Back from vacation in Bali with new resolutions

It's been a year I haven't touched this blog. Not for the lack of having things to tell. But eh, I have been really busy with work, and my MBA at GGSB, not to mention turmoil raised by the economic downturn and the Oracle-Sun M&A.

I cleaned up a little bit the presentation of this page, and changed the banner with a photo of Barong, a mythical character of Balinese theater, that I took in Bali hoping he will bring me luck and wisdom...

After two years, the taught part of the MBA program is behind me :-). So, I figured, it would be cool to share my findings here as I progress through the master thesis work. The objective of the thesis is to deep dive into analyzing the business opportunities and impediments of cloud computing from the point of view of small and medium businesses. I already collected a large number of articles and studies stating the issues from both technological and business angles. I may publish my bibliography if I get enough interest.

Also, there are obvious synergies and complementarity between what I am doing at Sun, and the subject of the master thesis. For example, I stumbled recently on an article "Identity as a service becomes reality", and a couple white papers from Conformity, discussing the challenges and risks associated with integrating SaaS and cloud-based applications into exiting IT with regard to how how this trend is fundamentally changing the traditional models of IT over control, accountability and best practices with information and operation security around segregation-of-duties, role-based access control (RBAC), and the principle of least privilege.

It will very interesting to discuss in future messages how OpenSSO's Express 9 Entitlement Enforcement capabilities can be leveraged to address some of the above issues.

Finally, I released recently an update of the Information Card authentication module for OpenSSO which is a complete a revamp of the initial version. Check the extension's README file for details. I will discuss and show in future messages how the Information Card extension can be used to enable claim-based authentication and authorization in OpenSSO.

Sounds like a good blogging program for the next few months. Let's try to stick with that.