Search Results

Search found 100 results on 4 pages for 'noel abrahams'.

Page 1/4 | 1 2 3 4  | Next Page >

  • Microsoft utilise le Père Noël pour promouvoir le HTML5 et l'accélération matérielle dans Internet Explorer 9

    Microsoft utilise l'Atelier du père Noël pour promouvoir le HTML5 Et l'accélération matérielle dans Internet Explorer 9 Tout est bon pour promouvoir le HTML5. Y compris les fêtes de fin d'année. C'est ce que vient de faire Microsoft avec des démos de quelques thèmes de Noël. Ces démos en HTML 5 baptisées « expériences HTML5» par Microsoft, sont axées sur le standard web en cours de réalisation HTML5 et le SVG (Scalable Vector Graphics). Elles utilisent également l'accélération matérielle. Elles sont destinées aux utilisateurs et aux développeurs Web et permettent en quelque sorte un test de la vitesse du navigateur puisque les variations des effets sont fonction de celle-ci. ...

    Read the article

  • Kinect sera disponible mondialement pour Noël, le module pour Xbox de Microsoft devrait coûter 150$

    Mise à jour du 16.06.2010 par Katleen Kinect sera disponible mondialement pour Noël, le module pour Xbox de Microsoft devrait coûter 150$ Lundi, Microsoft a présenté Kinect (le nouveau nom du projet Natal) lors du salon du jeu vidéo E3 à Los Angeles. Des journaliste ont même pu essayer l'engin. Lors de sa sortie, 15 jeux seront déjà disponibles avec la plateforme. Six ont déjà été présentés sur le salon. Il y Kinectimals, jeu d'interaction avec un bébé tigre qu'il faut caresser et faire jouer ; Kinect Sports (bowling, javelot, etc.) qui rappelle un titre similaire sur Wii ; Dance Central dont le but est de reproduire la chorégraphie à l'écran ; Kinect Your Shape, qui propose des exercices sportifs de...

    Read the article

  • Joyeux Noël à tous de la part de Developpez.com ! Quels cadeaux Papa Noël vous a-t-il apporté cette année ?

    Joyeux Noël à tous de la part de Developpez.com ! Quels cadeaux Papa Noël vous a-t-il apporté cette année ? Chers lecteurs, au nom de toute l'équipe de Developpez.com, j'aimerais vous souhaiter un Joyeux Noël. Nous espérons sincèrement que cette journée aura été un régal pour vous, et que, entourés de vos proches, vous profitez pleinement de cette période de fêtes pour être heureux et recharger vos batteries. Mais, si vous venez traîner vos guêtres ici, vous êtes très probablement férus d'informatique. Et cela doit se ressentir, même dans votre façon de célébrer la nativité. Peut-être avez-vous craqué pour une boule de Noël high-tech à écran LCD ? [IMG]http://www.journaldugeek.com/images/2007_11...

    Read the article

  • L'essor des tablettes affecte les ventes de PCs, le marché a été très touché à Noël et cela pourrait continuer en 2011

    L'essor des tablettes affecte les ventes de PCs, le marché a été très touché à Noël et cela pourrait continuer en 2011 Fin 2010, le Père Noël n'a pas eu les mêmes cadeaux dans sa hotte que douze mois auparavant. En effet, en cette période de l'année où les constructeurs enregistrent le plus de ventes, les achats de PCs ont diminué. Deux études menées parallèlement et indépendamment l'une de l'autre sont arrivées aux mêmes conclusions : au quatrième trimestre 2010, le succès phénoménal des iPads et autres tablettes ont fait baisser le chiffre d'affaires mondial des ordinateurs. La hausse des ventes de PCs, comparativement entre décembre 2009 et décembre 2010, ne serait en effet que de 3.7% pour Gartner (et 2.7% pour I...

    Read the article

  • La liste de Noël de Developpez (part. 2) : les livres

    La liste de Noël de Developpez partie 2 Notre sélection de livres 2012 Et oui, déjà Noël. Et à chaque fois la même question : « qu'est-ce que je vais bien pouvoir lui (leur) offrir ? ». Pire ! « Qu'est-ce que je vais bien pouvoir demander ? ». Pour vous aider, Developpez.com vous livre sa liste de cadeaux 2012 dans laquelle vous n'aurez plus qu'à piocher. Après la première partie sur les appareils et nos deux coups de coeurs pour les claviers en bois du Languedoc et les Pochettes de protection artisanales d'Asnières, voici notre liste de livres 2013. 1 - Si Steve ...

    Read the article

  • La liste de Noël (part. 1) de Developpez : 4 smartphones, 1 PC, des pochettes artisanales et du Bambou

    La liste de Noël de Developpez partie 1 3 smartphones, 1 PC, des pochettes artisanales à prix mini et du Bambou Et oui, déjà Noël. Et à chaque fois la même question : « qu'est-ce que je vais bien pouvoir lui (leur) offrir ? ». Pire ! « Qu'est-ce que je vais bien pouvoir demander ? ». Pour vous aider, Developpez.com vous livre sa liste de cadeaux 2012 dans laquelle vous n'aurez plus qu'à piocher. Première partie : les appareils et ce qui les accompagne. Smarthpones Incontestablement, l'année 2012 a été marquée par la sortie de 3 smartphones de très bonne tenue. Chacun trouvera le bonheur dans le modèle de son choix en fonction de son OS préféré : ...

    Read the article

  • Quel cadeau Hi-Tech ou « Geek » espérez-vous pour Noël ? Et quels produits attendus pour 2011 vous font rêver ?

    Quel cadeau Hi-Tech ou « Geek » allez-vous offrir à Noël ? Et quels produits attendus pour 2011 vous font rêver ? Ecrit en collaboration avec Gordon Fowler Noël. J-1. Les parents retardataires se pressent dans les magasins. Les enfants ont des sourires jusqu'aux oreilles. Et les commerçants travaillent d'arrache-pied pour assurer leur chiffre d'affaires annuels. Noël, la fête des petits. Mais aussi la fête des grands. Surtout pour les « Geeks », toujours prêts à s'émerveiller pour les objets insolites, les nouveautés de tout poil et la technologie. Un iPad sous le sapin, un NAS, un T-Shirt Wifi, le CD des meilleures musiqu...

    Read the article

  • Quels cadeaux de Noël recommanderiez-vous pour initier les enfants à la programmation ? Livres, jeux, applications, etc.

    Quels cadeaux de Noël recommanderiez-vous pour initier les enfants à la programmation ? Donnez-nous vos idées de livres, jeux, programmes, applications, etc. Le détail ne vous aura pas échappé. Les publicités pour les jouets ont fait depuis quelques jours leurs retour en force sur les écrans de télévisions. Le calendrier de l'avant a pris ses quartiers dans les supermarchés et votre boite aux lettres, la vraie, celle pour la correspondance papier, se remplie de catalogues pour enfants. Ces signes ne trompent pas, Noël est de retour. Pourquoi en parler sur Developpez.com me direz-vous ? Tout simplement parce qu'en me rendant dans une librairie spécialisée m'est venue ...

    Read the article

  • Oracle Social Network and the Flying Monkey Smart Target

    - by kellsey.ruppel
    Originally posted by Jake Kuramoto on The Apps Lab blog. I teased this before OpenWorld, and for those of you who didn’t make it to the show or didn’t come by the Office Hours to take the Oracle Social Network Technical Tour Noel (@noelportugal) ran, I give you the Flying Monkey Smart Target. In brief, Noel built a target, about two feet tall, which when struck, played monkey sounds and posted a comment to an Oracle Social Network Conversation, all controlled by a Raspberry Pi. He also connected a Dropcam to record the winner just prior to the strike. I’m not sure how it all works, but maybe Noel can post the technical specifics. Here’s Noel describing the Challenge, the Target and a few other tidbit in an interview with Friend of the ‘Lab, Bob Rhubart (@brhubart). The monkey target bits are 2:12-2:54 if you’re into brevity, but watch the whole thing. Here are some screen grabs from the Oracle Social Network Conversation, including the Conversation itself, where you can see all the strikes documented, the picture captured, and the annotation capabilities: #gallery-1 { margin: auto;? } #gallery-1 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-1 img { border: 2px solid #cfcfcf; } #gallery-1 .gallery-caption { margin-left: 0; }    That’s Diego in one shot, looking very focused, and Ernst in the other, who kindly annotated himself, two of the development team members. You might have seen them in the Oracle Social Network Hands-On Lab during the show. There’s a trend here. Not by accident, fun stuff like this has becoming our calling card, e.g. the Kscope 12 WebCenter Rock ‘em Sock ‘em Robots. Not only are these entertaining demonstrations, but they showcase what’s possible with RESTful APIs and get developers noodling on how easy it is to connect real objects to cloud services to fix pain points. I spoke to some great folks from the City of Atlanta about extending the concepts of the flying monkey target to physical asset monitoring. Just take an internet-connected camera with REST APIs like the Dropcam, wire it up to Oracle Social Netwok, and you can hack together a monitoring device for a datacenter or a warehouse. Sure, it’s easier said than done, but we’re a lot closer to that reality than we were even two years ago. Another noteworthy bit from Noel’s interview, beginning at 2:55, is the evolution of social developer. Speaking of, make sure to check out the Oracle Social Developer Community. Look for more on the social developer in the coming months. Noel has become quite the Raspberry Pi evangelist, and why not, it’s a great tool, a low-power Linux machine, cheap ($35!) and highly extensible, perfect for makers and students alike. He attended a meetup on Saturday before OpenWorld, and during the show, I heard him evangelizing the Pi and its capabilities to many people. There is some fantastic innovation forming in that ecosystem, much of it with Java. The OTN gang raffled off five Pis, and I expect to see lots of great stuff in the very near future. Stay tuned this week for posts on all our Challenge entrants. There’s some great innovation you won’t want to miss. Find the comments. Update: I forgot to mention that Noel used Twilio, one of his favorite services, during the show to send out Challenge updates and information to all the contestants.

    Read the article

  • Rights Expiry Options in IRM 11g

    - by martin.abrahams
    Among the many enhancements in IRM 11g, we have introduced a couple of new rights expiry options that may be applied to any role. These options were supported in previous versions, but fell into the "advanced configuration" category. In 11g, the options can be applied simply by selecting a check-box in the properties of a role, as shown by the rather extreme example below, where the role allows access for just two minutes after they are sealed. The new options are: To define a role that expires automatically some period after it is assigned To define a role that evaluates expiry relative to the time that each document is sealed These options supplement the familiar options to allow open-ended access (limited by offline access and the ever-present option to revoke rights at any time) and the option to define time windows with specific start dates and end dates. The value of these options is easiest to illustrate with some publishing examples: You might define a role with a one year expiry to be assigned to users who purchase a one year subscription. For each individual user, the year would be calculated from the time that the role was assigned to them. You might define a role that allows documents to be accessed only for 24 hours from the time that they are published - perhaps as a preview mechanism designed to tempt users to sign up for a full subscription. Upon payment of a full fee, users can simply be reassigned a role that gives them greater access to exactly the same documents. In a corporate environment, you might use such roles for fixed term contractors or for workflows that involve information with a short lifespan, or perhaps as part of a compliance process that requires rights to be formally re-approved at intervals. Being role-based, the time constraints apply to any number of documents - including documents that have not yet been created. For example, a user with a one year subscription would have access to all documents published in the relevant classification during the year without any further configuration. Crucially, unlike other solutions, it is not the documents that expire, but the rights of particular users. Whereas some solutions make documents completely inaccessible for all users after expiry, Oracle IRM can allow some users to continue using documents while other users lose access. Equally crucially, a user whose rights have expired can always be granted fresh rights at any time - for example, because they renew their subscription or because a manager confirms that they still need the rights as part of a corporate compliance process. By applying expiry to rights rather than to documents, Oracle IRM avoids the risk of locking an organization out of its own information.

    Read the article

  • Content Encryption Options in Oracle IRM 11g

    - by martin.abrahams
    Another of the innovations in Oracle IRM 11g is a wider choice of encryption algorithms for protecting content. The choice is now as illustrated below. As you see, three of the choices are marked as FIPS options, where FIPS refers to the Federal Information Processing Standard Publication 140-2, a U.S. government security standard for accreditation of cryptographic modules.

    Read the article

  • Granular Clipboard Control in Oracle IRM

    - by martin.abrahams
    One of the main leak prevention controls that customers are looking for is clipboard control. After all, there is little point in controlling access to a document if authorised users can simply make unprotected copies by use of the cut and paste mechanism. Oddly, for such a fundamental requirement, many solutions only offer very simplistic clipboard control - and require the customer to make an awkward choice between usability and security. In many cases, clipboard control is simply an ON-OFF option. By turning the clipboard OFF, you disable one of the most valuable edit functions known to man. Try working for any length of time without copying and pasting, and you'll soon appreciate how valuable that function is. Worse, some solutions disable the clipboard completely - not just for the protected document but for all of the various applications you have open at the time. Normal service is only resumed when you close the protected document. In this way, policy enforcement bleeds out of the particular assets you need to protect and interferes with the entire user experience. On the other hand, turning the clipboard ON satisfies a fundamental usability requirement - but also makes it really easy for users to create unprotected copies of sensitive information, maliciously or otherwise. All they need to do is paste into another document. If creating unprotected copies is this simple, you have to question how much you are really gaining by applying protection at all. You may not be allowed to edit, forward, or print the protected asset, but all you need to do is create a copy and work with that instead. And that activity would not be tracked in any way. So, a simple ON-OFF control creates a real tension between usability and security. If you are only using IRM on a small scale, perhaps security can outweigh usability - the business can put up with the restriction if it only applies to a handful of important documents. But try extending protection to large numbers of documents and large user communities, and the restriction rapidly becomes really unwelcome. I am aware of one solution that takes a different tack. Rather than disable the clipboard, pasting is always permitted, but protection is automatically applied to any document that you paste into. At first glance, this sounds great - protection travels with the content. However, at any scale this model may not be so appealing once you've had to deal with support calls from users who have accidentally applied protection to documents that really don't need it - which would be all too easily done. This may help control leakage, but it also pollutes the system with documents that have policies applied with no obvious rhyme or reason, and it can seriously inconvenience the business by making non-sensitive documents difficult to access. And what policy applies if you paste some protected content into an already protected document? Which policy applies? There are no prizes for guessing that Oracle IRM takes a rather different approach. The Oracle IRM Approach Oracle IRM offers a spectrum of clipboard controls between the extremes of ON and OFF, and it leverages the classification-based rights model to give granular control that satisfies both security and usability needs. Firstly, we take it for granted that if you have EDIT rights, of course you can use the clipboard within a given document. Why would we force you to retype a piece of content that you want to move from HERE... to HERE...? If the pasted content remains in the same document, it is equally well protected whether it be at the beginning, middle, or end - or all three. So, the first point is that Oracle IRM always enables the clipboard if you have the right to edit the file. Secondly, whether we enable or disable the clipboard, we only affect the protected document. That is, you can continue to use the clipboard in the usual way for unprotected documents and applications regardless of whether the clipboard is enabled or disabled for the protected document(s). And if you have multiple protected documents open, each may have the clipboard enabled or disabled independently, according to whether you have Edit rights for each. So, even for the simplest cases - the ON-OFF cases - Oracle IRM adds value by containing the effect to the protected documents rather than to the whole desktop environment. Now to the granular options between ON and OFF. Thanks to our classification model, we can define rights that enable pasting between documents in the same classification - ie. between documents that are protected by the same policy. So, if you are working on this month's financial report and you want to pull some data from last month's report, you can simply cut and paste between the two documents. The two documents are classified the same way, subject to the same policy, so the content is equally safe in both documents. However, if you try to paste the same data into an unprotected document or a document in a different classification, you can be prevented. Thus, the control balances legitimate user requirements to allow pasting with legitimate information security concerns to keep data protected. We can take this further. You may have the right to paste between related classifications of document. So, the CFO might want to copy some financial data into a board document, where the two documents are sealed to different classifications. The CFO's rights may well allow this, as it is a reasonable thing for a CFO to want to do. But policy might prevent the CFO from copying the same data into a classification that is accessible to external parties. The above option, to copy between classifications, may be for specific classifications or open-ended. That is, your rights might enable you to go from A to B but not to C, or you might be allowed to paste to any classification subject to your EDIT rights. As for so many features of Oracle IRM, our classification-based rights model makes this type of granular control really easy to manage - you simply define that pasting is permitted between classifications A and B, but omit C. Or you might define that pasting is permitted between all classifications, but not to unprotected locations. The classification model enables millions of documents to be controlled by a few such rules. Finally, you MIGHT have the option to paste anywhere - such that unprotected copies may be created. This is rare, but a legitimate configuration for some users, some use cases, and some classifications - but not something that you have to permit simply because the alternative is too restrictive. As always, these rights are defined in user roles - so different users are subject to different clipboard controls as required in different classifications. So, where most solutions offer just two clipboard options - ON-OFF or ON-but-encrypt-everything-you-touch - Oracle IRM offers real granularity that leverages our classification model. Indeed, I believe it is the lack of a classification model that makes such granularity impractical for other IRM solutions, because the matrix of rules for controlling pasting would be impossible to manage - there are so many documents to consider, and more are being created all the time.

    Read the article

  • Setting Up IRM Test Content

    - by martin.abrahams
    A feature of the 11g IRM Server that sometimes gets overlooked is the ability to set up some test content that any IRM user can access to verify that their IRM Desktop can reach the server, authenticate successfully, and render protected content successfully. Such test content is useful for new users, and in troubleshooting scenarios. Here's how to set up some test content... In the management console, go to IRM - Administration - Test Content, as shown. The console will display a list of test content - initially an empty list. Use the Add option to specify the URL of a document or image, and define one or more labels for the test content in whichever languages your users favour. Note that you do not need to seal the image or document in order to use it as test content. Nor do you need to set up any rights for the test content. The IRM Server will handle the sealing and rights assignment automatically such that all authenticated users are authorised to view the test content. Repeat this process for as many different types of content as you would like to offer for test purposes - perhaps a Word document, a PDF document, and an image. To keep things simple the first time I did this, I used the URL of one of the images in the IRM Server's UI - so there was no problem with the IRM Server being able to reach that image. Whatever content you want to use, the IRM Server needs to be able to reach it at the URL you specify. Using Test Content Open a browser and browse to the URL that the IRM Desktop normally uses to access the IRM Server, for example: http://irm11g.oracle.com/irm_desktop If you are not sure, you can find this URL in the Servers tab of the IRM Options dialog. Go to the Test tab, and you will see your test content listed. By opening one of the items, you can verify that your IRM Desktop is healthy and that you can authenticate to the IRM Server.

    Read the article

  • Privacy Protection in Oracle IRM 11g

    - by martin.abrahams
    Another innovation in Oracle IRM 11g is an in-built privacy policy challenge. By design, one of the many things that Oracle IRM does, of course, is collect audit information about how and where sealed documents are being used - user names, machine identifiers and so on. Many customers consider that this has privacy implications that the user should be invited to accept as a condition of service use - for the protection of both of the user and the service from avoidable controversy. So, in 11g IRM, when a new user connects to a server for the first time, they can expect to see the following privacy policy dialog. The dialog provides a configurable URL that the customer can use to publish the privacy policy for their IRM service. The policy might clarify what data is being collected and stored, what use that data might be put to, and so on as required by the service owner's legal advisers. In previous releases, you could construct an equivalent capability, and some customers did, but this innovation makes it much easier to do - you simply write a privacy policy and publish it as a web page for which the dialog automatically provides a link. This is another example of how Oracle IRM anticipates not just the security requirements of a customer, but also the broader requirements of service provisioning.

    Read the article

  • Extensible Metadata in Oracle IRM 11g

    - by martin.abrahams
    Another significant change in Oracle IRM 11g is that we now use XML to create the tamperproof header for each sealed document. This article explains what this means, and what benefit it offers. So, every sealed file has a metadata header that contains information about the document - its classification, its format, the user who sealed it, the name and URL of the IRM Server, and much more. The IRM Desktop and other IRM applications use this information to formulate the request for rights, as well as to enhance the user experience by exposing some of the metadata in the user interface. For example, in Windows explorer you can see some metadata exposed as properties of a sealed file and in the mouse-over tooltip. The following image shows 10g and 11g metadata side by side. As you can see, the 11g metadata is written as XML as opposed to the simple delimited text format used in 10g. So why does this matter? The key benefit of using XML is that it creates the opportunity for sealing applications to use custom metadata. This in turn creates the opportunity for custom classification models to be defined and enforced. Out of the box, the solution uses the context classification model, in which two particular pieces of metadata form the basis of rights evaluation - the context name and the document's item code. But a custom sealing application could use some other model entirely, enabling rights decisions to be evaluated on some other basis. The integration with Oracle Beehive is a great example of this. When a user adds a document to a Beehive workspace, that document can be automatically sealed with metadata that represents the Beehive security model rather than the context model. As a consequence, IRM can enforce the Beehive security model precisely and all rights configuration can actually be managed through the Beehive UI rather than the IRM UI. In this scenario, IRM simply supports the Beehive application, seamlessly extending Beehive security to all copies of workspace documents without any additional administration. Finally, I mentioned that the metadata header is tamperproof. This is obviously to stop a rogue user modifying the metadata with a view to gaining unauthorised access - reclassifying a board document to a less sensitive classifcation, for example. To prevent this, the header is digitally signed and can only be manipulated by a suitably authorised sealing application.

    Read the article

  • Access Control and Accessibility in Oracle IRM 11g

    - by martin.abrahams
    A recurring theme you'll find throughout this blog is that IRM needs to balance security with usability and manageability. One of the innovations in Oracle IRM 11g typifies this, as we have introduced a new right that may be included in any role - Accessibility. When creating or modifying a role, you simply select Accessibility along with Open, Print, Edit or whatever rights you want to include in the role. You might, for example, have parallel roles of Reader and Reader with Accessibility and Contributor and Contributor with Accessibility. The effect of the Accessibility right is to relax some of the protection of content in use such that selected users can use accessibility tools. For example, a user with the Accessibility right would be able to use the screen magnification tool, which IRM would ordinarily prevent because it involves screen capture. This new right makes it easy for you to apply security to documents yet, subject to suitable approval processes, cater for the fact that a subset of users might be disproportionately inconvenienced by some of the normal usage constraints. Rather than make those users put up with the restrictions, or perhaps exempt them from using sealed documents altogether, this new right allows you to accommodate them in a controlled manner, and to balance security with corporate accessibility goals.

    Read the article

  • IRM and Consumerization

    - by martin.abrahams
    As the season of rampant consumerism draws to its official close on 12th Night, it seems a fitting time to discuss consumerization - whereby technologies from the consumer market, such as the Android and iPad, are adopted by business organizations. I expect many of you will have received a shiny new mobile gadget for Christmas - and will be expecting to use it for work as well as leisure in 2011. In my case, I'm just getting to grips with my first Android phone. This trend developed so much during 2010 that a number of my customers have officially changed their stance on consumer devices - accepting consumerization as something to embrace rather than resist. Clearly, consumerization has significant implications for information control, as corporate data is distributed to consumer devices whether the organization is aware of it or not. I daresay that some DLP solutions can limit distribution to some extent, but this creates a conflict between accepting consumerization and frustrating it. So what does Oracle IRM have to offer the consumerized enterprise? First and foremost, consumerization does not automatically represent great additional risk - if an enterprise seals its sensitive information. Sealed files are encrypted, and that fundamental protection is not affected by copying files to consumer devices. A device might be lost or stolen, and the user might not think to report the loss of a personally owned device, but the data and the enterprise that owns it are protected. Indeed, the consumerization trend is another strong reason for enterprises to deploy IRM - to protect against this expansion of channels by which data might be accidentally exposed. It also enables encryption requirements to be met even though the enterprise does not own the device and cannot enforce device encryption. Moving on to the usage of sealed content on such devices, some of our customers are using virtual desktop solutions such that, in truth, the sealed content is being opened and used on a PC in the normal way, and the user is simply using their device for display purposes. This has several advantages: The sensitive documents are not actually on the devices, so device loss and theft are even less of a worry The enterprise has another layer of control over how and where content is used, as access to the virtual solution involves another layer of authentication and authorization - defence in depth It is a generic solution that means the enterprise does not need to actively support the ever expanding variety of consumer devices - the enterprise just manages some virtual access to traditional systems using something like Citrix or Remote Desktop services. It is a tried and tested way of accessing sealed documents. People have being using Oracle IRM in conjunction with Citrix and Remote Desktop for several years. For some scenarios, we also have the "IRM wrapper" option that provides a simple app for sealing and unsealing content on a range of operating systems. We are busy working on other ways to support the explosion of consumer devices, but this blog is not a proper forum for talking about them at this time. If you are an Oracle IRM customer, we will be pleased to discuss our plans and your requirements with you directly on request. You can be sure that the blog will cover the new capabilities as soon as possible.

    Read the article

  • IRM Item Codes – what are they for?

    - by martin.abrahams
    A number of colleagues have been asking about IRM item codes recently – what are they for, when are they useful, how can you control them to meet some customer requirements? This is quite a big topic, but this article provides a few answers. An item code is part of the metadata of every sealed document – unless you define a custom metadata model. The item code is defined when a file is sealed, and usually defaults to a timestamp/filename combination. This time/name combo tends to make item codes unique for each new document, but actually item codes are not necessarily unique, as will become clear shortly. In most scenarios, item codes are not relevant to the evaluation of a user’s rights - the context name is the critical piece of metadata, as a user typically has a role that grants access to an entire classification of information regardless of item code. This is key to the simplicity and manageability of the Oracle IRM solution. Item codes are occasionally exposed to users in the UI, but most users probably never notice and never care. Nevertheless, here is one example of where you can see an item code – when you hover the mouse pointer over a sealed file. As you see, the item code for this freshly created file combines a timestamp with the file name. But what are item codes for? The first benefit of item codes is that they enable you to manage exceptions to the policy defined for a context. Thus, I might have access to all oracle – internal files - except for 2011_03_11 13:33:29 Board Minutes.sdocx. This simple mechanism enables Oracle IRM to provide file-by-file control where appropriate, whilst offering the scalability and manageability of classification-based control for the majority of users and content. You really don’t want to be managing each file individually, but never say never. Item codes can also be used for the opposite effect – to include a file in a user’s rights when their role would ordinarily deny access. So, you can assign a role that allows access only to specified item codes. For example, my role might say that I have access to precisely one file – the one shown above. So how are item codes set? In the vast majority of scenarios, item codes are set automatically as part of the sealing process. The sealing API uses the timestamp and filename as shown, and the user need not even realise that this has happened. This automatically creates item codes that are for all practical purposes unique - and that are also intelligible to users who might want to refer to them when viewing or assigning rights in the management UI. It is also possible for suitably authorised users and applications to set the item code manually or programmatically if required. Setting the item code manually using the IRM Desktop The manual process is a simple extension of the sealing task. An authorised user can select the Advanced… sealing option, and will see a dialog that offers the option to specify the item code. To see this option, the user’s role needs the Set Item Code right – you don’t want most users to give any thought at all to item codes, so by default the option is hidden. Setting the item code programmatically A more common scenario is that an application controls the item code programmatically. For example, a document management system that seals documents as part of a workflow might set the item code to match the document’s unique identifier in its repository. This offers the option to tie IRM rights evaluation directly to the security model defined in the document management system. Again, the sealing application needs to be authorised to Set Item Code. The Payslip Scenario To give a concrete example of how item codes might be used in a real world scenario, consider a Human Resources workflow such as a payslips. The goal might be to allow the HR team to have access to all payslips, but each employee to have access only to their own payslips. To enable this, you might have an IRM classification called Payslips. The HR team have a role in the normal way that allows access to all payslips. However, each employee would have an Item Reader role that only allows them to access files that have a particular item code – and that item code might match the employee’s payroll number. So, employee number 123123123 would have access to items with that code. This shows why item codes are not necessarily unique – you can deliberately set the same code on many files for ease of administration. The employees might have the right to unseal or print their payslip, so the solution acts as a secure delivery mechanism that allows payslips to be distributed via corporate email without any fear that they might be accessed by IT administrators, or forwarded accidentally to anyone other than the intended recipient. All that remains is to ensure that as each user’s payslip is sealed, it is assigned the correct item code – something that is easily managed by a simple IRM sealing application. Each month, an employee’s payslip is sealed with the same item code, so you do not need to keep amending the list of items that the user has access to – they have access to all documents that carry their employee code.

    Read the article

  • Anonymous exposes sensitive bank emails

    - by martin.abrahams
    As expected for quite a while, emails purporting to reveal alleged naughtiness at a major bank have been released today. A bank spokesman says "We are confident that his extravagant assertions are untrue". The BBC report concludes…  “Firms are increasingly concerned about the prospect of disgruntled staff taking caches of sensitive e-mails with them when they leave, said Rami Habal, of security firm Proofpoint. "You can't do anything about people copying the content," he said. But firms can put measures in place, such as revoking encryption keys, which means stolen e-mails become unreadable, he added.” Actually, there is something you can do to guard against copying. While traditional encryption lets authorised recipients make unprotected copies long before you revoke the keys, Oracle IRM provides encryption AND guards against unprotected copies being made. Recipients can be authorised to save protected copies, and cut-and-paste within the scope of a protected workflow or email thread – but can be prevented from saving unprotected copies or pasting to unprotected files and emails.  The IRM audit trail would also help track down attempts to open the protected emails and documents by unauthorised individuals within or beyond your perimeter.

    Read the article

  • Energy Firms Targetted for Sensitive Documents

    - by martin.abrahams
    Numerous multinational energy companies have been targeted by hackers who have been focusing on financial documents related to oil and gas field exploration, bidding contracts, and drilling rights, as well as proprietary industrial process documents, according to a new McAfee report. "It ... speaks to quite a sad state of our critical infrastructure security. These were not sophisticated attacks ... yet they were very successful in achieving their goals," said Dmitri Alperovitch, McAfee's vice president for threat research. Apparently, the attacks can be traced back over several years, creating a sustained security compromise that has provided access to highly sensitive information that is of huge financial value to competitors. The value of IRM as an additional layer of protection is clear. Whether your infrastructure security is in a sad state or is state of the art, breaches are always a possibility - and in any case, a lot of sensitive information is shared with third parties whose infrastructure security might not be as good as yours. IRM protects the individual information assets directly so that, even if infrastructure security is compromised, your critical information is enrypted and trackable and only accessible to authenticated, authorised, audited users. The full McAfee report is available here.

    Read the article

  • Oracle IRM Desktop update

    - by martin.abrahams
    Just in time for Christmas, we have made a fresh IRM Desktop build available with a number of valuable enhancements: Office 2010 support Adobe Reader X support Enhanced compatibility with SharePoint Ability to enable the Sealed Email for Lotus Notes integration during IRM Desktop installation The kit is currently available as a patch that you can access by logging in to My Oracle Support and looking for patch 9165540. The patch enables you to download a package containing all 27 language variants of the IRM Desktop. We will be making the kit available from OTN as soon as possible, at which time you will be able to pick a particular language if preferred.

    Read the article

  • Hospital fined $1m for Patient Data Breach

    - by martin.abrahams
    As an illustration of the potential cost of accidental breaches, the US Dept of Health and Human Services recently fined a hospital $1m for losing documents relating to some of its patients. Allegedly, the documents were left on the subway by a hospital employee. For incidents in the UK, several local government bodies have been fined between £60k and £100k. Evidently, the watchdogs are taking an increasingly firm position.

    Read the article

  • Tomcat6 Manager Webapp is 404 on apt-get install on Ubuntu 10.10

    - by Noel
    http://localhost:8080/manager/html gives a 404 error on apt-get install of tomcat6 (6.0.28 on JVM 1.6.0_20-b20 on 2.6.35-27-generic amd64). http://localhost:8080/host-manager/html works. Lists one Host name, localhost. Installed tomcat6-admin with apt-get. $ ls dpkg -l | grep -i tomcat6-admin ii tomcat6-admin 6.0.28-2ubuntu1.1 Servlet and JSP engine -- admin web applications $ cat /usr/share/tomcat6/conf/tomcat-users.xml <tomcat-users> <role rolename="admin"/> <role rolename="manager" /> <user username="tomcatuser" password="Password1" roles="admin,manager"/> </tomcat-users> $ cat /usr/share/tomcat6/conf/Catalina/localhost/manager.xml <Context path="/manager" docBase="/usr/share/tomcat6-admin/manager" antiResourceLocking="false" privileged="true" /> <role name="manager" /> <user name="manager" password="Password1" roles="manager" /> <user name="tomcatuser" password="Password1" roles="manager" /> Those two files are the only documentation I've seen on how to setup the Manager webapp, and they seem to be compliant with the requirements.

    Read the article

  • Tomcat6 Manager Webapp returns a 404

    - by Noel
    http://localhost:8080/manager/html gives a 404 error on apt-get install of tomcat6 (6.0.28 on JVM 1.6.0_20-b20 on 2.6.35-27-generic amd64). http://localhost:8080/host-manager/html works. Lists one Host name, localhost. Installed tomcat6-admin with apt-get. ls dpkg -l | grep -i tomcat6-admin ii tomcat6-admin 6.0.28-2ubuntu1.1 Servlet and JSP engine -- admin web applications $ cat /usr/share/tomcat6/conf/tomcat-users.xml <tomcat-users> <role rolename="admin"/> <role rolename="manager" /> <user username="tomcatuser" password="Password1" roles="admin,manager"/> </tomcat-users> cat /usr/share/tomcat6/conf/Catalina/localhost/manager.xml <Context path="/manager" docBase="/usr/share/tomcat6-admin/manager" antiResourceLocking="false" privileged="true" /> <role name="manager" /> <user name="manager" password="Password1" roles="manager" /> <user name="tomcatuser" password="Password1" roles="manager" /> Those two files are the only documentation I've seen on how to setup the Manager webapp, and they seem to be compliant with the requirements.

    Read the article

  • Cannot locate packages for Citrix install

    - by Noel Evans
    I'm trying to get a Citrix receiver installed on to Ubuntu 14.04 (64 bit) following Ubuntu's docs. The first line of instructions say to get these required packages: sudo apt-get install libmotif4:i386 nspluginwrapper lib32z1 libc6-i386 libxp6:i386 libxpm4:i386 libasound2:i386 But if I paste in that line, I get this error: Reading state information... Done E: Unable to locate package libmotif4 E: Unable to locate package libxp6 E: Unable to locate package libxpm4 E: Unable to locate package libasound2 My repository settings are below. Is there anything I'm missing in there? Otherwise what do I need to do to install these? $ cat /etc/apt/sources.list deb cdrom:[Ubuntu 14.04 LTS _Trusty Tahr_ - Release amd64 (20140417)]/ precise main restricted deb cdrom:[Ubuntu 14.04 LTS _Trusty Tahr_ - Release amd64 (20140417)]/ trusty main restricted deb-src http://archive.ubuntu.com/ubuntu trusty main restricted #Added by software-properties deb http://archive.ubuntu.com/ubuntu/ trusty main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ trusty main restricted universe multiverse #Added by software-properties deb http://security.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse deb-src http://security.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse #Added by software-properties deb http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted universe multiverse #Added by software-properties deb http://archive.ubuntu.com/ubuntu/ trusty-proposed main universe restricted multiverse deb http://archive.ubuntu.com/ubuntu/ trusty-backports main universe restricted multiverse

    Read the article

1 2 3 4  | Next Page >