NERCOMP: Identity Management SIG

September 27, 2005 | 32 Comments

Yesterday we attended the NERCOMP Identity Management Workshop at the College of the Holy Cross.

Steve Carmody of Brown University explained an ideal infrastructure including a reminder for me to review “Identifiers, Authentication, and Directories: Best Practices for Higher Education” by Internet2. Carmody had a lot of great things to say, giving a solid overall update of how Internet2 and MACE are coming along with Shibboleth, Grouper, Signet, and various other initiatives. He also pointed me at Sun’s XACML Implementation which is very interesting.

Christopher Misra of UMass Amherst and Robert Banz of UMBC both presented on their current IdM initiatives. They both seem to have established IdM infratructures which need one enhancement or another.

In the final time slot was a general group discussion. I took this opportunity to ask how schools are establishing and maintaining credentials remotely. No one had an answer that was ideal, I suggested our current proposal and no one seemed to have any criticisms. One person suggested that maybe we don’t need to have as secure a system as we’re proposing to merely secure someone’s email. My reply to this was in a federated world with connections to the federal PKI bridge, InCommon services, and more, we are securing far more than email. It is our responsibility to have as high a level of assurance as possible.

identity, identity management, internet2, authorization, authentication, shibboleth, shib, MACE, grouper, xacml, signet, NERCOMP, higher education, credentials, password, passwords

Tags: , , , , , , , , , , , , , , ,

Related:

Posted by zbtirrell | Filed Under Technology Bits 

Authentication Definition

September 26, 2005 | 4 Comments

According to Internet2, authentication or AuthN is defined as:

Authentication is the process of establishing whether or not a real-world subject is who or what its identifier says it is. Identity can be proven by:

- Something you know, like a password
- Something you have, as with smartcards, challenge-response mechanisms, or public-key certificates
- Something you are, as with positive photo identification, fingerprints, and biometrics

Once again, this is a nice concise definition. It’s good to have these clearly defined to eliminate any confusion or debate when discussing, similar to what I did with my “Single Sign-On Definition” post.

identity management, authentication, authenticate, internet2, middleware, definition, authentication , authN, fingerprints, password, passwords, biometrics, smartcards, challenge-response

Tags: , , , , , , , , , , , ,

Related:

Posted by zbtirrell | Filed Under Technology Bits 

Tirrell Family Crest and Coat of Arms

September 24, 2005 | 1 Comment

Ever since visiting the Family History Library I started doing a bit more research about my family again. One of the interesting things I’ve turned up are all the following renditions of Tirrell Family crests and coats of arms.

http://www.araltas.com/features/tyrrell/
http://www.5dollarcoatsofarms.com/gallery/T/pages/image140.html

http://www.terrellproject.com/
http://www.terrellproject.com/al/id8.html

http://www.mkheritage.co.uk/wdahs/Thornton/docs/tyrellarms.html
http://www.houseofnames.com/xq/asp.fc/qx/tirrell-family-crest.htm

family, tirrell, coat of arms, crest

Tags: , , ,

Related:

Posted by zbtirrell | Filed Under My Stuff 

Shelby GT 500E

September 23, 2005 | 9 Comments


In 2003 after the popularity of Gone in 60 Seconds and the staring role of Eleanor, Carroll Shelby and Unique Performance got together to produce a limited number of GT 500Es. These are modernized recreated hybrids of classic greatness and modern technology. They start as 1967 Mustangs and the engine, interior, and suspension are all replaced with modern parts.

I want one bad, but with a base price of $119,000 I’m probably out of luck.

They’ve also done a sweet limited edition Ford “Stallion” based off the current generation of Mustang. These are also extremely cool and with a base price of $38,000. More reasonable, but still a bit out of my range.

1967, 1967 mustang, car, Carroll Shelby, cars, Ford Mustang, Ford Stallion, gt, gt500, gt500e, high performance, muscle car, Mustang, Shelby, Stallion

Tags: , , , , , , , , , , , , , ,

Related:

Posted by zbtirrell | Filed Under My Stuff, Newsy Goodness 

NY Times Steps Back 5 Years

September 20, 2005 | 15 Comments

You have to wonder what the guys at NY Times are thinking. They just announced a new service called TimesSelect. One of the things being made only available to TimeSelect subscribers is “daily columns from influential Op-Ed writers” according to the site. NY Times can not be blind to the Google Economy or to the rise of blogs. Increasingly bloggers who have their fingers on the pulse of politics, current events, and public interest stories are becoming the resource for people to get opinion pieces. So why would NY Times decide to launch a service that puts their colunists behind a pay service? Either they’re going bankrupt or there is a hidden agenda I’m not seeing. They have to be making plenty off their ad revenue on the site…

I’m planning on keeping an eye on their Alexa rank after they put this in place. I bet within a few months a significnat decline in traffic becomes apparent.

In a lot of ways I think this is sad, NY Times is fairly well known for its left slant which I’m not exactly opposed to…

timeselect, New York, NYTimes, NY Times, The New York Times, onlne newspaper, newpaper, blogging, blog, blogs, alexa, traffic, traffic rank, advertising

Tags: , , , , , , , , , , , , , ,

Related:

Posted by zbtirrell | Filed Under My Stuff, Newsy Goodness, Technology Bits 

Tri-Wizard Tournament is Coming

September 20, 2005 | 2 Comments

I just saw the new trailer for Harry Potter and the Goblet of Fire. I am definitely looking forward to November. The initial teaser trailer was good, but I really wanted to see Mad Eye Moody. The new trailer features him prominently in multiple clips and he assuredly fits the part. My only concern is that a few of the effects looked much like effects and not seemless. Overall, it does appear there will be a ton more magic and action in this movie. Not a huge surprise since there is so much action in the book, which would have likely had a ton cut. Being Hollywood, I think they’ll keep a lot of the action sequences and end up cutting plot points, but I suppose wanting the plot points is why I read the book…

Go check out the new trailer, I’m excited, you should be too.
Hollywood, Harry Potter, Goblet of Fire, movie, movies, trailer, preview, teaser trailer, Mad Eye Moody

Tags: , , , , , , , ,

Related:

Posted by zbtirrell | Filed Under Fun Whatnot, My Stuff 

PHP strtotime Limitation

September 20, 2005 | 5 Comments

I have been relying very heavily on strtotime() in PHP in just about everything I write. For those not entirely familiar with this function, strtotime() will "parse about any English textual datetime description into a Unix timestamp." The ones I get most excited about are the MySQL date format: 2005-10-21 or the more common us representation of 3/22/05. Another great use is to put stuff in like "-3 days" or "yesterday".

Why create Unix timestamps you may wonder? Well, there are all kinds of things that happily take timestamps and do fun things with them. My favorite example is the date() function. The first parameter to date is the format you want results in, the second is optionally a Unix timestamp. A call to date like date('m/d/Y'); will generate a reasonably nice US representation of today's date. However, if you did date('m/d/Y',strtotime('3 weeks ago')); you can get the nice readable format provided by date, but for some arbitrary date you are deciding upon with strtotime. Also, knowing strtotime happily accepts the MySQL date format, when you get data back from a table and want to display it to the end user nicely, the same chaining example I just did works again: date('m/d/Y',strtotime($row['date_field']));. For a complete list of the available date formats, visit PHP.net.

Ok, so the title of this makes reference to a limitation... on to that. On some operating systems when running PHP versions < 5.1, a date like 1956-07-11 makes strtotime return -1, which is an error. Unix timestamps start at the epoch, which is January 1, 1970 (1970-01-01). A '-1' passed along to the date function will get you back December 31, 1969 (at 23:59:59) because you are saying 1 second before midnight of the Unix Epoch. (Note: you may also see the date of 1969-12-31 in a case where you have an empty MySQL date of 0000-00-00, which is very common). This is hugely frustrating, but thankfully is resolved in 5.1.

In the meantime, Ed Lecky-Thompson wrote a very useful safestrtotime() function and shared it on PHP.net. I'm reproducing it here for my convenience, altered to match the code formatting I prefer.

PLAIN TEXT
PHP:
  1. <?php
  2.  
  3. function safestrtotime($strInput)
  4. {
  5.     $iVal = -1;
  6.     for ($i=1900; $i<=1969; $i++)
  7.     {
  8.         // Check for this year string in date
  9.         $strYear = (string)$i;
  10.         if (!(strpos($strInput, $strYear)===false))
  11.         {
  12.             $replYear = $strYear;
  13.             $yearSkew = 1970 - $i;
  14.             $strInput = str_replace($strYear, '1970', $strInput);
  15.         }
  16.     }
  17.     $iVal = strtotime($strInput);
  18.     if ($yearSkew> 0)
  19.     {
  20.         $numSecs = (60 * 60 * 24 * 365 * $yearSkew);
  21.         $iVal = $iVal - $numSecs;
  22.         $numLeapYears = 0// determine number of leap years in period
  23.         for ($j=$replYear; $j<=1969; $j++)
  24.         {
  25.             $thisYear = $j;
  26.             $isLeapYear = false;
  27.             // Is div by 4?
  28.             if (($thisYear % 4) == 0)
  29.             {
  30.                 $isLeapYear = true;
  31.             }
  32.             // Is div by 100?
  33.             if (($thisYear % 100) == 0)
  34.             {
  35.                 $isLeapYear = false;
  36.             }
  37.             // Is div by 1000?
  38.             if (($thisYear % 1000) == 0)
  39.             {
  40.                 $isLeapYear = true;
  41.             }
  42.             if ($isLeapYear == true)
  43.             {
  44.                 $numLeapYears++;
  45.             }
  46.         }
  47.         $iVal = $iVal - (60 * 60 * 24 * $numLeapYears);
  48.     }
  49.     return $iVal;
  50. }
  51. ?>

1970-01-01, date format, datetime, ed lecky-thompson, epoch, function, mysql, operating systems, php.net, timestamp, timestamps, unix epoch, unix timestamp

Tags: , , , , , , , , , , , ,

Related:

Posted by zbtirrell | Filed Under Technology Bits 

Next Page »