Search Results

Search found 19074 results on 763 pages for 'secure government government cloud security'.

Page 10/763 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • Open Source Security packages for Rails

    - by Edwin
    I'm currently creating a complete web application using Rails 3 to familiarize myself with its inner workings and to gain a better appreciation of a working web application's moving parts. (Plus, since I'm still working on my degree, I hope that it will give me a better idea of what's BS in my education requirements and which weaknesses/skills I should focus on.) The example application I'm working on is an ecommerce site, and I've already configured the backend, routes, controllers, and so on. As part of the application, I'd like to integrate a second layer of security on top of the one Rails already provides for user authentication. However, I've been unable to find any on Google, with the exception of OAuth - which, from my understanding, is meant to secure API calls. While I could roll my own secure authentication system, I'm only in my second year of college and recognize that A) I know little about security, and B) there are developers that know much more about security that are working on open-source projects. What are some actively developed open-source security packages or frameworks that can be easily added to Rails? Pros and cons are not necessary, as I can do the research myself. P.S. I'm not sure whether I posted this in the right SE site; please migrate to SO or Security if it is more appropriate there.

    Read the article

  • j2ee implementing security and using a framwork pros and cons

    - by Ismail Marmoush
    I'm a newbie to j2ee security, and i'm not j2ee expert either, though i'm really willing to put some effort and learn I've an application that i'm about to develop on Google App Engine (GAE) --with no time constraints. As you know GAE handles a lot of web container security issues for you, also I will be using openID for authentication exclusively (sessions will be handled by provider). GAE supports SSL which will help with confidentiality and integrity maybe. Authorization can be done through filters. I know reinventing the wheel is a mess, but I was looking forward to learn something about security and implement that in my new app. so what the pros and cons of using a framework like shiro, spring security, jguard etc or filling the rest of gaps on my own ?

    Read the article

  • Weaknesses of 3-Strike Security

    - by prelic
    I've been reading some literature on security, specifically password security/encryption, and there's been one thing that I've been wondering: is the 3-strike rule a perfect solution to password security? That is, if the number of password attempts is limited to some small number, after which all authentication requests will not be honored, will that not protect users from intrusion? I realize gaining access or control over something doesn't always mean going through the authentication system, but doesn't this feature make dictionary/brute-force attacks obsolete? Is there something I'm missing?

    Read the article

  • Monday, Oct 1 at OpenWorld - Database Security Must See Sessions

    - by Troy Kitch
    TIME TITLE LOCATION 12:15 - 1:15 PM Database Security Inside-Out: Latest Innovations in Database Security (CON8686) Moscone South - 102 3:15 - 4:15 PM Oracle Database Security Solutions Customer Panel: Real-World Case Studies (CON8674) Moscone South - 270 4:45 - 5:45 PM Latest Innovations and Best Practices for Oracle Database Auditing (CON8661) Moscone South - 303

    Read the article

  • It's All In The Cloud

    - by Natalia Rachelson
    People turned out in droves for Steve Miranda's Apps Cloud General Session. Steve, as engaging as ever, covered our Apps strategy in the cloud and reinforced that Oracle has a complete set of cloud services including: •    Human Capital Management•    Talent Management•    Sales and Marketing•    Customer Service and Support•    Financial Management•    Procurement, Sourcing, and Inventory•    Project Portfolio Management•    Governance, Risk, and Compliance... all delivered on top of the Social, Platform, and Common Infrastructure.Steve talked about Fusion being the centerpiece of our Cloud Services. The fact that Fusion is 100 percent standards based is a big, big deal! In addition, our ERP Cloud Service is the most complete cloud service on the market. And email marketing is dead -- social marketing is where the action is. It's also where Oracle is investing heavily from a Sales & Marketing Cloud perspective. Steve covered the strategic acquisitions Oracle has made to enhance our organic Cloud offering. Specifically, Oracle bought RightNow to make our Customer Service and Support Cloud service complete. We also bought Taleo to add Recruiting and Learning capabilities to our Talent Management Cloud. Steve talked about our customers and how they are benefiting from the use of a variety of our Cloud Services. Red Robin is driving lower labor and food costs with Oracle ERP Cloud Service. He used Elizabeth Arden as the profile customer for HCM and Talent Management Service, UBS for HCM and Talent Management Service, and Brocade for Talent Management. All these customers are benefiting from a comprehensive and fully integrated HR platform that aligns compensation with performance and enhances workforce motivation and retention. At the same time, Hitachi Data Systems is using Oracle Taleo Performance Management Cloud to recruit the right competencies, pinpoint areas of improvement, and develop and monitor employee goals to support the global account organization. KLM and Overstock.com are gaining the benefits of Oracle's Customer Service and Support Service from RightNow by better engaging and serving customer needs online and through call centers. And last but not least, Graco and Key Energy are leveraging mobility features and sales forecasting and territory management capabilities within the Oracle Sales and Marketing Service. They expect to gain better visibility to sales information and drive more efficient sales campaigns and empower their sales force with data they need to make sales. Overall, Oracle Apps Cloud Services are enjoying a significant momentum in the marketplace. Steve projected an air of confidence and enthusiasm highlighting Oracle's latest successes with Cloud services.

    Read the article

  • Java Cloud Service for developers

    - by JuergenKress
    The advent of cloud computing has reinvented application development for many companies. “That’s the beauty of the cloud,” says Cameron Purdy, vice president of development, Oracle. “It dramatically improves developer productivity because they can do what they do best without having to manage complex development, testing, staging, and production environments.” The key is to find a platform that doesn’t impose proprietary restrictions or force developers to learn new tools. For example, Oracle Java Cloud Service is an enterprise-grade platform as a service for building and deploying Java EE, Oracle WebLogic Server, and Oracle Application Development Framework (Oracle ADF) applications. “It’s designed to be flexible and easy to use,” says Purdy. “And it is also a standards-based solution -it’s not proprietary and there is no cloud lock-in. Developers get instant access to an enterprise-grade environment for a simple, monthly subscription.” Oracle Java Cloud Service instances are created with just a few clicks, so businesses can create a rich application development environment within minutes. Running on Oracle WebLogic Server and Oracle Exalogic, the underlying infrastructure also leverages Oracle Fusion Middleware’s integration with common services. For example, instances come integrated and preconfigured with optimized Oracle Database and Oracle Identity Management configurations. Based on Oracle Enterprise Manager, the Oracle Java Cloud Service console lets customers easily manage and monitor their Oracle Java Cloud Service instances. The open nature of the Oracle Java Cloud Service lets developers integrate through Web services such as SOAP and REST APIs, as well as use their favorite developer tools, whether they are out-of-the-box tools such as Maven and Ant or the productivity features built into Oracle JDeveloper, Oracle Enterprise Pack for Eclipse, or NetBeans IDE. The service allows for the seamless movement of applications between on-premise Oracle WebLogic Server domains and instances of Oracle Java Cloud Service within Oracle Cloud. This approach allows flexibility to mix and match the use of on-premise environments with cloud instances for development, test, and production environments. Visit to learn more and watch videos about Oracle Java Cloud Service. WebLogic Partner Community For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center. BlogTwitterLinkedInMixForumWiki Technorati Tags: java,cloud,oracle cloud,java cloud,WebLogic Community,Oracle,OPN,Jürgen Kress

    Read the article

  • Web/Cloud Based OS with Torrent Features and Free Storage?

    - by Kristina E
    Hi, I want a web-based OS with a torrent client and I want to link it to one of the many free cloud storage solutions. I think it would be really cool to be able to check and download torrents anywhere and not use my hardware or connection until I want to transfer the files down to my actual desktop (like burning a Linux ISO or to convert the file to a IFO format). Anywyas, I created accounts at 4Shared, EyeOS, GlideOS, ADrive and iCloud and am having no luck. There is an eyeTorrent app but I can't seem to get it configured and I can't log into my cloud storage from the cloud OS. Has anyone been able to pull this off and if so would you please explain how? Thanks, Kristina

    Read the article

  • ANNOUNCEMENT: Oracle VM 3 Templates Available for Oracle Secure Global Desktop 4.62

    - by Mohan Prabhala
    Today, we are proud to announce the general availability of Oracle VM 3 templates for Oracle Secure Global Desktop version 4.62.  With Oracle VM 3 templates, anyone using Oracle VM 3 need not download, install and configure the Operating System and product(s) individually. In this case, the supported operating system (Oracle Linux 5.7) and Oracle Secure Global Dekstop 4.62 product is packaged together into a template that one can easily import and clone as a VM into Oracle VM 3. This results in a nearly instant deployment and configuration of Oracle Secure Global Desktop within Oracle VM 3.  This means drastically reducing the evaluation and deployment time for Oracle Secure Global Desktop when leveraging Oracle VM 3. Feel free to give it a try! Login into the Oracle VM section at Oracle Software Delivery Cloud  (click on 'Cloud Portal (Main)' at the top-right) and: Under Oracle VM templates - x86 64-bit, look for Oracle VM 3 Template (OVF) for Oracle Secure Global Desktop Media Pack for x86_64 (64 bit) Oracle Secure Global Desktop 4.62 template for x86_64 (64 bit) with Oracle Linux 5.7 Under Oracle VM templates – x86 32 bit, look for Oracle VM 3 Template (OVF) for Oracle Secure Global Desktop Media Pack for x86 (32 bit) Oracle Secure Global Desktop 4.62 template for x86 (32 bit) with Oracle Linux 5.7 Download any of the above templates. Once you are done, you must First import the assembly (ova) file that you downloaded from Oracle Software Delivery Cloud Next, create a virtual machine template from the assembly And finally create a virtual machine from the template. Once the virtual machine is created and starts up, be sure to configure the networking parameters (hostname, IP address, netmask, gateway etc), and optional user parameters correctly. You must also enter a root password during first boot. And that's it - the Oracle Secure Global Desktop install script will pick up the networking parameters, prompt for confirmation and complete a default installation. Once the installation is complete, you may want to refer to the Oracle Secure Global Desktop Administration Guide to learn more about Oracle Secure Global Desktop and its capabilities.

    Read the article

  • Spring security request matcher is not working with regex

    - by Felipe Cardoso Martins
    Using Spring MVC + Security I have a business requirement that the users from SEC (Security team) has full access to the application and FRAUD (Anti-fraud team) has only access to the pages that URL not contains the words "block" or "update" with case insensitive. Bellow, all spring dependencies: $ mvn dependency:tree | grep spring [INFO] +- org.springframework:spring-webmvc:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-asm:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-beans:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-context:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-context-support:jar:3.1.2.RELEASE:compile [INFO] | \- org.springframework:spring-expression:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework:spring-core:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework:spring-web:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework.security:spring-security-core:jar:3.1.2.RELEASE:compile [INFO] | \- org.springframework:spring-aop:jar:3.0.7.RELEASE:compile [INFO] +- org.springframework.security:spring-security-web:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-jdbc:jar:3.0.7.RELEASE:compile [INFO] | \- org.springframework:spring-tx:jar:3.0.7.RELEASE:compile [INFO] +- org.springframework.security:spring-security-config:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework.security:spring-security-acl:jar:3.1.2.RELEASE:compile Bellow, some examples of mapped URL path from spring log: Mapped URL path [/index] onto handler 'homeController' Mapped URL path [/index.*] onto handler 'homeController' Mapped URL path [/index/] onto handler 'homeController' Mapped URL path [/cellphone/block] onto handler 'cellphoneController' Mapped URL path [/cellphone/block.*] onto handler 'cellphoneController' Mapped URL path [/cellphone/block/] onto handler 'cellphoneController' Mapped URL path [/cellphone/confirmBlock] onto handler 'cellphoneController' Mapped URL path [/cellphone/confirmBlock.*] onto handler 'cellphoneController' Mapped URL path [/cellphone/confirmBlock/] onto handler 'cellphoneController' Mapped URL path [/user/update] onto handler 'userController' Mapped URL path [/user/update.*] onto handler 'userController' Mapped URL path [/user/update/] onto handler 'userController' Mapped URL path [/user/index] onto handler 'userController' Mapped URL path [/user/index.*] onto handler 'userController' Mapped URL path [/user/index/] onto handler 'userController' Mapped URL path [/search] onto handler 'searchController' Mapped URL path [/search.*] onto handler 'searchController' Mapped URL path [/search/] onto handler 'searchController' Mapped URL path [/doSearch] onto handler 'searchController' Mapped URL path [/doSearch.*] onto handler 'searchController' Mapped URL path [/doSearch/] onto handler 'searchController' Bellow, a test of the regular expressions used in spring-security.xml (I'm not a regex speciality, improvements are welcome =]): import java.util.Arrays; import java.util.List; public class RegexTest { public static void main(String[] args) { List<String> pathSamples = Arrays.asList( "/index", "/index.*", "/index/", "/cellphone/block", "/cellphone/block.*", "/cellphone/block/", "/cellphone/confirmBlock", "/cellphone/confirmBlock.*", "/cellphone/confirmBlock/", "/user/update", "/user/update.*", "/user/update/", "/user/index", "/user/index.*", "/user/index/", "/search", "/search.*", "/search/", "/doSearch", "/doSearch.*", "/doSearch/"); for (String pathSample : pathSamples) { System.out.println("Path sample: " + pathSample + " - SEC: " + pathSample.matches("^.*$") + " | FRAUD: " + pathSample.matches("^(?!.*(?i)(block|update)).*$")); } } } Bellow, the console result of Java class above: Path sample: /index - SEC: true | FRAUD: true Path sample: /index.* - SEC: true | FRAUD: true Path sample: /index/ - SEC: true | FRAUD: true Path sample: /cellphone/block - SEC: true | FRAUD: false Path sample: /cellphone/block.* - SEC: true | FRAUD: false Path sample: /cellphone/block/ - SEC: true | FRAUD: false Path sample: /cellphone/confirmBlock - SEC: true | FRAUD: false Path sample: /cellphone/confirmBlock.* - SEC: true | FRAUD: false Path sample: /cellphone/confirmBlock/ - SEC: true | FRAUD: false Path sample: /user/update - SEC: true | FRAUD: false Path sample: /user/update.* - SEC: true | FRAUD: false Path sample: /user/update/ - SEC: true | FRAUD: false Path sample: /user/index - SEC: true | FRAUD: true Path sample: /user/index.* - SEC: true | FRAUD: true Path sample: /user/index/ - SEC: true | FRAUD: true Path sample: /search - SEC: true | FRAUD: true Path sample: /search.* - SEC: true | FRAUD: true Path sample: /search/ - SEC: true | FRAUD: true Path sample: /doSearch - SEC: true | FRAUD: true Path sample: /doSearch.* - SEC: true | FRAUD: true Path sample: /doSearch/ - SEC: true | FRAUD: true Tests Scenario 1 Bellow, the important part of spring-security.xml: <security:http entry-point-ref="entryPoint" request-matcher="regex"> <security:intercept-url pattern="^.*$" access="ROLE_SEC" /> <security:intercept-url pattern="^(?!.*(?i)(block|update)).*$" access="ROLE_FRAUD" /> <security:access-denied-handler error-page="/access-denied.html" /> <security:form-login always-use-default-target="false" login-processing-url="/doLogin.html" authentication-failure-handler-ref="authFailHandler" authentication-success-handler-ref="authSuccessHandler" /> <security:logout logout-url="/logout.html" success-handler-ref="logoutSuccessHandler" /> </security:http> Behaviour: FRAUD group **can't" access any page SEC group works fine Scenario 2 NOTE that I only changed the order of intercept-url in spring-security.xml bellow: <security:http entry-point-ref="entryPoint" request-matcher="regex"> <security:intercept-url pattern="^(?!.*(?i)(block|update)).*$" access="ROLE_FRAUD" /> <security:intercept-url pattern="^.*$" access="ROLE_SEC" /> <security:access-denied-handler error-page="/access-denied.html" /> <security:form-login always-use-default-target="false" login-processing-url="/doLogin.html" authentication-failure-handler-ref="authFailHandler" authentication-success-handler-ref="authSuccessHandler" /> <security:logout logout-url="/logout.html" success-handler-ref="logoutSuccessHandler" /> </security:http> Behaviour: SEC group **can't" access any page FRAUD group works fine Conclusion I did something wrong or spring-security have a bug. The problem already was solved in a very bad way, but I need to fix it quickly. Anyone knows some tricks to debug better it without open the frameworks code? Cheers, Felipe

    Read the article

  • Mixing secure & unsecure channels

    - by user305023
    I am unable to use an unsecure channel once a secure channel has already been registered. The code below works only if on the client side, the unsecured channel is registered before. Is it possible to mix secure and unsecure channels without any constraint on the registration order ? using System; using System.Collections; using System.Runtime.Remoting; using System.Runtime.Remoting.Channels; using System.Runtime.Remoting.Channels.Tcp; public class SampleObject : MarshalByRefObject { public DateTime GetTest() { return DateTime.Now; } } public class SampleObject2 : MarshalByRefObject { public DateTime GetTest2() { return DateTime.Now; } } static class ProgramClient { private static TcpClientChannel RegisterChannel(bool secure, string name, int priority) { IDictionary properties = new Hashtable(); properties.Add("secure", secure); properties.Add("name", name); properties.Add("priority", priority); var clientChannel = new TcpClientChannel(properties, null); ChannelServices.RegisterChannel(clientChannel, false); return clientChannel; } private static void Secure() { RegisterChannel(true, "clientSecure", 2); var testSecure = (SampleObject2)Activator.GetObject(typeof(SampleObject2), "tcp://127.0.0.1:8081/Secured.rem"); Console.WriteLine("secure: " + testSecure.GetTest2().ToLongTimeString()); } private static void Unsecure() { RegisterChannel(false, "clientUnsecure", 1); var test = (SampleObject)Activator.GetObject(typeof(SampleObject), "tcp://127.0.0.1:8080/Unsecured.rem"); Console.WriteLine("unsecure: " + test.GetTest().ToLongTimeString()); } internal static void MainClient() { Console.Write("Press Enter to start."); Console.ReadLine(); // Works only in this order Unsecure(); Secure(); Console.WriteLine("Press ENTER to end"); Console.ReadLine(); } } static class ProgramServer { private static TcpServerChannel RegisterChannel(int port, bool secure, string name) { IDictionary properties = new Hashtable(); properties.Add("port", port); properties.Add("secure", secure); properties.Add("name", name); //properties.Add("impersonate", false); var serverChannel = new TcpServerChannel(properties, null); ChannelServices.RegisterChannel(serverChannel, secure); return serverChannel; } private static void StartUnsecure() { RegisterChannel(8080, false, "unsecure"); RemotingConfiguration.RegisterWellKnownServiceType(typeof(SampleObject), "Unsecured.rem", WellKnownObjectMode.Singleton); } private static void StartSecure() { RegisterChannel(8081, true, "secure"); RemotingConfiguration.RegisterWellKnownServiceType(typeof(SampleObject2), "Secured.rem", WellKnownObjectMode.Singleton); } internal static void MainServer() { StartUnsecure(); StartSecure(); Console.WriteLine("Unsecure: 8080\n Secure: 8081"); Console.WriteLine("Press the enter key to exit..."); Console.ReadLine(); } } class Program { static void Main(string[] args) { if (args.Length == 1 && args[0] == "server") ProgramServer.MainServer(); else ProgramClient.MainClient(); } }

    Read the article

  • [.NET Remoting] Mixing secure & unsecure channels

    - by user305023
    I am unable to use an unsecure channel once a secure channel has already been registered. The code below works only if on the client side, the unsecured channel is registered before. Is it possible to mix secure and unsecure channels without any contraints on the registration order ? using System; using System.Collections; using System.Runtime.Remoting; using System.Runtime.Remoting.Channels; using System.Runtime.Remoting.Channels.Tcp; public class SampleObject : MarshalByRefObject { public DateTime GetTest() { return DateTime.Now; } } public class SampleObject2 : MarshalByRefObject { public DateTime GetTest2() { return DateTime.Now; } } static class ProgramClient { private static TcpClientChannel RegisterChannel(bool secure, string name, int priority) { IDictionary properties = new Hashtable(); properties.Add("secure", secure); properties.Add("name", name); properties.Add("priority", priority); var clientChannel = new TcpClientChannel(properties, null); ChannelServices.RegisterChannel(clientChannel, false); return clientChannel; } private static void Secure() { RegisterChannel(true, "clientSecure", 2); var testSecure = (SampleObject2)Activator.GetObject(typeof(SampleObject2), "tcp://127.0.0.1:8081/Secured.rem"); Console.WriteLine("secure: " + testSecure.GetTest2().ToLongTimeString()); } private static void Unsecure() { RegisterChannel(false, "clientUnsecure", 1); var test = (SampleObject)Activator.GetObject(typeof(SampleObject), "tcp://127.0.0.1:8080/Unsecured.rem"); Console.WriteLine("unsecure: " + test.GetTest().ToLongTimeString()); } internal static void MainClient() { Console.Write("Press Enter to start."); Console.ReadLine(); // Works only in this order Unsecure(); Secure(); Console.WriteLine("Press ENTER to end"); Console.ReadLine(); } } static class ProgramServer { private static TcpServerChannel RegisterChannel(int port, bool secure, string name) { IDictionary properties = new Hashtable(); properties.Add("port", port); properties.Add("secure", secure); properties.Add("name", name); //properties.Add("impersonate", false); var serverChannel = new TcpServerChannel(properties, null); ChannelServices.RegisterChannel(serverChannel, secure); return serverChannel; } private static void StartUnsecure() { RegisterChannel(8080, false, "unsecure"); RemotingConfiguration.RegisterWellKnownServiceType(typeof(SampleObject), "Unsecured.rem", WellKnownObjectMode.Singleton); } private static void StartSecure() { RegisterChannel(8081, true, "secure"); RemotingConfiguration.RegisterWellKnownServiceType(typeof(SampleObject2), "Secured.rem", WellKnownObjectMode.Singleton); } internal static void MainServer() { StartUnsecure(); StartSecure(); Console.WriteLine("Unsecure: 8080\n Secure: 8081"); Console.WriteLine("Press the enter key to exit..."); Console.ReadLine(); } } class Program { static void Main(string[] args) { if (args.Length == 1 && args[0] == "server") ProgramServer.MainServer(); else ProgramClient.MainClient(); } }

    Read the article

  • Tag Cloud JS + Flash. Actual Tags In Cloud Not Clickable?

    - by Alex
    Hello all, I've implemented a tag cloud on a site of mine, and I'm using a JS script to populate it, but for some reason, the actual text in the tag cloud is not clickable. It displays and works correctly, but the actual text of the cloud is not getting treated as a link for some odd reason. My question is: In my script below, do you see anything that I need to fix in order to make my tag cloud's text actually be links? The site I've implemented it on is a stackexhange site that I run, it is supposed to be a cloud of the "recent tags." CloudPopulator.js <script type="text/javascript"> var divRecentTags = document.getElementById("recent-tags"); if (divRecentTags) { var cloud = new SWFObject("some/swfObject/url", "tagcloudflash", "200", "200", "9", "#ffffff"); cloud.addParam("allowScriptAccess", "always"); cloud.addVariable("tcolor", "0x0a94d6"); cloud.addVariable("tcolor2", "0xC0C0C0"); cloud.addVariable("hicolor", "0x000000"); cloud.addVariable("tspeed", "150"); cloud.addVariable("distr", "true"); cloud.addVariable("mode", "tags"); var aTags = divRecentTags.getElementsByTagName("a"); var tagHtml = ""; for(var i = 0; i < aTags.length; i++) { var hrefText = aTags[i].getAttribute("href"); var cssText = aTags[i].className; var tagName = $(aTags[i]).text(); var styleText = "style=\'font-size: 8pt;\'"; if (cssText == "post-tag pop1") { var styleText = "style=\'font-size: 15pt;\'"; } else if (cssText == "post-tag pop2") { var styleText = "style=\'font-size: 22pt;\'"; } var newLinkText = "<a href=\'"+hrefText+"\'"+styleText+">"+tagName+"</a>"; tagHtml = tagHtml + newLinkText; } cloud.addVariable("tagcloud", escape("<tags>" + tagHtml + "</tags>")); cloud.write("recent-tags"); } </script>

    Read the article

  • Questions about Microsoft's new Cloud certification

    - by makerofthings7
    I'm evaluating taking the cloud certification exams from Microsoft, and have a few questions How highly do you think employers will value this exam? What job roles would require this cert? In your personal experience, how would this certification be weighed against other factors such as real world experience, other certifications, and having a Bachelors degree? If you mention that other certifications are more valued, which ones are they?

    Read the article

  • Oracle Enterprise Cloud Summit Egerszalókon

    - by Lajos Sárecz
    2011 március 30-án a HOUG konferencia keretében tartjuk az Oracle Enterprise Cloud Summit konferenciát. A konferencia programja a HOUG programjába illeszkedik, megtalálható a HOUG konferencia weboldalán. Igyekszünk teljes áttekintést adni arról, az Oracle milyen technológiákkal támogatja akár a publikus, akár a privát felhok kialakítását. Érdemes már most regisztrálni, a mai nap még kedvezményesen lehet megtenni. Azt gondolom, mind a konferencia helyszínét biztosító Saliris Resort Spa & Konferencia Hotel, mind a konferencia programja indokolja a részvételt, remélem sok olvasómmal találkozhatok ott személyesen is.

    Read the article

  • Developing a Support Plan for Cloud Applications

    - by BuckWoody
    Last week I blogged about developing a High-Availability plan. The specifics of a given plan aren't as simple as "Step 1, then Step 2" because in a hybrid environment (which most of us have) the situation changes the requirements. There are those that look for simple "template" solutions, but unless you settle on a single vendor and a single way of doing things, that's not really viable. The same holds true for support. As I've mentioned before, I'm not fond of the term "cloud", and would rather use the tem "Distributed Computing". That being said, more people understand the former, so I'll just use that for now. What I mean by Distributed Computing is leveraging another system or setup to perform all or some of a computing function. If this definition holds true, then you're essentially creating a partnership with a vendor to run some of your IT - whether that be IaaS, PaaS or SaaS, or more often, a mix. In your on-premises systems, you're the first and sometimes only line of support. That changes when you bring in a Cloud vendor. For Windows Azure, we have plans for support that you can pay for if you like. http://www.windowsazure.com/en-us/support/plans/ You're not off the hook entirely, however. You still need to create a plan to support your users in their applications, especially for the parts you control. The last thing they want to hear is "That's vendor X's problem - you'll have to call them." I find that this is often the last thing the architects think about in a solution. It's fine to put off the support question prior to deployment, but I would hold off on calling it "production" until you have that plan in place. There are lots of examples, like this one: http://www.va-interactive.com/inbusiness/editorial/sales/ibt/customer.html some of which are technology-specific. Once again, this is an "it depends" kind of approach. While it would be nice if there was just something in a box we could buy, it just doesn't work that way in a hybrid system. You have to know your options and apply them appropriately.

    Read the article

  • Developing a Support Plan for Cloud Applications

    - by BuckWoody
    Last week I blogged about developing a High-Availability plan. The specifics of a given plan aren't as simple as "Step 1, then Step 2" because in a hybrid environment (which most of us have) the situation changes the requirements. There are those that look for simple "template" solutions, but unless you settle on a single vendor and a single way of doing things, that's not really viable. The same holds true for support. As I've mentioned before, I'm not fond of the term "cloud", and would rather use the tem "Distributed Computing". That being said, more people understand the former, so I'll just use that for now. What I mean by Distributed Computing is leveraging another system or setup to perform all or some of a computing function. If this definition holds true, then you're essentially creating a partnership with a vendor to run some of your IT - whether that be IaaS, PaaS or SaaS, or more often, a mix. In your on-premises systems, you're the first and sometimes only line of support. That changes when you bring in a Cloud vendor. For Windows Azure, we have plans for support that you can pay for if you like. http://www.windowsazure.com/en-us/support/plans/ You're not off the hook entirely, however. You still need to create a plan to support your users in their applications, especially for the parts you control. The last thing they want to hear is "That's vendor X's problem - you'll have to call them." I find that this is often the last thing the architects think about in a solution. It's fine to put off the support question prior to deployment, but I would hold off on calling it "production" until you have that plan in place. There are lots of examples, like this one: http://www.va-interactive.com/inbusiness/editorial/sales/ibt/customer.html some of which are technology-specific. Once again, this is an "it depends" kind of approach. While it would be nice if there was just something in a box we could buy, it just doesn't work that way in a hybrid system. You have to know your options and apply them appropriately.

    Read the article

  • Cloud just for hosting big files?

    - by yes123
    I need a solution to store my big files (50MB+ each). Currently I am using an european dedicated server (100MBits) with 8000GB/motnh at 60USD. I would like to use a cloud service that autmatically fetches my files from my server the first time users request it (like a classic cdn) (So I can have all files stored within 1 server) I was looking at Amazon CloudFront and, to get the same bandwidth 8'000 GB/month, I have to pay like 2000 USD vs my 60 USD of my dedicated server. Is there a cheaper alternative?

    Read the article

  • CODESonCLOUD - Safe your Code on CLOUD

    - by user1277257
    A brand new system where you can keep your code snippets easily: CODES on CLOUD Now on, you can save your codes that you want to note down,which you encounter momently and you use frequently or the ones you say ‘ this may be useful’ on CODESonCLOUD, also, you can get through to your codes easily from anywhere you wish. Besides, you can share your codes with globally. Do not look for www.CODESonCLOUD.com

    Read the article

  • How can I secure an installation of MediaWiki?

    - by Thomas Owens
    I want to run an installation of MediaWiki as a Internet-accessible personal wiki, running on wiki.mysite.com. However, I want to ensure that I am the only one who can read and write to this wiki. In the future, I may explicitly give other people read and/or read/write access, so the method of securing the wiki should account for that as well. I see two options: I can use some MediaWiki plugin or I can secure the subdomain with HTTP authentication. However, I'm not sure what the advantages and disadvantages of either are in the long run. Suggestions or advice as to what plugins or authentication methods might be most reliable?

    Read the article

  • How to Secure a Data Role by Multiple Business Units

    - by Elie Wazen
    In this post we will see how a Role can be data secured by multiple Business Units (BUs).  Separate Data Roles are generally created for each BU if a corresponding data template generates roles on the basis of the BU dimension. The advantage of creating a policy with a rule that includes multiple BUs is that while mapping these roles in HCM Role Provisioning Rules, fewer number of entires need to be made. This could facilitate maintenance for enterprises with a large number of Business Units. Note: The example below applies as well if the securing entity is Inventory Organization. Let us take for example the case of a user provisioned with the "Accounts Payable Manager - Vision Operations" Data Role in Fusion Applications. This user will be able to access Invoices in Vision Operations but will not be able to see Invoices in Vision Germany. Figure 1. A User with a Data Role restricting them to Data from BU: Vision Operations With the role granted above, this is what the user will see when they attempt to select Business Units while searching for AP Invoices. Figure 2.The List Of Values of Business Units is limited to single one. This is the effect of the Data Role granted to that user as can be seen in Figure 1 In order to create a data role that secures by multiple BUs,  we need to start by creating a condition that groups those Business Units we want to include in that data role. This is accomplished by creating a new condition against the BU View .  That Condition will later be used to create a data policy for our newly created Role.  The BU View is a Database resource and  is accessed from APM as seen in the search below Figure 3.Viewing a Database Resource in APM The next step is create a new condition,  in which we define a sql predicate that includes 2 BUs ( The ids below refer to Vision Operations and Vision Germany).  At this point we have simply created a standalone condition.  We have not used this condition yet, and security is therefore not affected. Figure 4. Custom Role that inherits the Purchase Order Overview Duty We are now ready to create our Data Policy.  in APM, we search for our newly Created Role and Navigate to “Find Global Policies”.  we query the Role we want to secure and navigate to view its global policies. Figure 5. The Job Role we plan on securing We can see that the role was not defined with a Data Policy . So will create one that uses the condition we created earlier.   Figure 6. Creating a New Data Policy In the General Information tab, we have to specify the DB Resource that the Security Policy applies to:  In our case this is the BU View Figure 7. Data Policy Definition - Selection of the DB Resource we will secure by In the Rules Tab, we  make the rule applicable to multiple values of the DB Resource we selected in the previous tab.  This is where we associate the condition we created against the BU view to this data policy by entering the Condition name in the Condition field Figure 8. Data Policy Rule The last step of Defining the Data Policy, consists of  explicitly selecting  the Actions that are goverened by this Data Policy.  In this case for example we select the Actions displayed below in the right pane. Once the record is saved , we are ready to use our newly secured Data Role. Figure 9. Data Policy Actions We can now see a new Data Policy associated with our Role.  Figure 10. Role is now secured by a Data Policy We now Assign that new Role to the User.  Of course this does not have to be done in OIM and can be done using a Provisioning Rule in HCM. Figure 11. Role assigned to the User who previously was granted the Vision Ops secured role. Once that user accesses the Invoices Workarea this is what they see: In the image below the LOV of Business Unit returns the two values defined in our data policy namely: Vision Operations and Vision Germany Figure 12. The List Of Values of Business Units now includes the two we included in our data policy. This is the effect of the data role granted to that user as can be seen in Figure 11

    Read the article

  • Is SimplePHPBlog a secure blogging engine?

    - by authentictech
    Has anyone used the blog engine SimplePHPBlog? It is a simple blog engine that uses only text files (no database). My problem with it is that the content directory where the texts files are stored appears to require being world writeable/readable (i.e. permission 777) for it to work. This means anyone can access the text files with a browser! These text files include the blog/comment poster's IP and email address! This is not secure or good practice, right?

    Read the article

  • Spring Security - is Role and ACL security overkill?

    - by HDave
    I have a 3 tier application that requires security authorizations be placed on various domain objects. Whether I use Spring's ACL implementation or roll my own, it seems to me that ACL based security can only be used to authorize (service) methods and cannot be used to authorize URL or web service invocations. I think this because how could a web service call check the ACL before it has hydrated the XML payload? Also, all the examples for web access security in the Spring documentation are securing URL's based on Role. Is it typical to use Spring's roles to secure web presentation and web service calls, while at the same time using ACL's to secure the business methods? Is this overkill?

    Read the article

  • What is the best way to learn how to develop secure applications

    - by Kenneth
    I would like to get into computer security in my career. What are the best ways to learn how to program securely? It seems to me that besides textbooks and taking classes in the subject that perhaps learning how to "hack" would be one of the best ways to learn. My reason for thinking this is the thought that the best way to learn how to prevent someone from doing what you don't want them to is to learn what they're capable of doing. If this is the case, then this poses another question: How would you go about learning to hack in an ethical manner? I definitely don't want to break laws or cause harm in my quest. Thanks for the input!

    Read the article

  • Choosing between cloud (Cloudfoundry ) and virtual servers - for developers

    - by Mike Z
    I just came across some articles on how to setup your own cloud using Cloudfoundry and Ubuntu, this got me thinking, choosing our infrastructure, if we want to use our own servers what's the advantage of cloud on virtual servers vs just using virtual servers, VPN? If we now develop for the cloud later if we need help we can quickly move on to a cloud provider, but other than that what's the advantage and disadvantage of private cloud in these areas? speed of development, testing, deployment server management security having an extra layer (cloud) will that have a hit on server performance, how big? any other advantage/disadvantage?

    Read the article

  • Different settings for secure & non-secure versions of Django site using WSGI

    - by Jordan Reiter
    I have a Django website where some of the URLs need to be served over HTTPS and some over a normal connection. It's running on Apache and using WSGI. Here's the config: <VirtualHost example.org:80> ServerName example.org DocumentRoot /var/www/html/mysite WSGIDaemonProcess mysite WSGIProcessGroup mysite WSGIScriptAlias / /path/to/mysite/conferencemanager.wsgi </VirtualHost> <VirtualHost *:443> ServerName example.org DocumentRoot /var/www/html/mysite WSGIProcessGroup mysite SSLEngine on SSLCertificateFile /etc/httpd/certs/aace.org.crt SSLCertificateKeyFile /etc/httpd/certs/aace.org.key SSLCertificateChainFile /etc/httpd/certs/gd_bundle.crt WSGIScriptAlias / /path/to/mysite/conferencemanager_secure.wsgi </VirtualHost> When I restart the server, the first site that gets called -- https or http -- appears to select which WSGI script alias gets used. I just need a few settings to be different for the secure server, which is why I'm using a different WSGI script. Alternatively, it there's a way to change settings in the settings.py file based on whether the connection is secure or not, that would also work. Thanks

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >