[Log In] []

Exploring the science and magic of Identity and Access Management

When we are no longer able to change a situation, we are challenged to change ourselves. — Viktor Frankl

Tuesday, November 25, 2014

#YJJ Architecture: Yellow Jeep Cloud

Yellow Jeep Journey, YJJ Architecture
Author: Mark Dixon
Thursday, March 13, 2014
5:23 pm

Buffer

Yjjcloud

Having previously introduced my thoughts about Yellow Jeep Architecture Users and Instrumenting the Jeep  we can begin to explore what functionality should exist in the Yellow Jeep Cloud. Here are some functions I have considered:

Basic Yellow Jeep Cloud functions:

  • data ingest
  • data storage
  • event processing
  • historical analysis, trending
  • supervisory control functions
  • historical route mapping
  • authentication
  • authorization
  • user registration / profile management
  • user password/credential management
  • API security

Of course, in keeping with modern standards in the API Economy  cloud functions would all be exposed in the Yellow Jeep API, with capabilities such as these:

  • ingest data
  • ingest audio
  • ingest video
  • request raw data
  • request data summary
  • request calculated data
  • request supervisory control data
  • request video stream/segment
  • request audio stream/segment
  • authentication
  • authorization
  • user management

What functionality should I add?  What capabilities do you think should existing in the Yellow Jeep API?

Roll on Yellow Jeep Journey!

 

KuppingerCole: Information Security Predictions and Recommendations 2014

Cloud Computing, Identity, Information Security, Internet of Things
Author: Mark Dixon
Thursday, December 19, 2013
2:53 pm

Buffer

Kuppingercole

Kuppinger Cole just released an insightful Advisory Note: “Information Security Predictions and Recommendations 2014.”  The introduction stated:

Information Security is in constant flux. With the changing threat landscape, as well as a steary stream of new innovations, demand for Information Security solutions is both growing and re-focusing.

I like both the predictions and recommendations in this report.  Here are a few excerpts from my favorite recommendations:

Cloud IAM (Identity and Access Management)

Define an IAM strategy for dealing with all types of users, devices, and deployment models that integrates new Cloud IAM solutions and existing on-premise IAM seamlessly.

API Economy

Before entering this brave, new world of the API “Economy”, define your security concept first and invest in API Security solutions. Security can’t be an afterthought in this critical area.

IoEE (Internet of Everything and Everyone)

Before starting with IoEE, start with IoEE security. IoEE requires new security concepts, beyond traditional and limited approaches.

Ubiquitous Encryption

Encryption only helps when it is done consistently, without leaving severe gaps.

The whole paper is well worth reading.  Hopefully, this post whetted your appetite a little bit.

 

Kuppinger Cole: SAML is Dead. Long Live SAML.

Identity
Author: Mark Dixon
Monday, September 17, 2012
10:18 pm

Buffer

I attended a very thought-provoking Kuppinger Cole webinar last week, entitled, “SAML is Dead.  Long Live SAML,” featuring Craig Burton of Kuppinger Cole and Pam Dingle of Ping Identity.  It is now available as an on demand webcast.  My favorite slide addressed the sheer scale of what we are expecting to see in just a few years.

We are all familiar with big, complex operations now:

  • Large enterprise Identity repositories:  hundreds of thousands
  • Large mobile telephony user repositories: low hundreds of millions
  • Large social media sites: high hundreds of millions

Adding addressable devices and the API’s to support those devices is mind boggling.

  • Devices by 2015:  almost 3 billion
  • API’s to support all those devices: almost 27 billion

Meeting that demand will take some real innovative technology and processes.  The webcast was certainly worth an hour of my time.  I highly recommend it to you.

 

Craig Burton: Digital Identity is core to all this stuff.

Identity
Author: Mark Dixon
Thursday, November 3, 2011
8:16 am

Buffer

This morning I enjoyed reading Craig Burton’s thought-provoking blog post, “The API Computing Magic Troika and the API Economy.” The post centers on:

Three core things that make the Intention Economy work. …

  • Cloud-based code
  • Cheap telephony-data
  • Personal Data Technology

I will not attempt to summarize or paraphrase Craig’s characteristically-lucid commentary, but recommend that you read it.  Please also take a few minutes and read the Programmable Web article Craig mentions, about the accelerating growth of public API’s.

I was particularly intrigued by Craig’s closing comment, echoing a view I have held for years:

Digital Identity is core to all this stuff.

Well said, Craig.

 
 
 
 
 
Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.