- +
Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients? - +
Strategies for Dealing With IT Complexity 24/12/2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business. - +
What Price Innovation? 05/11/2007 13:44:31
CIOs say they want more than the traditional “your mess for less” relationship with their outsourcing providers. And the providers want to market themselves as partners in innovation. So why isn’t it happening?CIOs say they want more than the traditional "your mess for less" relationship with their outsourcing providers. And the providers want to market themselves as partners in innovation. So why isn't it happening?
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Enterprise Wireless WLAN Security
Solve Exchange Storage Problems Once and For All: A New Approach without Stubs or Links
Delivering the Power of Choice with Microsoft Dynamics CRM
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Improving Sales Productivity: An Opportunity for Sales and IT Leadership
Vendor Influence Curves And How You Can Get The Best Value Out Of Your Network
Email Archiving Technical Overview
CRM your salespeople will love
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Apparently there are issues with inexperienced developers, there are issues with the cross-site scripting, there are issues with Web services. Even Jesse James Garrett who founded the term AJAX said there are a lot of issues and we're going to have to almost patch them one by one. So how can people rely on AJAX if it's got all these security issues? I talked to one AJAXWorld attendee yesterday, and she said she wasn't using AJAX yet, but the one thing she knew was that it apparently had a lot of security concerns.
So there are security concerns. Actually, if you look at the security concerns you have when doing Web services, there actually was work done for Web services in the area of WS-Security. A lot of folks who are looking at this are looking at it for the first time. Well, the folks that actually have looked at service-oriented architecture said, "Well, if I'm actually going to start calling something, I want to, No. 1, ensure that I can call the resource, and then if I can call the resource that I'm actually entitled to, go deeper and actually access the data." The second piece of this is this cross-site scripting; this has been a known problem in the Web, and it's a server-side problem that people have been dealing with.
Now, the other issues that you start looking at in the area of mashups, again, this is -- you're absolutely correct. You have people that are writing JavaScript that don't really know how to write it, and if you create a mashup, you could end up with a serious problem. Now, if you look at the mashups that have been created up to this point, they've been done by very highly skilled and very knowledgeable Web programmers who know what they're doing. Now, one of the reasons why we founded OpenAjax was this exact problem was when Scott [Dietzen, CTO of Zimbra, who helped co-found OpenAjax,] and I looked at this problem in late 2005, we pretty much decided that the number of problems that would be confronting people, you'd probably find one in 40 developers actually having all of the right capabilities to actually write good AJAX and secure AJAX.
So what are you going to do?
The first thing we started doing is we're attacking the problem not one at a time, we're doing it in multiple fronts. The first thing was, How do we basically build AJAX, and how do we debug AJAX? And how do we see what's going from the client side of this to the server? And that's what IBM was working on, and Bob [Goodman, a senior programmer at IBM,] was doing with the AJAX Tooling Framework.
The second side of this is that we needed to get the knowledge out about what are the issues. You don't want to scare people away, but at the same token, you need to basically educate them. And this, again, was part of this whole side of what OpenAJAX was about. The third side of this is, How do you then look at it from an industry standpoint of coming out with the best practices? So this is a document that people [would] write to give to AJAX programmers. And then the fourth thing is to look for the technology side of it. How can we basically start securing the technology? And that work is under way right now. And [while] there are no great answers at this exact second, there's a very good understanding of the problem, and people are discussing what's the right way to do it.
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
F-Secure achieves excellent results in Internet security suite comparison 2008-10-10 14:37:00+10
M2M Connectivity announces the new Sierra Wireless MC8792V embedded module for 900 MHz 3G/HSPA networks 2008-10-10 08:51:00+10
Pitney Bowes MapInfo Launches New Version of AnySite 2008-10-10 05:58:00+10
IOGEAR Gears Up in Australia 2008-10-09 20:18:00+10
Internet Service Providers offer new unlimited Online Backup from F-Secure 2008-10-09 19:42:00+10
Email Archiving Implementation: Five Costly Mistakes to Avoid
Email Archiving is essential for managing email data, but is potentially expensive to implement. Read on to discover the five key areas where email archiving costs can be contained, including data capture methods and default configuration methods.
