|
備忘録
|
Web検索 |
security.itworld.com - Google smacks down Santy worm
IDG News Service 12/23/04
Paul Roberts, IDG News Service, Boston Bureau
Web search engine company Google Inc. is blocking efforts by a new Internet worm to use its search engine to find vulnerable computers on the Internet, the company announced late Tuesday.
Sonicが、RFID Acceleratorなるものを出したのですね。
http://www.sonicsoftware.co.jp/news/2004/1027.html
ObjectStoreベースのインメモリDBを使って、RFIDデータの処理が高速にできる、という触れ込みのようです。
Transactと同じような感じですが、競合になるのか?
リアルタイムなRFIDアプリケーション開発をサポートする「ObjectStore RFID Accelerator」を発表
Sonicが、RFID Acceleratorなるものを出したのですね。
http://www.sonicsoftware.co.jp/news/2004/1027.html
ObjectStoreベースのインメモリDBを使って、RFIDデータの処理が高速にできる、という触れ込みのようです。
Transactと同じような感じですが、競合になるのか?
リアルタイムなRFIDアプリケーション開発をサポートする「ObjectStore RFID Accelerator」を発表
記事自体はTCGとTPM概要の説明、と言った所ですが。
この中に、Trusted Network Connectというサブ・グループがTCGの中にある、といった記述がありました。
この組織はTPMを使ったネットワーク・セキュリティの規格を作ろうとしているようで。
調べてみたらExtremeやJuniperも入っていました。
TNCプレスリリースの中に書いてあるメンバー:
Extreme Networks, Foundry Networks, Funk Software, InfoExpress, iPass, Juniper
Networks, Meetinghouse Data Communications, Network Associates, Sygate,
Symantec, Trend Micro and Zone Labs Join HP, Intel, Verisign and other TCG
Members
Microsoftの名前が出てきていませんが、先日話題になった
NAPにも関連しそうな感じ
Trusted chip assures endpoint integrity
Network World, 12/13/04
Today, network connection requests by clients typically are granted or denied based on a client's ability to prove some or all of his credentials, including passwords, machine certificates and user certificates. But this approach to security ignores the possibility that the client platform contains malicious code such as viruses, Trojans or malware that can spread through the client's network.
インテルによるTCGへの取り組み
TCG (Trusted Computing Group) を通じてPC のセキュリティ向上を目指すインテル By Robert Meinschein
CiscoもXMLアクセラレーションを含むアプリケーションレベルのネットワーキングについて語るようになりました。
Ciscoがサービス仮想化をにらんだソフトウェア強化を行う、と話したそうですが。
http://www.nwfusion.com/news/2004/121304ciscoenterprise.html
背景としてルーティング技術の部分では差別化ができなくなってきたことを挙げた上で、
・プロトコル・オフロードやRDMA等による機能強化を行う
・XMLやMQ等のアプリケーション・ルーティングを目標 とする
・XMLやWebサービスの標準化に後押しされているが、これらの動きは一般に考えられているより速い
(革新と成長がnext few yearsのうちに期待できる分野)
といった方針が述べられています。
更にこれらの分野でCiscoの先を行っている会社として、
・protocol terminationやRDMA関連でRedline, NetScaler, Crescendo
・XMLトラフィックの高速処理やセキュリティで DataPowerとSarvega
が挙げられています。
記事の結びは、Ciscoが自分の縄張りを越えてIBMの領域に踏み込む時点で障害が出てくるだろう、としています。
来年は(少なくともUSでは)、L4-7或いはもっと上のアプリケーション・レベルのネットワーク処理がますます賑やかになりそうです。
Cisco eyes larger data center, IT services roles
Cisco CTO Charlie Giancarlo and other technologists outlined methods Cisco is exploring to create virtualized services - among them, virtualized security, protocol termination and offload on switches, and Remote Direct Memory Access (RDMA) capabilities on server-to-switch links.
...
Other observers say the technology approaches that Cisco is proposing are not so new. Upstart vendors such as Redline Networks, Netscaler and Crescendo Networks - makers of so-called application front-end devices - have had switches and appliances on the market for more than a year that streamline data center networks with protocol-termination RDMA technology.
Other such start-ups as Sarvega and DataPower are also ahead of Cisco with routers and appliances that speed up and secures XML-based traffic.
ブレード・サーバもスタートアップの時代は終わり。
RLXがハードウェア開発を中止。
RLX Technologies drops blade server hardware to focus on software
Computerworld, 12/23/04
Faced with intense competition from IBM, Dell Inc., Hewlett-Packard Co. and others, blade server vendor RLX Technologies Inc. is dropping its hardware lineup and will focus on developing and marketing its RLX Control Tower 6G blade server management software suite.
W3Cの「Technical Report」の中に、Shift-JISをCESとして扱う、と書いてある。
XML Japanese Profile
This technical report and [XML] treat Shift-JIS, an ordinary Japanese charset in Japan, as a CES that represents Japanese characters and [US-ASCII] characters in [ISO/IEC10646] or [Unicode 3.0]. For full interoperability in the Internet, migration from Shift-JIS to UTF-8/UTF-16 is highly recommended.
日本工業規格 JIS X 4159:2002
拡張可能なマーク付け言語 (XML)
HSX6000 L2.5 Aggregation Switch というものを開発中。
ドライ・マティーニ技術とPseudowire(仮想ワイヤ)技術で、MPLSだけでなくSONETやATMといったインフラの上でトラフィック・タイプやQoSを定義するIDラベルを使った
管理を行う。
(すみません、よく判りません)
$43Mを集め、Q1-05に製品出荷予定。
Switch start-up enhances aggregation
Switch start-up enhances aggregation
Hammerhead seeks to meld benefits of Layer 2/3 technologies.
By Jim Duffy
Network World, 12/20/04
Hammerhead Systems last week enhanced its multiservice switch with software the company says will improve a customers' ability to aggregate Layer 2 services, such as Ethernet, as they migrate to Multi-protocol Label Switching.
Advertisement:
Hammerhead's Layer 2.5 Aggregation Switch software for its HSX 6000 uses the pseudowire and Dry Martini techniques to merge Layer 2 operations and interworking methods with Layer 3 application awareness, the company says.
VIEWGATE MOBIRIO 19,000がよさそう
RouteOneがInfoWorld 100に選出、Web services credit check service として。
RouteOne Named to the InfoWorld 100 for Web Service Credit Application Management System Secured by DataPower's XML-Aware Networking Devices
Dec. 13, 2004--
SAMLによってパートナー間SSOを実現。
Federated ID facilitates Web services
Xiong is product marketing manager for DataPower. She can be reached at rxiong@ datapower.com.
RosettaNetが電子署名をサポート、Identrusと連携。
→ 製造業でIdentrusが使われる可能性があるか?
SAN JOSE, Calif.--(BUSINESS WIRE)--Dec. 14, 2004--RosettaNet, the technology industry's leading e-business standards consortium, announced today the availability of RosettaNet digital certificates to help members streamline the digital certificate purchase, implementation, and maintenance processes. Partnering with Identrus(TM), a global provider of trusted identity solutions, RosettaNet offers a single, secure, trusted source for 128-bit, X.509 certificates for security implementations across all e-business applications and messaging standards.
Networking info: Ciscoがサーバ仮想化へ、TCP Offload, RDMA
CiscoもXMLアクセラレーションを含むアプリケーションレベルのネットワーキングについて語るようになりました。
Ciscoがサービス仮想化をにらんだソフトウェア強化を行う、と話したそうですが。
http://www.nwfusion.com/news/2004/121304ciscoenterprise.html
背景としてルーティング技術の部分では差別化ができなくなってきたことを挙げた上で、
・プロトコル・オフロードやRDMA等による機能強化を行う
・XMLやMQ等のアプリケーション・ルーティングを目標 とする
・XMLやWebサービスの標準化に後押しされているが、これらの動きは一般に考えられているより速い
(革新と成長がnext few yearsのうちに期待できる分野)
といった方針が述べられています。
更にこれらの分野でCiscoの先を行っている会社として、
・protocol terminationやRDMA関連でRedline, NetScaler, Crescendo
・XMLトラフィックの高速処理やセキュリティで DataPowerとSarvega
が挙げられています。
記事の結びは、Ciscoが自分の縄張りを越えてIBMの領域に踏み込む時点で障害が出てくるだろう、としています。
来年は(少なくともUSでは)、L4-7或いはもっと上のアプリケーション・レベルのネットワーク処理がますます賑やかになりそうです。
OracleがOracle Application Server 10g Release 2を発表。
WS関連でUDDIやWS-I BPのサポート。
Reliable Messagingもサポート…OASISじゃ無いほうという事。
Oracle readies major app server upgrade
December 13, 2004—Oracle has introduced Oracle Application Server 10g Release 2, which is being characterized as a significant upgrade, with improvements in Java, Web services, and identity management and the addition of RFID backing.
...
Featured in Release 2 is support for the J2EE 1.4 specification, including enhanced, reliable messaging via Java Message Service and Web services improvements. J2EE 1.4 provides APIs for building Web services in Java, such as JAX RPC (Java API for XML-based Remote Procedure Call). The Web Services Interoperability Organization (WS-I) Basic Profile is also supported, as is interoperability with .Net applications.
A SOAP stack and the UDDI (Universal Description, Discovery, and Integration) Web services registry are featured. A Web services management gateway in Release 2, meanwhile, provides a centralized point to log, trace, and enforce policies across Oracle's and other vendors' application servers. Also featured for Web services functionality is support of the Web Services Reliable Messaging specification.
To boost deployment in compute grids, the application server features distributed configuration management. An improved transaction manager in Release 2 provides for two-phase commit, according to Kurian.
CiscoのCTO Charlie Giancarlo がXMLやMQを含むメッセージ・ベースのルーティングを指向する、と発言。
Worldwide Analyst Conferenceにて。
Cisco eyes larger data center, IT services roles
Cisco eyes larger data center, IT services roles
By Phil Hochmuth
Network World, 12/13/04
"Today we do packet-level routing," Giancarlo said. "Where we really see ourselves going is towards full message based routing things like XML messages or MQ messages."
This could include products that accelerate XML-based traffic, or secure it through filtering and deep-packet inspection. "All this will be fueled by standardizations taking place in the messaging community around XML and other Web services standards. This is much closer than many people believe," he said.
10 from IBM -- PPC x-compiling, JXTA, BIND, XAMPP, RELAX NG . . .
Dec. 03, 2004
IBM has published the following technical articles, tutorials, and downloads on its developerWorks Website. They cover a range of interesting (though not necessarily embedded) technical topics. Some require free registration. Enjoy . . .
Build a GNU cross compiler for PowerPC -- Learn how to build a GNU cross compiler for PowerPC code development by downloading the PowerPC 750GX/FX evaluation kit. The source code illustrates how to initialize and utilize various features of the processor--memory management unit, interrupts, and debugging features. The board schematics provide an example of how to connect the processor to a system controller (bridge) chip and other components in the system.
Using JXTA for Wireless Messaging -- Learn how to use JXTA technology to integrate thin Java 2 Platform, Micro Edition (J2ME) clients into enterprise-scale messaging applications by developing a set of classes that let you integrate J2ME clients into JMS (Java Message Service) applications running on Java 2 Platform, Enterprise Edition (J2EE) servers.
What is your system Name and Address right now? -- IBM has written a time saving BASH script that can change the system name and network address of Linux systems. This configurator was created for IBM administrators and other internal use, but has now been released for download.
Secure Web services with the GSI API -- Get an introduction to security concepts -- credentials, proxy, authentication, and delegation. Then learn how to add basic message-level security to Web services and clients using the Globus Security Infrastructure API.
Build a DNS server with ISC BIND -- This tutorial from dW shows you how to leverage Linux to get the most from your network. Specifically, it describes how to set up DNS with Internet Systems Consortium (ISC) BIND. Sample code and configuration files are provided throughout to aid understanding.
Install XAMPP for easy, integrated development -- Open source stacks such as XAMPP from Apache Friends are simplifying open source development by making it easier to write and distribute applications in a stable and standardized environment. Traditionally, AMPP -- Apache, MySQL, PHP, and Perl -- have all been installed and configured as separate products. The trend of combining them into integrated middleware stacks promises to make open source development more competitive with J2EE application development, at least for low-end applications.
RELAX NG with custom datatype libraries -- RELAX NG can do almost everything the W3C XML Schema language can do, including verifying constraints on text content and attribute values specified with the W3C XML Schema simple types. However, some constraints still can't be stated in anything less than a Turing-complete language, and RELAX NG is not such a language. Fortunately, you can extend RELAX NG dynamically with custom validation code ・written in the Java.
PowerPC atomic instruction prevents code meltdown -- Something as simple as incrementing an integer can fail in a concurrent environment. This article illustrates the failure scenario and introduces the PowerPC's coping mechanism: atomic instructions. Learn how to close the Window of Death with these assembly-level instructions to update memory correctly, even in the face of concurrency.
High-performance SQL for Linux -- Its a SQL tour through the DB2 TPC-C benchmark implementation. This article introduces advanced SQL features which are being used in IBM DB2 Universal Database for Linux, UNIX TPC-C benchmarks. Find out how to use efficient SQL query plans, which in turn will mean that the only codepath that is necessary will be executed.
Analytics Acceleration Grid Environment, Part 3 -- In part three of this three-part series, the authors offer a real-world implementation example of how the Analytics Acceleration Grid Environment (AAGE) can be used to deliver a virtual system environment that supports a wide range of application requirements, and makes the best, most efficient use of computing resources and data regardless of where or in what format they reside.
NC誌によるBIG-IP v9の評価記事。
プラットフォームが新しくなったことは評価できるが、圧縮、キャッシングなどの機能で新興ベンダーからの競合圧力が強い、との内容。
The BIG-IP Overhaul
Art Wittmann, 2-Dec-2004
On the Side
Right Now
Inside the hardware
On September 9th, F5 Networks announced a sweeping overhaul of its BIG-IP product line, complete with an OS rewrite, a new ASIC design, and new applications.
Web Services Journalの記事。アプリケーションレベルのセキュリティについて包括的に書いてある。
AnexinetというSIでSOA Principal Architectをしている人。
適用ポイントとしてはDataPowerが一番、という評価。
「私の意見では、DataPower XS40が最高の製品だ。この機器は信じられないくらい速く、しかも信じられないくらい柔軟性がある。全ての処理をPKI関係の管理からポリシー設定や適用まで含めて処理していく事も、またシステムの中の特定の処理だけを優先させるような事も、うまくこなしてくれる。そして驚くほど速い。スキーマ検証やポリシー適用や暗号処理をいくら重ねてやらせても、この機械をワイアスピード以下にスローダウンさせる事は難しい。小さな国の経済活動丸ごとくらいのトランザクションを処理できるのだ。たった一台でもそれほどのパワーがあり、クラスタ化した場合は天井知らずとなる。
最もありがたく思うのは、メッセージ・レベルのセキュリティとXML攻撃に対する防御、そしてログ保存とポリシー適用を一箇所でできてしかも性能面でまったく悩む必要が無いということだ。」
この他にWebサービス管理基盤としてBlue Titan Network Director、IDの統一管理でRSA Federated Identity Managerが推奨されている。
Solve Your Application Security Issues
The advantage of building app security into infrastructure
December 2, 2004
Luckily, there are some very good tools in this space already, which makes this task bearable. In fact, without these tools it wouldn't be possible at this time to implement the premise of this article. Central among the tools we leverage is the XML security gateway, otherwise known as an XML firewall. There are many of these tools on the market now, mostly from startups, and they are ready for prime time. The best of them do everything from content routing to XML acceleration, but most importantly security policy enforcement. They also offer configurable logging. And the ability to log access decisions and request content is very powerful, as we will see in our use case.
The best of breed, in my opinion, is the XS40 from DataPower. This device is incredibly fast and incredibly flexible at the same time. It is equally adept at running the entire show with everything from PKI management to policy setup and enforcement as it is at deferring everything but the actual enforcement to other systems in your enterprise. And it screams. It is hard to stack enough validation, enforcement, and cryptography functions on it to slow it down below wire speed...at transaction throughputs that would run the economy of a small country. And that's just one box. Load up a cluster of them and the sky's the limit. The main take-away for our purposes is that we will do our message-level security functions, XML attack countermeasures, logging, and our policy enforcement all at the same time and not worry for a second about performance.
