dealing with interoperability issues, it's very
difficult to get current accurate and good specifications. Olds thought
Microsoft did a better job working with Bandit than most, though there are still
some issues that cropped up.
"Things that are not suppose to matter like where the white space is in
the XML, sometimes it's a bug in the original implementation," Old
said.
"If there was a bug in CardSpace with the white space parsing of the XML
data in Vista and it gets shipped to millions of customer you just have to code
around that regardless of what the spec says."
Higgins: A 'Switzerland' of Identity
Management
ITBusinessEdge
By Lora Bentley
January 29, 2007
http://www.itbusinessedge.com/blogs/osb/index.php/2007/01/29/higgins-a-switzerland-of-identity-management/
When we think about identity management in the open source space, two
names immediately come to mind: Bandit and Higgins. Both are projects that we
have kept an eye on since their inception, both are at least supported by
Novell, and both were begun in response to Microsoft offerings. (Higgins was the
open source response to Windows CardSpace, formerly known as InfoCard; Bandit
was intended to circumvent the nearly defunct Microsoft Passport
program.)
silicon.com reports today that backers of both projects are preparing for
the upcoming RSA Security Conference, where they will debut an early version of
an app that will interoperate with Microsoft's Windows CardSpace and allow
Liberty Alliance-based identity federation. Microsoft worked with Higgins and
Bandit programmers on the interoperability. In fact, a company spokesperson says
Microsoft is pleased that the "open source community . is delivering on the
promise of interoperable identity."
A Higgins project lead points out that the interoperability to be
demonstrated at the RSA conference is just a first step toward the 1.0 release
of the Higgins Trusted Framework. Microsoft and the Liberty Alliance are just
"examples of identity projects that we're interoperating and integrating with,"
she told silicon.com.
And, for now, it seems ID management is an example of another space in
which Microsoft is willing to cooperate with open source.
Open source projects to showcase identity
integration
Higgens and Bandit projects aim to demonstrate at RSA how
disparate identity platforms can be integrated.
NetworkWorld
By John Fontana
January 29, 2007
http://www.networkworld.com/news/2007/012907-open-source-higgens-bandit-rsa.html]
The leaders of two open source projects next week plan to showcase how
they are using their services to integrate common identity platforms and provide
developers with hooks to link their applications to those platforms.
The nearly year-old Higgins project, founded by IBM, Novell and a group
of academics, and the Bandit project, started by Novell in mid-2006, plan to use
next week's RSA conference to show a reference application that uses open source
identity services to tie together Microsoft's CardSpace user identity system in
Vista, and Liberty Alliance-based identity federation technology in Novell's
Access Manager.
The goal is to provide corporate users and others with a common way for
disparate identity platforms, protocols and services to integrate with each over
both public and private networks. In addition, the open source advocates hope to
provide developers with tools to easily tie their applications with corporate
identity management systems.
"By working with a number of open source products and components, we are
going to show that we can tie together a Liberty product with Microsoft CardSpace," says
Dale Olds, a distinguished engineer with Novell. "You have these large identity
systems with Liberty and CardSpace, but it is Higgins and
other open source projects such as Bandit that are working to provide the glue.
This reference application is very significant in that it shows the initial
touch points."
Higgins is a framework designed to integrate identity, profile and
relationship data from across multiple systems. The framework has interface and
middleware components, such as the Identity Attribute Service, that act as a
layer on top of identity repositories. The framework includes both code and an
API that developers will use to link their applications into the Higgins
identity services. The goal is to support applications whose front-ends can be a
browser, rich client or Web services-based.
Bandit, introduced in June 2006 by Novell, is an open source set of
services that incorporate existing protocols such as WS-*, the Liberty Alliance
standards and Higgins. Bandit is seen as a sort of standard bus that
identity-enabled applications and back-end identity systems can plug into.
Applications would basically need only to hook in via a generic adapter, say for
authentication, and then IT could plug in whatever authentication mechanism it
wants.
Olds also mentions other open source projects such as XMLDAP, which
supports a browser-based digital identity card selector on Linux, and the Pamela
Project focused on PHP plug-ins for CardSpace to enable identity services on
such applications as wikis and blogs.
At RSA, the Higgins and Bandit project teams will show how an identity
card from CardSpace can be used to authenticate a user to Novell's Access
Manager. They also will demonstrate how a user account in Access Manager can
generate a card using Higgins components that can be used to authenticate
through CardSpace and a Linux-based card selector to wikis and blogs.
Bandit's contributions to the reference application include multiple
"context providers" that plug into the Higgins Identity Attribute Service and
provide access to identity information from disparate identity stores. It also
highlights the role engine and audit reporting capabilities the Bandit project
is developing.
"This is a development milestone," says Mary Ruddy, one of the project
leaders on Higgins. "We have a path of milestones leading to a 1.0 release
sometime near the end of this summer. We have been very encouraged with the work
being done not only with Higgins and Bandit, but the work that is happening in
this space in general. Some of the things with CardSpace and identity cards
provide a [user interface] that is very useful for people having a consistent
user experience with identity."
Eclipse, Novell near 'Big Bang' for
identity
Will divided vendor allegiances keep us in the
dark?
InfoWorld
By Paul F. Roberts
January 29, 2007
http://www.infoworld.com/article/07/01/29/HNeclipsebandit_1.html
Two open-source identity management projects said on Monday that they had
achieved a key milestone in the development of open-source identity services
that connect products regardless of maker or platform.
Developers from Novell's Bandit open-source project and Higgins, part of
the Eclipse Project, said a
new "reference application" created by the two groups is a working example of
open-source identity services that interoperate with Microsoft's Windows
CardSpace identity management system and Novell's Access Manager, which uses
identity federation based on specifications from the Liberty Alliance. The
application shows that it is possible to link different identity systems using
open-source components, according to Dale Olds, project manager for Bandit at
Novell.
The integration, which has been under development for over a year, will
be on display next week at the RSA Conference in San Francisco. Part of the demonstration will
show how companies can integrate a non-Liberty Alliance identity system and a Liberty
Alliance-based federated identity system provided by Novell Access Manager. In
particular, the demonstration will have Novell Access Manager authenticate a
user via Microsoft's CardSpace using information from an external identity
system. In the demonstration, users will be able to access a sample media Wiki
and blog using the technology, Olds said.
The vendors involved in the integration are working to realize a common
vision of seamless identity layers that can be accessed from systems running on
Apple OS, Microsoft Windows, or Linux, using a variety of protocols from the
Liberty Alliance, OpenID, OASIS, or other groups.
"That's the Big Bang. An identity metasystem, and we're making tangible
progress toward that vision," Olds said.
In contrast to current systems for linking identity systems, the
technology on display at RSA will also be more "user-centric," by virtue of
integration with Microsoft's CardSpace, Olds said. "The user will have a
meaningful and convenient access to identity information, and it will be clear
to them when it's being released," he said.
Microsoft's CardSpace -- and the Infocard architecture that underlies it
-- is an important development because it provides an easy way for users to
store and manage identity information and because CardSpace and Infocards will
be widely available through Windows Vista.
Microsoft provided open specifications for CardSpace and helped manage
intellectual property issues that were raised when implementing the Infocard
technology as open source, Olds said. Engineers from IBM also played a part in
the solution, building token services for the project, said Paul Trevithick of
Parity Communications, technical lead on the Higgins Project.
But optimistic "interoperability" demonstrations of federated user
identities have been de rigueur at RSA for years now without any measurable
decline in the number of user identities and passwords that users manage or the
tangle of identity stores within enterprises, Olds and Trevithick
admit.
One problem in realizing the vision of an open-source identity layer is
that tends to commoditize existing identity management products, creating a
perverse incentive for companies that are in a position to make interoperable
identities work, Trevithick said.
"That may be the reason you hear about interoperability but still haven't
seen it," he said. "Companies like Oracle and IBM and even Novell have no
incentive to do it."
Olds said that previous attempts at interoperability have been premised
too much on one set of protocols by groups like the Liberty Alliance "winning
out" over others.
"It was kind of 'If only we could get everyone to adopt these
protocols!'" Olds said.
The open-source nature of the Higgins and Bandit integration and a
critical mass of CardSpace users may finally overcome those obstacles,
however.
"This is an evolutionary approach," said Olds. "We all have 100 user
accounts. With Higgins and Bandit and open-source technologies, maybe we'll get
it so it's more manageable and we're down to 50 user accounts in a year, and
we'll be better off. "
Eclipse Launches Data Tools
Platform
Application Development Trends
By John K. Waters
January 29, 2007
http://www.adtmag.com/article.aspx?id=20108
The Eclipse Foundation
has released the first version of its much anticipated Data Tools Platform
(DTP), a collection of extensible frameworks and tools designed specifically for
developing data-centric applications in the Eclipse environment.
"DTP 1.0 provides a rich set of frameworks that solve real-world issues
related to the development of data-centric applications," Mike Milinkovich, the
foundation's executive director, said in a statement.
Aimed at application developers who need to leverage existing data
sources, the DTP comprises three major components: a connection-management and
data-access framework, a set of model-driven development tools, and a set of SQL
development tools.
Milinkovich credited the growth and momentum of the DTP to the efforts of
committers from such Eclipse member companies as Sybase, Actuate, and IBM. Big
Blue developed the original Eclipse codebase and released it as an open-source
project. The Eclipse Foundation's own Eclipse Web Tools Platform project is
adopting the DTP in its 2.0 release, code named "Europa." A "functional release"
of the DTP was actually included as part of the Callisto multi-project roll out
in 2006.
Sybase
Sybase, the Dublin, Calif.-based provider of information management
solutions, is already leveraging the DTP in its WorkSpace 1.2 Web-app
development environment, said John Graham, a Sybase software engineer who chairs
the Project Management Committee for the DTP. In his blog posting on the 1.0
release, Graham observed that, with this version, the project moves from
incubation to mature status. "[It's] one move forward along the DTP path," he
wrote. "We have a number of exciting ideas for DTP in 2007, not the least of
which is participation in the Europa coordinated release. Also, there are a
number of DTP presentations scheduled for EclipseCon, many of which will explore
these directions."
The SQL editing/debugging framework and the connectivity layer in DTP in
particular will provide Sybase's customers with greater support for
heterogeneous server environments, the company says, and enhance the overall
ease of use and productivity of WorkSpace's Data tooling.
Actuate, the South San Francisco-based maker of enterprise reporting
applications, is utilizing the GTP for its "rich and extensible data-access
capabilities," the company says. Actuate originated the industry's first open
source Business Intelligence and Reporting Tools Project (BIRT), which was
approved as a top-level Eclipse project in 2004. In BIRT 2.1, the DTP's Open
Data Access (ODA) and Connection Profile frameworks are providing heterogeneous
data access services, the company says. Both the BIRT report designer and report
engine are ODA hosts that consume any ODA designers and runtime
drivers.
Data access and management tools are becoming priority concerns of many
developers; 53 of those responding to a recent Evans Data survey characterized
them as "extremely important." "Developers see data access and management tools
as an integral part of their arsenal in data-centric application development,"
said John Andrews, CEO of Evans Data. "Eclipse will meet an important
requirement of developers by providing data-centric tools and
frameworks."
More information on the Eclipse DTP Project is available on the Eclipse
data tools page.
Eclipse Foundation and Novell Collaborate on Open Source
ID-Services Integration
Application Development Trends
By John K. Waters
January 29, 2007
http://www.adtmag.com/article.aspx?id=20107
Two open source identity-services projects are set to announce a jointly
produced reference application designed to enable multi-platform, multi-protocol
open source identity services.
The Higgins Trust Framework Project, sponsored by the Eclipse Foundation, and the
Bandit Project, sponsored by Novell, are both seeking to provide a consistent
approach to managing digital ID information, regardless of the underlying
technology.
Based on working code from the two projects and the larger community of
open source developers, the reference application features interoperability with
leading platforms and protocols including Microsoft's Windows CardSpace identity
management system and Liberty Alliance-enabled products.
The reference app leverages the information card metaphor, explains Dale
Olds, Bandit project lead, which allows an individual to use different digital
identity "I-Cards" to gain access to online sites and services. This is the
metaphor used in the Window's CardSpace identity management system that ships
with the Vista operating system.
Sybase
"Higgins comes from a consumer-centric ID space," Olds says, "while
Bandit comes from a more enterprise ID management space. But the two worlds are
blurring rapidly. The firewall is dissolving, you might say, and we need to give
people the ability to make intuitive choices-convenient, but clear choices-about
their ID information. And the card metaphor is particularly useful for
that."
Microsoft supports the developments."Windows CardSpace is an
implementation of Microsoft's vision of an identity metasystem, which we have
promoted as a model for identity interoperability," said Kim Cameron, architect
for identity and access at Microsoft. "It's rewarding to see the Bandit and
Higgins projects, as well as the larger open source community, embracing this
concept and deliveringis on the promise of identity
interoperability."
In a related announcement, the Liberty Alliance unveiled last week the
openLiberty Project, a global open source initiative formed to provide OSS
developers with tools for integrating the privacy and security capabilities of
Liberty Federation and Liberty Web Services into a variety of new identity-based
services. The Alliance is an industry consortium working to
establish a standard for federated network identity through open technical
specifications.
The Alliance also launched openLiberty.org, a
portal where developers can collaborate in the openLiberty Project and access
tools and information for "jump starting" the development of more secure and
privacy-respecting apps based on the Liberty Federation and Liberty Web Services
standards.
Olds, who is a distinguished engineer in Novell's Identity and Security
Management Group, applauds the Liberty Alliance news. "We find it very
encouraging and wonderful," he says. "The more people in the ID space that
participate in open source, the easier it is to build components that
interoperate. We look forward to working with those components."
The jointly developed Higgins-Bandit reference application currently
provides Liberty Alliance-based identity federation via Novell's Web access
management product, Novell Access Manager.
"There are lots of standards out there," Olds adds. "Liberty, SAML,, Kerberos,
and WS-* are all coming along. What's been lacking is working code that will
bring together ID information from any of those standards and make it useable
for systems and end-users."
Members of the two open source projects are scheduled to demo the
reference app at next week's RSA security conference in San Francisco. Developers
can download that application now.
IBM Touts Unified Comms Infrastructure For Partner
Development
CRN
By Barbara Darrow
January 28, 2007
http://www.crn.com/sections/special/reports/sellingsmb.jhtml?articleId=197001140
IBM partners were in Orlando last week to pledge their support for
what they contend is a full platform--including Websphere, new social networking
software, and Domino mail and collaboration software-- for building
collaborative applications.
Amid the social networking buzz at Lotusphere, IBM Software also talked
up a version of its latest portal software for smaller companies.
Trilog Group is integrating its ProjExec collaboration software with a
full boat of IBM Lotus collaborative wares, including the new IBM Lotus
Connections social networking wares, QuickR file-sharing software and
WebSphere.
"We offer online project collaboration delivered as SaaS. We already
integrate with Sametime 7.5 and will integrate with QuickR documents and with
connections so people can search out expertise they need," said Alex Homsi, CEO
of Woburn, Mass.-based Trilog.
The solution provider also uses IBM/Lotus Eclipse-based Expeditor toolset
to help customers continue their work in disconnected mode.
With all of that capability, Trilog solutions can compete with Microsoft
Project solutions, Homsi added. "We also integrate with the Project desktop but
as a solution we think we're five times cheaper than Microsoft Project," he
noted.
Alphalogix, a Huntington
Beach, Calif.
Collaboration and portal specialist will use the latest Websphere Portal Express
6.0 to provide smaller companies with full portal capabilities, said Bob
McCandless, CEO of Alphalogix.
The solution provider has done WebSphere-based portals for large
companies including Twentieth Century Fox, but the price point of Express --
$39,999 per processor or $2,300 per 20-user pack-- is more palatable than the
other versions for smaller companies (it is limited to use to 1,000
users).
By contrast, the high-end Portal Extend SKU weighs in at $130,000 per
processor; Portal Enable at $95,000 per CPU; and Portal Server at $50,000 per
processor or $2,500 per 20-user pack.
McCandless said partners building atop Portal Express can offer solutions
that compete effectively with Microsoft SharePoint-based offerings.
Taken in the aggregate, the Lotusphere offerings present an alternate
platform to Microsoft's stack for building collaborative and "unified
communications." Unified communications is the melding of e-mail, voice-mail and
instant messaging. Microsoft's Office Communications Server, will converge VoIP,
IM and web conferencing.
The happy irony for IBM, and especially its Lotus software group, is that
"the world has come back to groupware," said Dana Gardner, principle with
Inter-Arbor Solutions, a Gilford, N.H.-based consultancy. "Eight years ago,
there was a notion that the world had moved away from groupware-and so from
[Lotus] Notes, Domino and that the Web, portals and SaaS would sidestep all
that," he said.
Now, Gardner continued, "social networking and Enterprise 2.0, where you
take social networking things like blogs and wikis and collaboration and apply
them to an enterprise environment, you actually see a lot of
convergence."
IBM Lotus execs at the show in Orlando last week, pitched the array of
social networking tools as a great opportunity for VARs and solution providers
to enhance and extend both those applicatoins htemselves but also build out from
Domino-based infrastructure.
And as customers continue to need both synchronous and asynchronous (aka
real-time and non-real-time) communications and as voice messaging moves to IP
networks, "for-real" unified communications is coming to the fore.
At Lotusphere, IBM highlighted partners Nortel and Cisco, in its video
presentations. Nortel and Cisco are publicly front-and-center in Microsoft's
communications game plan. But most observers say Cisco, in particular, has its
own strong ambitions in unified communications that put it at loggerheads with
these other players.
The question then becomes: Which tech giant from the previous era--
Microsoft, IBM, Cisco, or other-- will seize this bull by the horns and win the
battle?
IBM develops 'identity
mixer'
Researchers at IBM's laboratory in Zurich, Switzerland have developed a software
named 'Identity Mixer' that will allow users to safeguard their personal
identity or information on the web.
BizReport
By Som Patidar
January 27, 2007
http://www.bizreport.com/2007/01/ibm_develops_identity_mixer.html
The software will enable consumers to purchase goods and services on the
Internet without disclosing personal information.
"When people don't have to disclose their personal information on the
Web, the risk of identity theft is dramatically reduced," says John Clippinger,
senior fellow at the Berkman
Center for Internet and Society at
Harvard
Law School.
"The ability to anonymize transactions using Identity Mixer has the
potential to bolster consumer confidence, opening digital floodgates to new
forms of Internet commerce."
IBM will contribute Identity Mixer software to Eclipse Higgins Projects, an
open source effort dedicated to developing software for 'user-centric' identity
management.
IBM's Invisibility Cloak
Forbes
By Lisa Lerer
January 26, 2007
http://www.forbes.com/business/businesstech/2007/01/25/ibm-identity-security-tech-security-cx_ll_0126ibm.html
IBM on Friday said it had developed software that will allow consumers to
make purchases and other sensitive transactions on the Web without disclosing
their identity. In theory, the software could help spur e-commerce, but IBM and
several partners are most interested in using it as a first step toward creating
a secure universal identification system.
The software, called Identity Mixer, masks the standard information
exchanged during online shopping, like names and credit-card numbers. "One of
the biggest security and privacy issues is personal information getting
exposed," says Tony Nadalin, IBM's chief security architect. "This is a set of
technology that allows you to blind or use a pseudonym to mask that
data."
The software, which hasn't been formally released yet, could
theoretically work for online retailers as well as financial institutions and
health-care providers. A complex set of algorithms will allow Apple's iTunes to
verify the authenticity of a credit card without requiring a consumer to
actually hand the information over to Apple.
Idemix is the first release from Project Higgins, an open source project
that aims to create a secure universal ID. If Higgins succeeds, users will be
able to show the same ID for their e-mail as for their bank or change an address
across all their online accounts with a single keystroke. The project's backers
say that would increase an individual's control over their identity. For
instance, they could grant their insurance company broad access to their records
while limiting the amount of information available to their cable
company.
IBM, Novell, Parity Communications, the Eclipse open source foundation,
and the Berkman Center for Internet and Society at Harvard Law School are partners in the project, named
after a long-tailed Australian mouse.
Higgins partners say they will create the code to power the new ID format
and then to offer it for free. Ideally other technology companies will build
their applications off of Higgins tools, allowing them to share the identity
information authorized by the user. "To move online security to the next level,
there has to be fundamental resolve among consumers, government and business to
quickly adopt a system where the individual has more control over how
information about them is managed and shared," said John Clippinger, senior
fellow for The Berkman Center.
Why would for-profit companies, like IBM and Novell, offer a service for
free? In part to block Microsoft, which recently developed its own ID management
system called CardSpace. Originally name "InfoCard," Microsoft's new ID system
gives users a common ID that will work across any Windows application.
Eventually, Microsoft hopes to expand beyond Windows applications into adoption
by banks, credit cards and online retailers. CardSpace comes including in
Vista, Microsoft's new operating
system.
CardSpace is Microsoft's second attempt at identity management. The
first, Passport, was introduced in 1999. Passport aimed to simply shopping by
allowing consumers to use the same sign-on across multiple sites. But the
service never really caught on, as other companies failed to adopt the
technology.
Higgins hopes it will succeed where Microsoft has failed. But it's not
going to be easy. "People want to keep information about you," says Nadalin.
"Higgins will be a little bit of a paradigm shift in how people work online."
IBM tool makes online purchases
anonymous
SearchSecurity.com
By Robert Westervelt
January 26, 2007
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1240857,00.html
If a new software tool goes mainstream, Web surfers could gain control
over who has access to their bank account and credit card numbers when making a
transaction online.
New software developed by a team of IBM researchers eliminates the need
to reveal personal information to an online merchant by using algorithms to
confirm a bank authorization for purchases. Called Identity Mixer, the software
eliminates the data trail left when making an online purchase by using
artificial identity information or pseudonyms.
IBM said the Identity Mixer works by allowing a computer user that has
the software to get an anonymous digital credential, or voucher, from a trusted
third party. A bank would provide a credential containing a credit card number
and expiration date, and when an online purchase is made, the Identity Mixer
software digitally seals the information by transforming the credential so the
user can send it to the online merchant.
"Identity management started from an enterprise point of view, but we're
realizing that the next big wave is user-centricity," said Michael Waidner,
manager of emerging technologies at the IBM Zurich Labs, where the software was
developed.
IBM researchers started developing the tool in 2001, Waidner said.
Waidner said the next step to make Identity Mixer viable is to convince big
enterprises such as financial institutions to use the systems that accept the
credentials. IBM plans to do its part by incorporating the Identity Mixer
technology into its Tivoli identity management software suite, he
said.
Big Blue is also contributing the software to the Eclipse open source project,
called Project Higgins.
While the software is a step in the right direction for consumers it is
far from being ready for primetime, said Andrew Jaquith a senior analyst at the
Boston-based Yankee Group. Before consumer adoption could take place,
enterprises must build systems that accept Identity Mixer credentials and
developers must create easy to use tools that embed the Identity Mixer
technology.
"If you are requiring enterprises to adopt something like this then your
putting a substantial barrier to acceptance in place," Jaquith said.
The new tool is the first user-centric online payment method produced by
a large vendor, but Microsoft has deployed a similar technology in its new
Vista operating system and other vendors have
been talking about similar security tools for consumers, he said.
"The problem is that customers really are only concerned about their
privacy when they're exposed and the rest of the time they don't think about it
so much," Jaquith said. "The fact that IBM is turning it over to Eclipse is an
indication that it doesn't see this as being commercializable."
The Eclipse Higgins project was announced in February 2006 by the
Berkman Center for Internet and Society at Harvard Law School. IBM, Novell and Parity
Communications are taking an active role in the project.
The project's goal is to develop software for consumers to actively
control who has access to their online personal information, such as bank
account and credit card numbers, or medical and employment records, rather than
having institutions solely manage that information as they do today.
Remaining anonymous to communicate on the Web is not difficult, according
to Jacquith. For example, Tor, an open source peer-to-peer network of routers
lets users keep their IP addresses private as they connect to Web servers. Web
proxies can also be used to keep Web surfing anonymous, he said.
IBM's 'Need to Know'
Software
Dark Reading
By Tim Wilson
January 26, 2007
http://www.darkreading.com/document.asp?doc_id=115639&WT.svl=news2_1
You've seen it before: A Website wants to verify that you're over 18, so
they require you to enter a credit card number. They want to prove that you're a
U.S. citizen, so they require a
driver's license number or Social Security ID. And there you go again -- putting
your entire electronic identity at risk just to enter an electronic contest or
buy online movie tickets.
Can't Websites find a way to get the data they need without forcing you
to input the very information that identity thieves crave?
Later this year, some Websites may be able to do just that. IBM today
announced software that allows people to hide or make anonymous their personal
information on the Web. Developed by researchers at IBM's laboratory in
Zurich, Switzerland, the software (codenamed
Identity Mixer, or Idemix for short) will enable consumers to purchase goods and
services on the Internet while disclosing only the personal information the
merchant truly needs to know.
As consumers hand over personal details in exchange for downloading music
or subscribing to online newsletters, they leave a data trail that reveals
pieces of information about the size, frequency, and source of their online
purchases. This can be traced back to the user, IBM observes. IBM's Idemix
software eliminates that trail by using artificial identity information --
called "pseudonyms" -- to make online transactions anonymous.
For example, the software allows people to purchase books or clothing
without revealing their credit card number. It can confirm someone's spending
limit without sharing their bank balance, or provide proof of age without
disclosing date of birth.
Essentially, Idemix is a cryptographic go-between, explains Nataraj
Nagaratnam, chief architect for identity management at IBM's Tivoli unit. "It lets the
user establish trust without giving up their privacy."
With Idemix software, a user can get an anonymous digital credential, or
voucher, from a trusted third party, like a bank or government agency, such as
the Department of Motor Vehicles. A bank would provide a credential containing a
credit card number and expiration date, and when an online purchase is made, the
Idemix software digitally seals the information by transforming the credential
so the user can send it to the online merchant.
By using sophisticated cryptographic algorithms, the Idemix software acts
as the middleman confirming bank authorization for the purchase -- so the real
credit card numbers are never revealed to the merchant. The next time a purchase
is made, a new, encrypted credential would be used.
"When people don't have to disclose their personal information on the
Web, the risk of identity theft is dramatically reduced," explains John
Clippinger, senior fellow at the Berkman Center for Internet and Society at Harvard Law School. "The ability to anonymize
transactions using Idemix has the potential to bolster consumer
confidence."
IBM will contribute its Idemix software to the Eclipse Higgins project, an open
source effort dedicated to developing software for "user-centric" identity
management. As Nagaratnam explains it, the goal is to create a "digital wallet"
in which the user can establish various "tokens" of trust and authentication,
such as credit cards, driver's licenses, bank accounts, and so forth. Depending
on the online transaction, the user could supply one or more of these tokens to
provide the necessary third-party verifications -- without actually giving the
token to the merchant.
IBM plans to deliver Idemix later this year, and it will probably be
another year or two before the fruits of Idemix and the Higgins project will
become widely available to consumers, Nagaratnam says. But technologies such as
Idemix and Microsoft's CardSpace -- a function of Vista -- will eventually help
end users build a secure way to store personal information while continuing to
do business online, he says.
"The market is finally going to have its chance to test the theories and
the hype behind the electronic information card," said Mike Neuenschwander,
research director for Burton Group's Identity and Privacy Strategies service, in
a report issued earlier this week. "With the appearance of Microsoft CardSpace,
user-centric identity technologies are moving off the discussion boards and into
products."
Can open source lead to better
identity?
ZDNet
By Dana Blankenhorn
January 26, 2007
http://blogs.zdnet.com/open-source/?p=920
Folks have been working toward better online identity for over a decade.
It was assumed there was a lot of money in it. (Swayspace, where this image
lives, works on developing corporate identities, which is a profitable
business.)
Well, there is a lot of money to be saved in better identity. But it's
increasingly unclear whether there is much to be made.
For the second time in two days, a major identity project
has gone open source. This time it's IBM's Identity Mixer software, donated to
the Higgins Project at the Eclipse
Foundation. Higgins is a response to Microsoft's InfoCard project.
Yesterday, as I noted briefly in my story about Roboform, elements of the
Liberty Alliance's identity technology went open source, under the Apache 2.0
license, as OpenLiberty.
Identity has proven to be one of those chicken-and-egg problems that defy
solution. A solution requires cooperation among merchants, individuals and
transaction processors, as well as government entities, across all
industries.
Even making solutions open source may not be enough to
get everyone on board with a reliable Internet identity standard. Which means
your identity will remain as easy to steal as a phone number.
Anonymous IBM
Internetnews
By Clint Boulton
January 26, 2007
http://www.internetnews.com/security/article.php/3656136
Anonymizers have built up a strong following due to a flurry of
identity-theft cases that have plagued the industry. IBM's Tivoli group is throwing
its hat into the anonymizer ring.
Identity Mixer is a piece of software that allows people to hide their
personal information on the Web to protect them from ID theft and other foul
play.
Called Idemix for short, the software was written by researchers at IBM's
laboratory in Zurich,
Switzerland, to
let consumers purchase products and services online while keeping their personal
information safe.
When consumers enter personal details in an e-commerce storefront in
exchange for a product or service, they leave behind a data footprint revealing
the size, frequency and source of their online purchases.
Idemix uses artificial identity information, known as pseudonyms, to
eliminate the digital tracks, making online transactions anonymous so real
identity information can never be intercepted or exposed. Specifically, the
software lets people make purchases without revealing their credit card numbers,
or their home addresses.
Idemix users get an anonymous digital credential, or voucher, from a
trusted third party, such as a bank. The bank provides a credential that
includes a credit card number and expiration date.
When an online purchase is made, the Idemix software digitally seals the
information by transforming the credential so the user can send it to the online
vendor. A new encrypted credential is used for subsequent purchases.
The announcement comes ahead of the RSA Conference in San Francisco where
companies such as Microsoft will announce their own security plans.
Microsoft Chairman Bill Gates and other officials are expected to discuss
the company's CardSpace ID management software and other security products
during a keynote on Feb. 6.
IBM said Idemix will form a new privacy layer for the Eclipse Higgins project, an open
source movement to create ID management software and an alternative to
Microsoft's CardSpace.
Nataraj Nagaratnam, chief architect of identity management for IBM
Tivoli, said Idemix could make the Higgins software a more palatable, if not
potent alternative to CardSpace because it puts the control of personal
information into the hands of the users instead of the organizations' the user
is conducting business with.
The "do-it-yourself" privacy represents a reversal of current trends,
where banks, e-commerce shops and other companies are responsible for masking
their customers' identity.
But savvy Web users, as evidenced by the growing number of Web breaches
in the last few years, are easily able to break through a business or service
provider's computer defenses.
IBM believes Idemix's user-centric approach will ultimately provide more
reliable security for consumers; individuals can control who has access to their
online personal information, rather than having companies manage that
information as they do today.
When Idemix is ready, IBM plans to add the software to the federated
identity management software in its Tivoli line.
IBM software hides consumer data
trail
Idemix, part of Eclipse, will hide online
transactions
InfoWorld
By Paul F. Roberts
January 26, 2007
http://www.infoworld.com/article/07/01/26/HNibmdatapriv_1.html
IBM on Friday unveiled a new open source software project, IBM Identity
Mixer, or "Idemix," that the company said will mask consumer information
exchanged in Web transactions and helping to combat online identity
theft.
Idemix was created by IBM researchers in Switzerland and
will enable consumers to purchase goods online without disclosing sensitive
information. The new technology acts as a middle man in online transactions
between merchants and consumers. The software creates "pseudonyms" for online
transactions that satisfy requirements for sensitive information, such as credit
card number, social security number, date of birth or driver's license number,
without actually providing the information, according to a statement from the
company.
IBM plans to contribute Idemix to the Eclipse Open Source Foundation's
Project Higgins, an open source identity management framework backed by IBM,
Novell and Harvard
University.
Idemix will be a privacy layer for Higgins that will allow pseudonyms to
be shared between Higgins-compliant systems. That will mean that sensitive
information does not need to be replicated between multiple, third party systems
in an identity management solution, IBM said.
Trusted third parties (banks or government agencies) will issue vouchers
to systems build using Idemix that contain the confidential information (say, a
bank account number). When online purchases are made, Idemix seals the IBM will
digitally sign and seal the information so that it can be transmitted online,
the company said.
That kind of secure transaction was the vision behind Higgins, the open
source project that IBM and Novell announced in February, 2006
(infoworld/3935).
Higgins, which also involves, Harvard Law
School's Berkman Center for Internet and Society, is
intended to develop identity management technologies that make it easier for
consumers to control the use of sensitive identity information online and
between Web sites, and to give users control of their own
information.
Security for sensitive data is a pressing issue for consumers and
companies alike. The theft of customer financial data from TJX Co.
(infoworld/4964), OfficeMax, CardSystems Inc. and others has highlighted the
problem of proliferating online data within and between companies.
Higgins is just one effort to tackle that problem. In November, Oracle
Corp. announced the Identity Governance Framework, an initiative to develop
specifications for sharing identity data between applications.
(infoworld/4965).
In addition to providing the Idemix software to Eclipse, IBM will
incorporate it with its Tivoli identity management software.
New IBM Software Lets Consumers Shop Online
Anonymously
IBM's Identity Mixer software lets consumers use a
"token" to make purchases online without revealing personal
information.
InformationWeek
By Paul McDougall
January 26, 2007
http://www.informationweek.com/story/showArticle.jhtml?articleID=197000899&cid=RSSfeed_IWK_All
In the latest effort to stamp out the multibillion dollar problem of
identity theft and electronic fraud, IBM said Friday it has created software
that allows consumers to shop online without revealing key data like their
credit card or social security numbers -- or in some cases even their
name.
With IBM's Identity Mixer security software, consumers wishing to
purchase an item online can obtain an encrypted software 'token' from their bank
or credit card company. The encoded token would confirm that the consumer has
the necessary funds for the transaction, but would not reveal specific financial
details or personal data to the merchant. The merchant would then reconcile the
transaction with the bank, which would have to have software that works with
Identity Mixer.
The set-up could also be used by consumers wishing to prove to an online
site that they are of legal age without actually disclosing their birth date.
"The merchant would know you are old enough to enter their site, but nothing
else," says Jan Camenisch, a researcher on the project at IBM's research lab in
Zurich, Switzerland.
IBM has released the technology to the open source software community
through the Higgins Project -- an industry wide effort sponsored by The Eclipse Foundation to create
privacy technology based on open standards.
It will be up to commercial developers to use the technology to create
consumer-friendly tools, such as browser add-ons, that embed Identity Mixer.
"It's not going to be too useful to consumers until someone comes along and
builds a usable product that also has some major banks and merchants behind it,"
says Mike Neuenschwander, an analyst at Burton Group.
There's also the question of whether online retailers will invest in the
back-end computer technology required to accept the tokens. Camenisch thinks
they already have a strong incentive to do so. "Having this system in place will
limit their liability in the event of data loss," he says.
Microsoft is developing its own so-called user centric privacy protection
software, raising the question of whether consumers will be faced with a
VHS/Betamax issue when it comes to choosing security tools for online shopping.
Microsoft's Vista operating system offers a
feature called Cardspace. It can be used to create virtual cards on the desktop
containing varying amounts of personal information depending on the intended
use.
A Cardspace user can create a card that stores the minimum amount of data
required for, say, signing up for an online auction site. Clicking on the card
initiates the transaction. "The question is to what extent Microsoft will
incorporate the open standards into their own technology," says Neuenschwander.
IBM Software Aims to Prevent Online Identity
Theft
eWeek
By Brian Prince
January 26, 2007
http://www.eweek.com/article2/0,1759,2087843,00.asp?kc=EWRSS03119TX1K0000594
Researchers at IBM have created a new shield for personal information in
an effort to prevent identity theft online.
Code named Identity Mixer, or Idemix for short, the software was crafted
by IBM researchers at the company's laboratory in Zurich, Switzerland, and will let customers
purchase goods and services online without revealing their personal
information.
To Jan Camenisch, the lead researcher on the project, it all makes
perfect sense: minimize the number of parties with personal information, and the
threat of the data being compromised diminishes.
"I think that's the first step in safeguarding your data," he said. "If
they have it encrypted, they can't lose it."
Idemix works by allowing the consumer using the software to get an
anonymous digital credential, or voucher, from a trusted third party, such as a
bank. Government agencies can also serve as third parties, Camenisch
said.
.
The bank would provide a credential containing a credit card number and
expiration date that would be digitally sealed by the Idemix software when an
online purchase is made. As a result, the real credit card numbers are never
revealed to the merchant. A new encrypted credential would be used every time a
new purchase is made.
"When people don't have to disclose their personal information on the
Web, the risk of identity theft is dramatically reduced," said John Clippinger,
senior fellow at the Berkman
Center for Internet and Society at
Harvard
Law School, in a prepared statement. "The
ability to anonymize transactions using Idemix has the potential to bolster
consumer confidence, opening digital floodgates to new forms of Internet
commerce."
IBM will contribute its Idemix software to the Higgins project, an
open-source effort led by the Eclipse
Foundation aimed at developing user-centric software to manage and
protect user identities.
A user-centric approach means individuals can actively and securely
control who has access to their online personal information, such as bank
accounts, credit card numbers and medical records rather than having
institutions manage the information, IBM officials said.
Currently, the software's code is going through the Eclipse Foundation's
IP review process, IBM officials said. Once that's completed, the code will be
available on Eclipse through the Higgins Project.
The Idemix software will provide the required added layer of privacy to
the Project Higgins framework for true user centric identity management, IBM
officials said. IBM plans to incorporate the Idemix technology into its
Tivoli software
portfolio of federated identity management software, Camenisch said, adding that
he thinks the software offers more protection than Microsoft's
Cardspace.
Information security analyst Jon Oltsik said he is optimistic that the
fact the software is open source would have a positive impact on the speed of
its widespread adoption.
"In the identity space, we've seen a lot of progress with open standards
for federated identity," said Oltsik, of Enterprise Strategy Group,
headquartered in Milford, Mass. "There is no reason why open source wouldn't
follow suit. Also, this is being managed by the Eclipse Foundation, which is
getting a lot of enterprise and industry attention."
He added that the software has the potential to be effective in reducing
the risk of personal data being compromised by businesses.
"Idemix lets a user control who has access to what data," Oltsik said.
"In addition, it can work as a trusted response. Rather than asking my bank for
an exact bank balance, a mortgage company could ask a yes-no question, like,
'Does this person have a balance in excess of $25,' and get a trusted yes-no
response. In this way, we can pass the information necessary for transactions
while protecting other private data."
Ron O'Brien, a senior security analyst with Sophos, said many people have
become cautious online and are skeptical of e-commerce because of security
concerns. This software, he said, can go a long way in giving online shoppers
peace of mind.
"I think this is a huge first step in terms of keeping people using the
Internet as it was intended," he said.
IBM Donates Privacy Code to Open Source
Project
LinuxInsider
By Erika Morphy
January 26, 2007
http://www.linuxinsider.com/story/linux-security/55408.html
The Higgins Trust Framework Project is the recipient of IBM code that may
allow users to hide their personal information on the Internet. Identity Mixer,
the donated software, permits consumers to enter anonymous digital credentials
from a bank or government agency to buy a product or enter a Web site that asks
for a birth date.
IBM has donated code to Eclipse's Higgins Trust
Framework Project that it could potentially develop into a tool that allow users
to hide or make anonymous their personal information as they conduct business on
the Web.
Although a product release is about a year or more away, its potential is
intriguing, especially as there are no other comparable products on the market
at the moment, Mike Neuenschwander, vice president and research director for the
Burton Group, told TechNewsWorld. Additionally, a Canadian firm is about to
launch a similar product, he noted.
Real World Applications
The donated software, called "Identity Mixer," allows consumers to
present anonymous digital credentials, or vouchers, from a bank or government
agency such as the Department of Motor Vehicles to buy a product or enter a Web
site that asks for a birth date.
"Using the original provider as verification is what is unique about this
process," Anthony Nadalin, distinguished engineer and chief security Barracuda
Spam Filter - Free Evaluation Unit architect for IBM's Tivoli Software, told
TechNewsWorld.
For example, someone who wants to purchase music online would receive
from a bank a credential containing a credit card number and expiration date.
The Identity Mixer software transforms the credential so the user can send it to
the online merchant. The real credit card number has not been revealed to the
retailer -- just the confirmation that it was a legitimate purchase.
There are any number of real world applications Get the Facts on
BlackBerry Business Solutions for which this could be used. Certainly, shopping
online is at the top of the list, especially because multiple retailers and
other Web service providers continue to losing customer information through
negligence or theft.
Reveal Less
Another use would be for a site that requires its users to be over 18.
Normally, such sites ask for a birth date to prove that, Neuenschwander said,
and that particular data Free Trial - Way Beyond CRM - Learn how Landslide can
help you. is also useful to identity thieves. Using this new tool, the consumer
would just present a certificate stating he or she was over 18.
While it won't completely solve the burgeoning problem of identity theft,
Neuenschwander said, a commercial release of the product would certainly
help.
"The less you reveal about yourself online the better and such a tool
would let you do that," he stated.
The Higgins project, an open source Latest News about open source
initiative for "user-centric" identity management applications -- that is,
applications that allow users to control who can access their own information --
was announced in February 2006 by IBM, Novell (Nasdaq: NOVL) Latest News about
Novell, the Berkman Center for Internet and Society at Harvard Law School and
Parity Communications.
IBM also plans to incorporate the Identity Mixer technology into its
Tivoli software
portfolio of federated identity management software.
It's Jaw-Jaw and War-War for Java and
NetBeans
New membership, old
rules
The Register
By Gavin Clarke
January 26, 2007
http://www.regdeveloper.co.uk/2007/01/26/eclipse_jcp_netbeans/
It's business as usual between Eclipse and NetBeans, despite Eclipse's
decision this month to join the Java Community Process (JCP).
Mike Milinkovich, Eclipse executive director, told The Register that the
Eclipse and NetBeans tools environments will continue to compete as separate
entities. NetBeans uses the Swing Java toolkit that is developed through the
activities of the JCP, while Eclipse is based on Single Widget Toolkit (SWT)
Java architecture.
Indeed, Eclipse is set to ramp up the competition in terms of technology
and level of community support, with the simultaneous release this summer of 22
Eclipse projects for the first time under an initiative called
Europa.
This is designed to ensure a high degree of interoperability between
different projects - spanning Aspect Oriented Programming (AOP), team-based
programming, and rich clients - and increase reliability.
That's intended to help Eclipse raise its game as a commercial platform,
targeting independent software vendors and customers.
"We have an amazing culture that values predictability. We are interested
in more commercial adoption, and predictability is the value adopters are
looking for. They want to know they can rely on the schedule coming from
Eclipse," Milinkovich said.
In recent months Sun has added many enterprise-class features to NetBeans
from its Studio suite, a fact that last week earned NetBeans faint praise from
the Burton Group, who politely told InfoWorld NetBeans has become a "more viable
alternative" to Eclipse. The emphasis here is on "more". Instead, NetBeans has
been dinged for not following Eclipse and reaching outside the IDE into broader
areas of development and lifecycle management.
While Milinkovich ruled out convergence between Eclipse and NetBeans,
killing one very healthy piece of conjecture over possible outcomes from Eclipse
joining JCP, it remains unclear why Eclipse signed up in the first place.
There's already a lot of overlap between the two groups, as individual- and
company level Eclipse members also participate in JCP activities.
Officially, it's now all about giving back to the Java community, having
taken advantage of its specifications and technologies since 2001.
According to Milinkovich, Eclipse is "still looking to see what it would
take for Eclipse committers to get involved in JSRs [Java Specification
Requests] and expert groups." Issues around intellectual property are "very
complex," he noted.
For the record, Milinkovich - once again - extended his offer to Sun to
join Eclipse.
Aperi stalled, dead
even?
TechWorld
By Chris Mellor
January 26, 2007
http://www.techworld.com/storage/blogs/index.cfm?entryid=378&blogid=3
The initial Aperi storage system management code is ready to be used but
is anybody actually going to do anything with it?
The Eclipse web site states; "The Aperi initial code contribution has
been approved by the Eclipse Foundation legal team and is now publicly available
under the EPL license for download." Storage vendors can get the code and then
develop their storage management facilities in its framework. NetApp's Jay Kidd,
in charge of emerging technologies activities, wonders who is actually going to
use it?
He reckons most storage system management products make it easy for other
products to view what is going on in the storage devices/software under control;
the view APIs, but make it harder to control what's going on, the control
APIs.
My take on this is say, suppose an Aperi member, like Brocade, wants to
make its Aperi product look after HDS TagmaStore devices. HDS isn't in Aperi.
Then it would be relatively easy for the Brocade Aperi product to find out the
status of those devices but hard for it to get those devices to actually do
something.
HDS, EMC, NetApp, Symantec, Sun, Qlogic, HP ... the number of storage
suppliers not in Aperi has to exceed in market and customer coverage the ones
inside Aperi: Brocade/McData, CA, Cisco, Emulex, Fujitsu, IBM, LSI Logic, NetApp
and Novell.
Kidd said: "Aperi will be a very good idea. Its adoption has been a
little slow. EMC has said it's not going to invest in Aperi. We'll work with
Aperi but others need to work on it to make it worthwhile."
That's the kicker. The anti-Aperi group members won't invest. Will Aperi
group members?
NetApp and every other storage supplier knows that a heterogeneous
storage monitor at this stage of events is a wished-for feature and not a
product. So do we all.
In effect, vendor's storage management products have open view APIs and
closed or private control APIs. Even if Aperi members do produce fully-featured
Aperi-compliant storage management products, meaning open view and control APIs,
the non-Aperi members will not, and heterogeneous storage management will recede
into the future like a mirage in front of a desert traveler.
It might be that the Aperi exercise is a time-wasting diversion.
Alternatively it would be better for customers if Aperi group members did
produce a heterogeneous storage management product that worked with Aperi group
member's products even if the great unwashed remained outside. Half a loaf is
better than none.
What is the point of the SNIA if, in the storage management sphere, it
cannot get vendors to co-operate and produce storage management products that
storage customers want? At the moment HP's Storage Essentials looks like the
leading storage system management product because HP is putting resources behind
it and the AppIQ team produced a great initial product. Whether Storage
Essentials can overcome the control API inertia facing it though, that is the
question.
For now we may as well come out with it and say that, like Monty Python's
Norwegian parrot, Aperi is stalled if not dead.
Despite group members' assertions that this still-looking, non-moving,
non-breathing, silent creature is actually alive and well, the opposite view
says that the Eclipse Foundation project is actually only a nail holding the
dead beast upright on its perch.
Eclipse Project Higgins Demos
Interoperability
ComputerWire
January 26, 2007
With the RSA Conference coming up next week, the Eclipse foundation wanted to
demonstrate that it actually has accomplished something with Project Higgins, an
open source personal identity management project launched by IBM, Novell, and
Parity Communications almost a year ago.
There will be a demonstration of interoperability between Higgins and
Eclipse Project Bandit (a Novell-led effort to build authentication,
authorization, and auditing components) to enable a Liberty ID to federate with the rival Microsoft-based
CardSpace.
In the demo, identity data was taken from a Liberty-based source, using
Bandit to abstract the authentication of identity data, and the Higgins API to
integrate identity, profile, and relationship information across heterogeneous
identity management protocols, and feed it to a Media Wiki, which used the
Microsoft CardSpace protocol, to authenticate the requestor and provide the
authorization to either reads, or read and modify the Wiki.
In effect, Higgins would make it possible to create a Liberty identity token
that a Microsoft CardSpace receiver could accept, using identity services that
were componentized using the Bandit APIs.
In conjunction with the RSA demo, IBM has announced that it will
contribute technology to obfuscate the Higgins identity token itself. While
tokens themselves are intended to communicate the user's attributes without
declaring the user's exact identity or other attributes, the obfuscation being
proposed by IBM would add yet a second level of identity protection.
IBM's contribution is still undergoing the standard IP vetting that all
proposed Eclipse contributions undergo, so it is not yet an official part of the
Higgins project., Ands it won't make the official first release.
Project Higgins was named after an obscure Tasmanian mouse-like creature
whose tail touches just about everything. It's designed to automate interactions
between end users and online providers without requiring log-ins.
At this point, the Higgins project is at the version 0.7 milestone, and,
with maybe a few exceptions here and there, has frozen most of the features
planned for the 1.0 release, which is tentatively set for late summer. With the
demo, Higgins is showing that the basic token service and identity attribute
layers are largely complete. The major remaining work is around the front end,
which is set for internal demo to committees shortly.
Eclipse Releases Data Tools Project
1.0
ComputerWire
January 24, 2007
The Eclipse Foundation
has released the first official version of the Data Tools Project. Led by
Sybase, with backing from IBM, the project focused on three objectives:
providing a toolkit for generating relational data structure mappings to objects
and XML, and for extract/transform/load.
The elements cover database drivers that are generated through templates,
database connection profiles, a database table explorer, and SQL tooling. In
other words, it simplifies connection to the back end database. In so doing,
this echoes the Data Window functionality pioneered in the client/server era by
PowerBuilder, which of course is now owned by Sybase.
Give Me openLiberty
Internetnews
By Sean Michael Kerner
January 24, 2007
http://www.internetnews.com/dev-news/article.php/3655671
The Liberty Alliance wants open source developers to use its protocols,
though it isn't about to open source the protocols themselves.
The Liberty Alliance today announced the openLiberty Project, an open
source initiative designed to offer developers tools for integrating the privacy
and security capabilities of Liberty Federation and Liberty Web Services into
identity-based services.
The initial focus is to enable open source developers to take advantage
of the ID-WSF Web Services Consumer (WSC) libraries, which were ratified in
October.
"Although the Liberty Alliance is sponsoring the launch of openLiberty,
it is a distinct and separate effort from the Liberty Alliance," Jason Rouault,
vice president of the Liberty Alliance Management Board and CTO of identity
management software at HP, told internetnews.com.
"openLiberty is strictly about developing code and toolkits based upon
the Liberty
protocols. The Liberty Alliance is about defining federation- and identity-based
Web service specifications."
In short, Rouault said users who want to develop or use Liberty-based
open source code should participate in the openLiberty community; to define
specifications, users or organization should become a member of the Liberty
Alliance.
"The reason that this is happening now is to address the need for secure
and privacy-friendly, identity-based Web services, which is the main focus of
Liberty at this
point in time," Rouault said.
"Developers and implementers are getting past the initial stages of
federation that deal strictly with single sign-on, and are now looking at the
additional value of secure discovery and attribute sharing."
Rouault also noted that openLiberty Project was created because there are
no existing open source efforts addressing developer needs in this particular
portion of the federation space.
Rouault does not see the Eclipse Foundation's Higgins
framework as a competitive effort. Higgins provides an open source framework for
managing identity online; Rouault called Higgins' "complementary" to
openLiberty.
"I can envision an effort to develop an Eclipse Higgins plug-in taking
place at openLiberty," Rouault said.
Moreover, Rouault is hoping more application developers will take
advantage of the security and privacy benefits of ID-WSF when identity-enabling
their Web service applications.
Associate membership in the Liberty Alliance will set you back $2,500,
though non-profit organizations can join for free.
Eclipse Data Tools Platform
offered
InfoWorld
By Paul Krill
January 23, 2007
http://weblog.infoworld.com/tcdaily/archives/2007/01/eclipse_data_to.html
The Eclipse Foundation
on Tuesday released Eclipse Data Tools Platform (DTP) 1.0, which is an open
source project featuring frameworks and tools for developing data-centric
applications in the Eclipse environment, Eclipse said.
Developers with DTP 1.0 can leverage existing data sources, such as
enterprise databases, with the Eclipse Platform.
"DTP 1.0 provides a rich set of frameworks that solve real-world issues
related to the development of data-centric applications," said Mike Milinkovich,
executive director of the Eclipse Foundation, in a statement released by
Eclipse. "The growth and momentum of the Eclipse data tooling platform project
has resulted from the efforts of committers from the Eclipse community,
including many from Sybase, IBM and Actuate."
DTP 1.0 simplifies development of data-centric applications in
heterogeneous environments by offing agile development tools. It features
components for model-driven development and connection management as well as a
data access framework and SQL development tools.
Macraigor joins Eclipse
InfoWorld
By Paul Krill
January 23, 2007]
http://weblog.infoworld.com/techwatch/archives/009842.html
Macraigor Systems on Tuesday announced availability of a free Eclipse-compliant debugging
solution for embedded systems and is joining the Eclipse Foundation.
The embedded debugging offering provides embedded systems engineers with
a platform for development and debugging with the Eclipse platform. Macraigor
also said it was joining Eclipse as an Add-In Provider. Macraigor will work with
Eclipse projects including the C/C++ Developer Toolkit to boost embedded
development.
The debugging solution, called the Macraigor Eclipse + GNU Tools Suite,
packages the Eclipse 3.2.1 IDE, open source GNU tools and a program called
OCDRemote, to interface between Eclipse, the GNU debugger and a Macraigor
On-Chip debug device.
"Eclipse is rapidly becoming the development environment of choice for
building and debugging embedded systems," said Craig Haller, chief engineer of
Macraigor, in a statement released by the company. "By incorporating the free
GNU development and debugging toolset into Eclipse, we are making it possible
for embedded systems engineers to use the tools they are familiar with on a
platform that improves their productivity."
IDEs for Web services -
Eclipse
SearchWebServices
By William Brogden
January 23, 2007
http://searchwebservices.techtarget.com/tip/0,289483,sid26_gci1240284,00.html
Probably the best known open source IDE (Integrated Development
Environment) is Eclipse.
Originally developed by IBM starting in the late 1990s as a development tools
platform in Java, it was released to open source licensing in 2001. An
organization, the Eclipse Consortium, was created with support from IBM and
eight other high tech companies.
In order to dispel the impression that some developers had that Eclipse
was too much under IBM control, a totally independent not-for-profit
organization, the Eclipse Foundation, with its own staff and budget, was created
in 2004. A number of well known software organizations contribute money,
developer time and direction to the foundation.
Developers can now choose from a large number of free and commercial
plug-ins that build on the Eclipse architecture. These include commercial
products from both IBM and competitors since many software tool vendors now use
Eclipse as a stable base for specific toolkits and development environments.
Because Eclipse and most of the plug-ins run on Java, this makes it easy for
tool vendors to reach all major platforms.
There are also a huge number of open source projects and sub-projects
hosted by the Eclipse Foundation and an active community of Eclipse users
contributing and extending plug-ins. For example, Groovy, the open source Java
based scripting language now has a plug-in allowing you to edit, compile and run
Groovy scripts.
The Eclipse architecture
Eclipse supporters feel that they have more than an IDE, they have a Rich
Client Platform created by a core set of functions that runs plug-ins plus
various useful tools such as text editors that can be used to construct an IDE
for a specific set of tools. Although plug-ins can be written in other
languages, it appears that most have been written in Java. Eclipse provides
version support so that you can update specific plug-ins on a case by case basis
directly with the update manager.
The Eclipse user interface is organized as a "workbench" window that
displays "views" (graphic diagrams, editors, resource lists, etc.) of a project
and the resources in a project. The user can customize the location and behavior
of the various views to suit each project.
Integration with standard developer
tools
Like NetBeans, Eclipse provides support for CVS (Concurrent Versioning
System), an open source file management system that can facilitate cooperation
between multiple developers on a project. The highly flexible Ant open source
"build" tool created by the Apache Software Foundation is used to automate
various Eclipse processes. You can even import projects that already have Ant
build files.
Starting with Eclipse 3.1, the popular JUnit toolkit is built in. If you
favor Test Driven Development you will find it easy to create test cases in
Eclipse.
Web service support uses the Apache Axis project version 1.3 for
SOAP-related methods and WSDL4J (Web Services Description Language for Java)
version 1.5.1 for manipulation of WSDL documents. Note that this is not the
absolutely latest version of Axis as there has been a major redesign for Axis2.
The version of the Tomcat Web server provided with Eclipse is also several
generations behind the latest.
I suppose this sort of gap is inevitable as the various open source
development teams go charging off in their own directions. One of the
disadvantages of using Eclipse or NetBeans will be the potential for toolkit
version conflict between the latest and greatest version and the one packaged
with Eclipse.
Web Tools Platform
package
The Eclipse project has a single convenient download package for those
who would like to investigate the tools for Web-related applications. The over
200mb zipped download includes the basic core platform plus a large number of
preconfigured plug-ins.
The Web Standard Tools collection of plug-ins contains tools for
manipulation of documents related to specifications published by organizations
such as the W3C. For example, there are tools for manipulating XML, XSD, DTD and
WSDL documents.
Tools for WSDL
Eclipse has some cool tools for working with WSDL documents. I
experimented with importing a published Web service WSDL file into a Web service
client project in Eclipse as follows:
1. Launch the Web services explorer and go to the XMethods registry
online.
2. Search for a service using the key word "math" - this found one
service.
3. Use the import tool to import the WSDL file to the Eclipse workbench -
the imported file now shows up in the list of project resources.
4. Select the WSDL file and choose the option to open with the WSDL
graphic editor. This brings up a graphic display of all of the WSDL elements for
the available operation. You can easily switch between the graphic and editing
views.
5. Select the WSDL file and choose the "generate client" option. The Java
source files required to execute the client are created and the library jar
files required to execute are added to the project.
Creating a Web service
The Eclipse Web Service Wizard supports two approaches to creating a Web
service called top-down and bottom-up. In top-down development you start with a
service description as a WSDL document. Eclipse guides you through setting up
the options which will control running the Axis toolkit to create Java code
skeletons using the Axis toolkit and Ant tasks.
Bottom-up creation of a service involves starting with a Java class that
is coded with Java "bean" conventions. The Web Services Wizard can guide you
though setting up the parameters needed by the automated process, which creates
a WSDL file and Web service classes.
Conclusion
Eclipse, like NetBeans, enables the developer to take advantage of the
growing volume of high quality open source tools in an integrated environment
and with the support of an active user community. The support for these tools by
IBM, Sun and other major software companies has validated the open source
approach to software development.
Cool Coder Creates Eclipse App for the Arctic
Application Development Trends
By John K. Waters
January 19, 2007
http://www.adtmag.com/blogs/blog.aspx?a=20058
Josh Reed recently spent three months in Antarctica implementing one of the worst-named, but
coolest applications to come across my desk in a month of Sundays-literally.
It's a graphical editing tool called the Paleontological Stratigraphic Interval
Construction and Analysis Tool (PSICAT). He developed it for a group of
international scientists working on the Antarctic geological drilling project,
better known as ANDRILL. Those beparka'd researchers are seeking to ''drill back
in time'' to recover a history of paleo-environmental changes evident in
sediment core samples from below the Antarctic ice shelf.
PSICAT, which Josh would like us to pronounce 'sigh-cat,' but which I
can't help seeing in my head as ''pussycat'' (even the acronym blows), is an
Eclipse Rich Client Platform (RCP) application that he customized to the task of
working with stratigraphic columns. The application allows researchers to input
core descriptions, and to store underlying information, such as the depths at
which sand, ore, mud, fossils, and other materials were found.
''Before, scientists who were interested in particular aspects of the
core-say, two- or three-meter sections that don't have any pyrite or don't have
fractures-would have to search through 1286 meters of images,'' Josh explains.
''But now, because we have the data, I can type in a few things, and bam, spit
out depth ranges for them to go to directly.''
Josh is a soft-spoken (at least on the phone) 24-year-old, studying for
his Masters in Human Computer Interaction at Iowa State
University. When I asked
him for his title, he said, ''Um... Josh.'' But I think the Rochester, Minnesota, native is actually considered the
IT manager of the ANDRILL project.
His academic advisor, Cinzia Cervato, is the one who recommended him for
this gig. She's an associate professor in the Department of Geological and
Atmospheric Studies, as well as a consulting scientist to the ANDRILL project.
When she heard at a conference that the project's sedimentologists were logging
core samples using bulky drawing tools, such as Corel Draw and Photoshop, she
thought there might be a better way, and she thought of Josh.
''I thought that Josh was perfect for the project,'' she told the Iowa
State University News Service. ''I had worked with him for a couple of years
already and knew that he was a great coder.''
The drawing tools the ANDRILL scientists were using were providing them
with pretty diagrams for publication, but they were unwieldy hunks of bloatware
in this context. Josh's initial job was to come up with a leaner, more
specialized tool with just the features the scientists needed.
''Once I started looking at the problem, I realized that the ultimate
solution would be to get away from the images, which just displayed the data,''
Josh says. ''The real solution, for me, was to capture that data, so that they
could do other things with it.''
Josh spent a year and a half working on the software, meeting with
scientists, gathering requirements, and writing code. During that period, he
worked closely with Dr. Chris Fielding, a sedimentologist on the ANDRILL
project.
He built the application with the Eclipse RCP because of the flexibility
its plug-in architecture provided. ''From the beginning we felt that, though we
were developing PSICAT for ANDRILL, this was an application that could be used
by other projects,'' Josh says. ''Even within ANDRILL there are other groups of
scientists who would want their data displayed along with the core log. Eclipse
allowed me to develop the features I needed up front, but it also left the door
open for new features as they were identified, and for customizations for
particular groups.''
He also used the Eclipse Graphical Editing Framework, so he didn't have
write any ''yucky'' graphics code.
Josh blogged about his adventures in the frozen north, and his account is
well worth checking out. Also, the Des Moines Register published some nice shots
of Josh standing next to big hunks of ice. The pix on his blog are
better.
The next time it feels like you're working under harsh conditions,
consider coding in temperatures that dipped to 40 degrees below zero.
BTW: There has always been this weird intrastate rivalry between Josh's
school, Iowa State, and my alma mater, the University of Iowa-at least as long
as I can remember. When I mentioned that I attended UI about a million years
ago, Josh sort of groaned, so I guess that rivalry persists, at least a bit. He
didn't make a big deal out of it, of course, and neither did I. These kinds of
things are silly. Iowa State is a great university, a Big Twelve
school, famed for its science and engineering departments. The fact that it was
once thought of as an agricultural college-an ''ag'' school-is simply part of
its rich history, and in no way diminishes its stature, at least not in my eyes.
I have a brother who graduated from Iowa State and went on to become a medical
doctor. Several of my cousins went there, and not one of them is a farmer. It
would be beneath me to refer to this fine institution of higher learning as
''Moo U'' or ''The Udder U.'' So I won't.
|