Monthly Archives: January 2009

Security Guidance for "Sun Certified Enterprise Architect" for Java EE5 exam

Not a shameless promotion – I came to know from multiple feedback and praises from the people who took the Sun Certified Enterprise Architect exam.  Core Security patterns is overwhelmingly suggested as a reference text for “Section 8 – Security” of Sun Certified Enterprise Architect for Java EE5 exam.  Section 8: Security Explain the client-side security model for the Java SE environment,… Read more »

Massachusetts 201 CMR 17.00 imposes "Protection of Personal Identity Information".

A month ago, I had a chance to meet with John Beveridge (Deputy State Auditor at Office of the State Auditor of Massachusetts) at an ISACA event in Boston. During a casual chat, he briefly mentioned about the upcoming regulation highlighting “Mass 201 CMR 17.00 – Massachusetts Standards for Data Protection of Personal Information”  and it’s compelling security requirements ! … Read more »

Provisioning/De-Provisioning Biometric credentials and Convergence of Physical/Logical Access Control Systems

It’s been a while, I had been hearing a lot of talk about unified biometric credentials and using then for convergence of physical and logical access control systems – Like me, you might’ve heard a lot of high-level marketing or analyst’s stuff … so here is some realities from my hands-on experience ! Frankly, there is no magic silver bullet… Read more »

Stronger Authentication with Biometric SSO (Using OpenSSO and BiObex).

I had been involved with multiple Biometric ISV providers and its integration with Sun technologies particularly OpenSSO, IdM, Sun Rays and Solaris. I also had the opportunity to deploy Biometric solutions to few govt organizations that starts with “D” and “N”. Believe it or not…we have few of them in production. Now, getting down to the specifics – Putting it… Read more »