The IEEE Computer Security Foundations Conference

The 20th IEEE Computer Security Foundations conference is underway in Venice at the moment, and our friends from Microsoft Research in Cambridge (Moritz Y. Becker, Cedric Fournet and Andrew D. Gordon) presented the first paper of the conference – based on their formal design for SecPAL. The paper “Design and Semantics of a Decentralized Authorization Language”…


Access Control Requirements for Grid Computing Environments

One question I hear a lot is “How does SecPAL compare with [InsertRandomSecurityTechnologyAcronymHere]?”. Well the good news is that Marty Humphrey, Sang-Min Park, Jun Feng, Norm Beekwilder and Glenn Wasson from the Department of Computer Science at the University of Virginia have been studying just this question using real requirements from their grid network as the…

5

IEEE Special on Software Patterns

I remember reading an article by Grady Booch a couple of years ago (I can’t find it now) where he acknowledged that object oriented programming had not delivered many of the promises around object reuse that people had expected, however one of the unexpected benefits to object oriented programming (in addition to the obvious benefits…


SecPAL Query Editor Now Available

A couple of people have remarked to us that they like the flexibility that SecPAL provides, but feel that it is difficult for people to get to grips with the API’s when they first start evaluating SecPAL. For this reason Lonnie Wall (a consultant from RDA Corp) has just released some sample C# source code…

4

Writing SecPAL Assertions In F# – Contd

In my earlier post I showed how SecPAL could be used to grant access to a particular user based on a token issued by an STS that we explicitly established a trust relationship with using the SecPAL “canSay” predicate. Now I am going to show you something that I think is really cool – and something…


Writing SecPAL assertions in F#

I figured I would try to learn F# over this summer – and thought what better way to start than create a couple of SecPAL samples in F#. I thought this might help people that are interested in learning more about F#, or potentially F# users that are interested in learning more about how SecPAL…

3

SecPAL v1.1 Now Available

Just a quick note to let everyone know that we have just released a minor update to our SecPAL library. In addition to a couple of minor bug fixes there are two features which I think you are really going to like. The first is an update to our grammar – making it much clearer…

2

Extending Visual Studio – Made Easy

One thing that always amazes me as I talk to scientists and researchers at shows like the recent Open Grid Forum or the last Super Computing conference is the extent to which they have managed to extend Eclipse to provide intuitive interfaces to their work. Up until very recently similar extensions for Visual Studio has…


SaaS Architect Forum – "A security policy language to support grid on demand"

I was asked to present an overview of SecPAL at an Architect Forum focusing on Software + Service in the UK this week. I have posted the presentation entitled “A security policy langauge to support grid on demand” to the releases section on our CodePlex workspace. See SecPAL Presentation for SaaS Conference. There were some…


SecPAL In The News

In my last post I promised to walk through a demonstration of SecPAL using a scenario that is challenging to implement using current technologies – but simple to implement using SecPAL. As timing would have it, rather than walking through the scenario in this blog, I can instead point you to an article that was posted…