Over on the Forrester blogs, I take a look at XACML, advocating that it needs to refactor heavily to meet mobile/cloud authorization policy needs. UMA as a potential enterprise “access management 2.0″ solution makes an appearance as well. Quoting the post: “Would an XACML.next that concentrates on ‘growing the pie’ for declarative authorization policy be valuable? Would an integration of web and post-web access management help you achieve your goals?” If you have thoughts on this, check out the post and let me know…
Archive for 'XML'
Sometimes you have wonder about “conventional wisdom” (and what makes it different from “actual wisdom”). Until about 40 or so years ago, it was conventional wisdom that you shouldn’t exercise to lose fat because exercise tended to make you more hungry. Then the CW changed to “you must become a hamster on a wheel” — without any evidence to back it up. Now it appears that we may be undergoing a much-needed correction.
I only recently discovered (h/t Pat) a great New York Magazine article from 2007 recounting the state of science in this area, called The Scientist and the Stairmaster. Naturally, it’s by Gary Taubes. (I think I’m going to start calling him The Great Gary Taubes, or TGGT for short, much as I’ve shortened GCBC.) Here’s a snippet, but as always, it’s worth reading the whole thing:
Just last month, the American Heart Association and the American College of Sports Medicine … suggested that 30 minutes of moderate physical activity five days a week is necessary to “promote and maintain health.” What they didn’t say, though, was that more physical activity will lead us to lose weight. Indeed, the best they could say about the relationship between fat and exercise was this: “It is reasonable to assume that persons with relatively high daily energy expenditures would be less likely to gain weight over time, compared with those who have low energy expenditures. So far, data to support this hypothesis are not particularly compelling.” In other words, despite half a century of efforts to prove otherwise, scientists still can’t say that exercise will help keep off the pounds.
And now I notice that Time jumped on the new-CW bandwagon last month with Why Exercise Won’t Make You Thin.
Do I exercise? Well, yeah, but I have to fight the hunger it brings on. I lift weights and such to increase muscle mass, stave off loss of bone density (two decades ago I would have said “build bone density”, sigh), increase my VO2 max, and just generally feel more vital. But I’ve given up on endless medium-intensity cardio to lose weight — because insanity is doing the same thing over and over again and expecting different results.
Speaking of doing the same thing over and over again, what do you suppose that grainy photo at the top represents? In 2006, as part of the XML Summer School events (this year’s School is coming up fast! sign up now!), I had the privilege of going on a special tour of the Oxford Castle, which had recently opened to visitors. It was put to use as a prison for many centuries, and it was nasty in there. The “terrible prison conditions” they talk about on the website included this primitive Stairmaster, with which they’d punish prisoners by making them climb for eight hours a day.
I can take a hint.
So last week I made a big transition, joining Andrew Nash‘s identity services team at PayPal. (And I kind of told Twitter about it before I told y’all. Sorry about that; it’s the nature of the communications beast.) Working with Andrew, Ashish, and other great folks at PayPal is going to be a blast. And it’s an especially interesting time to shift from a technology-stack-providing world to a consumer-facing one.
Being with Sun Microsystems for ten years was an honor and a pleasure; I got to work closely with some of the most talented and interesting folks in the business. And during that time my experiences helped me layer new personae onto “old SGMLer”: “XMLgrrl”, “the SAML lady”, and even, ahem, “the queen of Venn”.
You’ll still find me involved in some familiar activities — for example, I remain involved in ProtectServe and User-Managed Access efforts, and I hope to keep up my fledgling Tek-Tips video-blogging series on identity and the cloud (#1 on the relevance of federated identity to cloud computing, #2 on the challenges of passwords for authenticating to cloud services).
Thanks for continuing to witness my pushing of string over here. I plan to continue blogging my thoughts on matters of identity, security, privacy, and trust (and occasionally nutrition, music, and knitting…), and look forward to your feedback. You can find fresh contact and bio information on my welcome page; drop me a note anytime.
The XML Summer School in Oxford is back! John Chelsom has gotten it started again, and this time it will be held September 20-25 in St. Edmund Hall. Lauren Wood is serving most excellently as Course Director this year.
I’m putting together a one-day Web Services and Identity course with a great lineup of additional lecturers: Paul Downey, Marc Hadley, and Rich Salz, all of whom have taught at the School before. Some of my previous posts (2007, 2006) give the flavor of the event and my series of courses.
You won’t want to miss any part of the week — you’ll sharpen your skills, you’ll hang out with great people, and you’ll get your questions answered about how to apply the hottest tech (check out all the new course subjects!) to your hottest business problems. What are you waiting for? Register already!
(If you’re the hesitant type, you can just follow along on Twitter at @xmlsummerschool for now, but make sure not to miss any registration deadlines…)
Somehow I’d been missing out on the phenomenon of the Gnomedex tech-enthusiast conference, even though its location in recent years coincides perfectly with my new(ish) Northwest residency. (Hey, I haven’t gone to Bumbershoot yet either — bad, bad Eve!)
This year I’ve got a great chance to fix the situation. I met Chris Pirillo and his lovely wife Ponzi through Eli, and after a couple of fun evenings where I blabbed excitedly about Vendor Relationship Management and he blabbed excitedly about a project that was soon to become his WicketPixie social-media WordPress theme (it would be interesting to “VRM-enable” this theme, yes??), they were kind enough to invite me to speak this year. I’m looking forward to introducing VRM concepts to this audience and getting some discussion going on how to improve the customer-vendor nexus.
If you can be in Seattle August 21-23, I hope you’ll register and join the fun.
Eric Wilde and Bob Glushko have produced a wonderful compendium of problems people have with XML due to overblown expectations or plain old misunderstandings: XML Fever. It’s funny because it’s true!
(And hey, don’t forget about authorial illnesses like Tag Abuse Syndrome [see Sec 22.214.171.124], for which markup models can be carriers…)
It’s that time again — we’re just a month away from the deadline for the ACM Workshop on Digital Identity Management call for papers.
The theme, as always for this series, is timely: “Services and Identity”. Might Pat et al. be interested in submitting something on accessing attribute services in SOAP and REST environments?
Clemens and Gerry comment on a remarkable event: Microsoft shipping sample code…in Java…using a runtime stack the likes of which you have never seen before in a Microsoft product. It’ll be four years this week since the historic Sun-Microsoft agreement, and this sort of collaboration and proven interop is something the teams in both companies can really be proud of.