Saturday, April 05, 2008
Links for 2008-04-05
Todd Biske discusses ways to avoid vendor lock-in and suggests asking the following: Are all of the capabilities that are available in your user-facing management console also available as services callable by another system, orchestration engine, or script?. Of course, message passing across systems works at some level but also creates duplication of work when it comes to security as you have to define it sometimes in multiple places.
Bill Barr is 100% correct in his observation that building test cases first isn't always the Agile thing to do. The problem is that many of the founding members of the Agile Alliance have brainwashed others into doing things a certain way and will not entertain other approaches that don't align with their thinking. Martin Fowler and others will continue to exercise their right to remain silent on such thinking.
Many bloggers need to think that roles are more than just about context around identity and need to understand that roles also imply an authorization model as well. Can we hope that the identity weenies will at least consider that some attention needs to be paid towards federating authorization? Do any of them have an opinion on XACML?
Everyone has a perspective on security and they are all true. Yet, at some level all abstractions lie
Wouldn't it be interesting if there were capability to vote Enterprise Architects out of the blogosphere. I would start with throwing Robert McIlree and his process weenie views of the world off the island.
If Microsoft were smart, they would figure out a way to create a product similar to what IBM has internally for their Blue Pages that other enterprises could leverage. Active Directory should be a strong participant in terms of social networking and I would love to see them hook up with the Exchange team to also model out social relationships that could be leveraged for instant messaging.