August 7, 2016

No case studies on ABAC?

Don’t get me wrong, everyone needs at least RBAC, but it has limitations and doesn’t work well with instance data in the authorization expression.  […]

August 5, 2016

We Can Stop Looking For That Panacea Now

It seems every year there’s a new protocol for handling security.  I was first sucked down into this black hole in the ’90’s.  Few standards […]

August 5, 2016

Ahem, it’s called Role-Based Access Control

Of late, on a quest, to educate the info sec community, the definition of RBAC.  Not the first time.  A couple years back, this role-infused rant:
Using Roles […]

July 28, 2016

Apache Fortress Role Engineering Tutorial

The goals of this tutorial are to

Gain understanding of the Role Based Access Control (RBAC) standard
Learn the repeatable steps of the Role Engineering Proces […]

July 28, 2016

Apache Fortress End-to-End Security Tutorial

The tutorial provides a how-to guide for applying end-to-end security enforcement across a sample Java Web environment using Java EE, Spring and Apache Fortress […]

July 28, 2016

Apache Fortress SAML Demo

The aim of this tutorial is to connect Apache Fortress with Spring Security SAML and a common Identity Provider – SSO It’s not intende […]

May 18, 2016

Introducing a Security Access Control Engine Inside OpenLDAP

Security Access Control Engine – How & Why
The OpenLDAP Accelerator is a Policy Decision Point that resides inside the slapd process. This presentatio […]

May 12, 2016

Understanding LMDB Database File Sizes and Memory Utilization


The Lightning Memory-mapped Database (LMDB) is designed around the virtual memory facilities found in modern operating systems, Multi-version Con […]

April 1, 2016

ApacheDS & Fortress QUICKSTART

As engineers, we are often encouraged to use the right tool for the job.  Maybe that is because we tend to grow too attached to the familiar.  When we’v […]

April 1, 2016

Apache Fortress 1.0-RC42 Released

Announced just this week: Apache Fortress 1.0-RC42 released.  What, is this some kind of joke?  Why would a project go thru 42 iterations of release candidate […]