I've decided I like wordpress more than ggobler
visit http://iryanb.wordpress.com
Saturday, December 17, 2011
Saturday, September 11, 2010
In the future... there will be a "Betternet"
David Byrne (the original and my favorite talking head) recently posted in his journal thoughts on the impact of the creation of a second fee-based better internet designed for medical, industrial and entertainment purposes.
I do think that the medical and industrial business communities will continue to use VPN / MPLS / IPV6 and emerging private networking technologies for business purposes, and there are currently many dedicated layer 2 dark fibre OC-192 lines already in place today to create enclaves of global private networks (aka hybrid or private clouds).
I agree with Mr. Byrne that a fee-based system for entertainment must be carefully planned with a focus and attention that a team of FAA and DOT Civil engineers would give to the creation of a new interstate freeway for flying cars. However given the huge capital investment required to improve global connectivity, it will likely be we consumers who will drive the final solution with our consumer and tax $pending Vote. I do applaud the work being done in many major cities to bring 1 Gbps connectivity into every home. Beyond that subscribing to private fee based services for premium content that we 'must have' is still status quo, and one may go on to conclude that it is the media companies with the most secure, and speediest networks that will win the eyeballs of the audience and the rights to distribute premium content.
Let's pause to reflect on an artistic commentary on the future by David Byrne in an audio CD and DVD video called "The Knee Plays."
Knee Play 12
In the Future
In the future everyone will have the same haircut and the same clothes.
In the future everyone will be very fat from the starchy diet..
In the future everyone will be very thin from not having enough to eat..
In the future it will be next to impossible to tell girls from boys, even in bed.
In the future men will be "super-masculine" and women will be "ultra-feminine."
In the future half of us will be "mentally ill."
In the future there will be no religion or spiritualism of any sort.
In the future the "psychic arts" will be put to practical use.
In the future we will not think that "nature" is beautiful.
In the future the weather will always be the same.
In the future no one will fight with anyone else.
In the future there will be an atomic war.
In the future water will be expensive.
In the future all material items will be free.
In the future everyone's house will be like a little fortress.
In the future everyone's house will be a total entertainment center.
In the future everyone but the wealthy will be very happy.
In the future everyone but the wealthy will be very filthy.
In the future everyone but the wealthy will be very healthy.
In the future TV will be so good that the printed word will function as an art form only.
In the future people with boring jobs will take pills to relieve the boredom.
In the future no one will live in cities
In the future there will be mini-wars going on everywhere.
In the future everyone will think about love all the time.
In the future political and other decisions will be based completely on opinion polls.
In the future there will be machines which will produce a religious experience in the user.
In the future there will be groups of wild people, living in the wilderness.
In the future there will be only paper money, which will be personalized.
In the future there will be a classless society.
In the future everyone will only get to go home once a year.
In the future everyone will stay home all the time.
In the future we will not have time for leisure activities.
In the future we will only "work" one day a week.
In the future our bodies will be shriveled up but our brains will be bigger.
In the future there will be starving people everywhere.
In the future people will live in space.
In the future no one will be able to afford TV.
In the future the helpless will be killed.
In the future everyone will have their own style of way-out clothes.
In the future we will make love to anything anytime anywhere.
In the future there will be so much going on that no one will be able to keep track of it.
Knee Play 12
In the Future
In the future everyone will have the same haircut and the same clothes.
In the future everyone will be very fat from the starchy diet..
In the future everyone will be very thin from not having enough to eat..
In the future it will be next to impossible to tell girls from boys, even in bed.
In the future men will be "super-masculine" and women will be "ultra-feminine."
In the future half of us will be "mentally ill."
In the future there will be no religion or spiritualism of any sort.
In the future the "psychic arts" will be put to practical use.
In the future we will not think that "nature" is beautiful.
In the future the weather will always be the same.
In the future no one will fight with anyone else.
In the future there will be an atomic war.
In the future water will be expensive.
In the future all material items will be free.
In the future everyone's house will be like a little fortress.
In the future everyone's house will be a total entertainment center.
In the future everyone but the wealthy will be very happy.
In the future everyone but the wealthy will be very filthy.
In the future everyone but the wealthy will be very healthy.
In the future TV will be so good that the printed word will function as an art form only.
In the future people with boring jobs will take pills to relieve the boredom.
In the future no one will live in cities
In the future there will be mini-wars going on everywhere.
In the future everyone will think about love all the time.
In the future political and other decisions will be based completely on opinion polls.
In the future there will be machines which will produce a religious experience in the user.
In the future there will be groups of wild people, living in the wilderness.
In the future there will be only paper money, which will be personalized.
In the future there will be a classless society.
In the future everyone will only get to go home once a year.
In the future everyone will stay home all the time.
In the future we will not have time for leisure activities.
In the future we will only "work" one day a week.
In the future our bodies will be shriveled up but our brains will be bigger.
In the future there will be starving people everywhere.
In the future people will live in space.
In the future no one will be able to afford TV.
In the future the helpless will be killed.
In the future everyone will have their own style of way-out clothes.
In the future we will make love to anything anytime anywhere.
In the future there will be so much going on that no one will be able to keep track of it.
Saturday, May 22, 2010
Smart Computing +Joyent
As computing evolves it helps to stop for a moment to take a look around to see where IT stands now. In May of 2010, Joyent took the initiative to help the world get their head out of the clouds and is helping new businesses hit the ground running with a portfolio of Smart Computing solutions.
Read how Joyent compares to nebulous virtualization.
And read this white paper for an overview of Joyent SmartMachines that are powered by a SmartPlatform of solution stacks to load balance mass-customized solution stacks for custom developed applications that are managed by the Joyent SmartDataCenter suite of tools.
Read how Joyent compares to nebulous virtualization.
And read this white paper for an overview of Joyent SmartMachines that are powered by a SmartPlatform of solution stacks to load balance mass-customized solution stacks for custom developed applications that are managed by the Joyent SmartDataCenter suite of tools.
Saturday, September 19, 2009
Policy Enforcement Clouds
Cloud security is not an insurmountable challenge if you start with the premise that trust must be earned and verified, even internally, and then take the next step to take full responsibility to build out the security infrastructure required to support your business requirements and to comply with regulatory constraints. Let's start by considering the concept of a Policy Enforcement Cloud (PEC) that is elastic in nature and while loosely coupled from the application code is still able to deeply enforce fine-grained authorization decisions at both the edge and inside the containers across the distributed hybrid heterogeneous clouds where the data and business logic exist.
As you can see in the article on Cloud Computing Best Practices http://soa.sys-con.com/node/1103814 ...when the discussion of secure cloud integration comes up the risk seems to exceed the rewards because the conversation often stalls after realizing that a VPN is only one small part of the integration problem. We all need to look deeper into cloud security.
As you can see in the article on Cloud Computing Best Practices http://soa.sys-con.com/node/1103814 ...when the discussion of secure cloud integration comes up the risk seems to exceed the rewards because the conversation often stalls after realizing that a VPN is only one small part of the integration problem. We all need to look deeper into cloud security.
Thursday, January 15, 2009
MITRE.org Publishes the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors
This post is to acknowledge the good work that the MITRE.org team of contributors have done to publish the 2009 list of common programming weaknesses. If you are not familiar with this list, below is a short summary from the version 1.0 document published on 1-12-2009 that is available at http://cwe.mitre.org/top25/index.html
The Top 25 is organized into three high-level categories: Insecure Interaction Between Components, Risky Resource Management, and Porous Defenses. Kudos to the CWE project coordinators Bob Martin from MITRE, and Mason Brown & Alan Paller from the SANS (SysAdmin, Audit, Network, Security) Institute, as well as the group of contributors.
CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.
Insecure Interaction Between Components
These weaknesses are related to insecure ways in which data is sent and received between separate components, modules, programs, processes, threads, or systems.
CWE-20: Improper Input Validation
CWE-116: Improper Encoding or Escaping of Output
CWE-89: Failure to Preserve SQL Query Structure (aka 'SQL Injection')
CWE-79: Failure to Preserve Web Page Structure (aka 'Cross-site Scripting')
CWE-78: Failure to Preserve OS Command Structure (aka 'OS Command Injection')
CWE-319: Cleartext Transmission of Sensitive Information
CWE-352: Cross-Site Request Forgery (CSRF)
CWE-362: Race Condition
CWE-209: Error Message Information Leak
Risky Resource Management
The weaknesses in this category are related to ways in which software does not properly manage the creation, usage, transfer, or destruction of important system resources.
CWE-119: Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-642: External Control of Critical State Data
CWE-73: External Control of File Name or Path
CWE-426: Untrusted Search Path
CWE-94: Failure to Control Generation of Code (aka 'Code Injection')
CWE-494: Download of Code Without Integrity Check
CWE-404: Improper Resource Shutdown or Release
CWE-665: Improper Initialization
CWE-682: Incorrect Calculation
Porous Defenses
The weaknesses in this category are related to defensive techniques that are often misused, abused, or just plain ignored.
CWE-285: Improper Access Control (Authorization)
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE-259: Hard-Coded Password
CWE-732: Insecure Permission Assignment for Critical Resource
CWE-330: Use of Insufficiently Random Values
CWE-250: Execution with Unnecessary Privileges
CWE-602: Client-Side Enforcement of Server-Side Security
Note: There are a total of 755 weaknesses listed in the full view of the CWE dictionary at http://cwe.mitre.org/data/slices/2000.html
The Top 25 is organized into three high-level categories: Insecure Interaction Between Components, Risky Resource Management, and Porous Defenses. Kudos to the CWE project coordinators Bob Martin from MITRE, and Mason Brown & Alan Paller from the SANS (SysAdmin, Audit, Network, Security) Institute, as well as the group of contributors.
CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.
Insecure Interaction Between Components
These weaknesses are related to insecure ways in which data is sent and received between separate components, modules, programs, processes, threads, or systems.
CWE-20: Improper Input Validation
CWE-116: Improper Encoding or Escaping of Output
CWE-89: Failure to Preserve SQL Query Structure (aka 'SQL Injection')
CWE-79: Failure to Preserve Web Page Structure (aka 'Cross-site Scripting')
CWE-78: Failure to Preserve OS Command Structure (aka 'OS Command Injection')
CWE-319: Cleartext Transmission of Sensitive Information
CWE-352: Cross-Site Request Forgery (CSRF)
CWE-362: Race Condition
CWE-209: Error Message Information Leak
Risky Resource Management
The weaknesses in this category are related to ways in which software does not properly manage the creation, usage, transfer, or destruction of important system resources.
CWE-119: Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-642: External Control of Critical State Data
CWE-73: External Control of File Name or Path
CWE-426: Untrusted Search Path
CWE-94: Failure to Control Generation of Code (aka 'Code Injection')
CWE-494: Download of Code Without Integrity Check
CWE-404: Improper Resource Shutdown or Release
CWE-665: Improper Initialization
CWE-682: Incorrect Calculation
Porous Defenses
The weaknesses in this category are related to defensive techniques that are often misused, abused, or just plain ignored.
CWE-285: Improper Access Control (Authorization)
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE-259: Hard-Coded Password
CWE-732: Insecure Permission Assignment for Critical Resource
CWE-330: Use of Insufficiently Random Values
CWE-250: Execution with Unnecessary Privileges
CWE-602: Client-Side Enforcement of Server-Side Security
Note: There are a total of 755 weaknesses listed in the full view of the CWE dictionary at http://cwe.mitre.org/data/slices/2000.html
Tuesday, January 6, 2009
My Slides from SIFMA & CITY#GRID London, December 2 - 4, 2008
Last month I had the pleasure of participating in panel discussions at SIFMA, and at CITY#GRID. Naturally much of the conversation was on using High Performance Computing technology alongside Smart Order Routers to beef up the algo engines used for MiFID "Best Price Execution" across the EU pools of lit and dark liquidity. This is an important and complicated topic that requires a deep understanding of the market data speeds and network latency issues that must first be solved, otherwise the grid will simply go wasted as per Amdahl's law of parallelization efficiency. Which in short states that your speed up is directly related to how much work can be done in parallel. The issue with best price execution is that the data is changing at microsecond speeds. Having said that, we discussed the trend to integrate compute grids, data grids and messaging systems. Many now refer to these types of HPC systems as cloud computing infrastructures.
To view the slides that I presented during the topic entitled "Another Paradigm Shift: How SOA and Extreme Processing Technologies Can Open Up the Grid to More than Analytics & Risk" visit: http://events.sifma.org/2008/273/event.aspx?id=4566
To view the slides that I presented during the topic entitled "Another Paradigm Shift: How SOA and Extreme Processing Technologies Can Open Up the Grid to More than Analytics & Risk" visit: http://events.sifma.org/2008/273/event.aspx?id=4566
Friday, October 17, 2008
SIFMA European Tech Event - Dec 2 - 3, 2008
This December I'll be in London and hope to see you at SIFMA too. If you've not yet registered to attend, and would like a discounted rate, then simply drop me an e-mail and I'll send you a guest form.
SIFMA 2008 Speakers:
www.sifma.org/technology
On the morning of Wednesday 3 December 2008 at 10.15 - 11.00 AM GMT I'll be moderating a panel session related to the evolution of grid computing from a batch and risk analysis utility of compute resource, to an integral SOA platform that business developers will tap into with business logic surrounding security policies and complex event processing listeners and triggers in order to visualize and automate trading while attempting to visualize and estimate the size of known dark pools of liquidity. During arid market conditions, this business intelligence is a key factor in managing risk to recover, rebuild, and to grow.
Another paradigm shift: How SOA and extreme processing technologies can open up the grid to more than analytics & risk
This session will address how Service oriented architectures (SOA), complex event processing (CEP) and data fabrics are all being used to support a new generation of data and model driven architectures (MDA). Questions that will be answered include:
* How do these technologies integrate to enable IT alignment with the new business realities?
* Do we need to re-engineer our OMS/EMS and ticker plant systems to survive the exponential growth in volumes and complexity of the markets
* Can they facilitate agile e-outsourcing, and if so, how?
Moderator:
Ryan Bagnulo, Founder and Innovation Architect, ASPECT - i, Formerly Wachovia CIB Head of Architecture & Innovation
Panellists:
Dipen Mehta, Chief Architect, Financial Markets, STANDARD CHARTERED BANK
John Froud, Director Information Technology & Head of Technical Architecture, CREDIT SUISSE
Yomi Abatan, Enterprise Architect, DEUTSCHE BANK
SIFMA 2008 Speakers:
www.sifma.org/technology
On the morning of Wednesday 3 December 2008 at 10.15 - 11.00 AM GMT I'll be moderating a panel session related to the evolution of grid computing from a batch and risk analysis utility of compute resource, to an integral SOA platform that business developers will tap into with business logic surrounding security policies and complex event processing listeners and triggers in order to visualize and automate trading while attempting to visualize and estimate the size of known dark pools of liquidity. During arid market conditions, this business intelligence is a key factor in managing risk to recover, rebuild, and to grow.
Another paradigm shift: How SOA and extreme processing technologies can open up the grid to more than analytics & risk
This session will address how Service oriented architectures (SOA), complex event processing (CEP) and data fabrics are all being used to support a new generation of data and model driven architectures (MDA). Questions that will be answered include:
* How do these technologies integrate to enable IT alignment with the new business realities?
* Do we need to re-engineer our OMS/EMS and ticker plant systems to survive the exponential growth in volumes and complexity of the markets
* Can they facilitate agile e-outsourcing, and if so, how?
Moderator:
Ryan Bagnulo, Founder and Innovation Architect, ASPECT - i, Formerly Wachovia CIB Head of Architecture & Innovation
Panellists:
Dipen Mehta, Chief Architect, Financial Markets, STANDARD CHARTERED BANK
John Froud, Director Information Technology & Head of Technical Architecture, CREDIT SUISSE
Yomi Abatan, Enterprise Architect, DEUTSCHE BANK
Sunday, June 10, 2007
The evolution of distributed computing is cloudy computing.
While VMWare is great at carving up a computer into smaller partitions of a computer, VMWare falls short when you want to create a large virtual computer out of many smaller computers.
We all know and love the concept of reuse when it comes to SOA in the application development space. Now let's consider the power of reuse in the infrastructure layer.
The concept is called Services Oriented Infrastructure (SOI), and Grid Computing is alive and well in the SOI. Whereby many low-cost, low-heat, low-power blades are being pooled together on an as-needed basis to run high performance computing analytics and data aggregation functions to create a large virtual super computer with hundreds of processors and gigabytes of storage as a distributed level 2 cache.
Before you say that you've figured out virtualization because you are using LPAR technology from IBM on an AIX p-series or you've figured out how to get Linux running on an i-series OS/400 system or on a z-series mainframe, you must first answer this question... What am I doing to leverage the huge amounts of underutilized Intel and AMD win/lin resources in the datacenter?
Microsoft is not ignoring grid computing, and they've rebranded the Windows 2003 64bit Compute Cluster Edition (CCE) as simply HPC server. Other ISVs such as Platform Computing have been selling products like LSF and the new Enterprise Grid Orchestrator (EGO, and DataSynapse recently launched GridServer 5.0 with improved performance in a feature called "SpeedLink", as well as Fabric Server to automate the configuration and provisioning of J2EE container based applications. And the open source grid community has evolved since the creation of the Globus toolkit, and the GridGain folks have focused on cloud services integration with providers such as Google AppEngine and Amazon EC2.
We all know and love the concept of reuse when it comes to SOA in the application development space. Now let's consider the power of reuse in the infrastructure layer.
The concept is called Services Oriented Infrastructure (SOI), and Grid Computing is alive and well in the SOI. Whereby many low-cost, low-heat, low-power blades are being pooled together on an as-needed basis to run high performance computing analytics and data aggregation functions to create a large virtual super computer with hundreds of processors and gigabytes of storage as a distributed level 2 cache.
Before you say that you've figured out virtualization because you are using LPAR technology from IBM on an AIX p-series or you've figured out how to get Linux running on an i-series OS/400 system or on a z-series mainframe, you must first answer this question... What am I doing to leverage the huge amounts of underutilized Intel and AMD win/lin resources in the datacenter?
Microsoft is not ignoring grid computing, and they've rebranded the Windows 2003 64bit Compute Cluster Edition (CCE) as simply HPC server. Other ISVs such as Platform Computing have been selling products like LSF and the new Enterprise Grid Orchestrator (EGO, and DataSynapse recently launched GridServer 5.0 with improved performance in a feature called "SpeedLink", as well as Fabric Server to automate the configuration and provisioning of J2EE container based applications. And the open source grid community has evolved since the creation of the Globus toolkit, and the GridGain folks have focused on cloud services integration with providers such as Google AppEngine and Amazon EC2.
June 10, 2007
What is an ESB?
The ESB is the Trust Domain. The Trust Domain is the ESB.
Without trust there is no integration. The ESB is a bridge between systems that were never intended to communicate or integrate.
What is an Enterprise Service Bus (ESB)?
An ESB an application layer firewall. It is a protocol layer transformer. It is a message payload any-to-any and XML schema transformer. It is a passive transaction payload audit logger. The ESB is a layer of abstraction, that must be highly performant and highly available, and most of all the ESB must be heterogeneous in nature. The value that the ESB provides is directly proportionate to the number of systems that it can securely and rapidly integrate without introducing latency to the transaction.
The ESB must be secure and fast.
The ESB must scale horizontally.
The ESB must be a federated ESB, comprised of many ESBs.
We will next explore the concept of ESB support services.
ESB Support Services include:
The ESB is the Trust Domain. The Trust Domain is the ESB.
Without trust there is no integration. The ESB is a bridge between systems that were never intended to communicate or integrate.
What is an Enterprise Service Bus (ESB)?
An ESB an application layer firewall. It is a protocol layer transformer. It is a message payload any-to-any and XML schema transformer. It is a passive transaction payload audit logger. The ESB is a layer of abstraction, that must be highly performant and highly available, and most of all the ESB must be heterogeneous in nature. The value that the ESB provides is directly proportionate to the number of systems that it can securely and rapidly integrate without introducing latency to the transaction.
The ESB must be secure and fast.
The ESB must scale horizontally.
The ESB must be a federated ESB, comprised of many ESBs.
We will next explore the concept of ESB support services.
ESB Support Services include:
- A Business Rules Engine (Fine Grained XACML Security Policy Decision Points, Policy Information Points, Policy Adminstration Points, and Policy Enforcement Points, and a JSR-94 compliant RETE engine to ensure that rules are processed in the correct sequence)
- XA / ACID Transaction Processing to ensure that the business transaction is only reported complete once all of the related system level transactions have completed.
- Web Application Firewall (AAA, SSO)
- Web Services XML Firewall (AAA, Payload Inspection, XML Schema Validation)
- XSLT Acceleration (Text to XML , XML to XML, XML t0 HTML, Any to Any)
- Multi-Protocol Transformation (HTTP - TIBCO - MQ - JMS - ODBC - FTP - SMPT, etc.)
- Exemption Handling / Error Logging
- System and Event Logging
- Business Compliance Transaction Logging
Subscribe to:
Posts (Atom)