Wei Jie at the University of Manchester has just let me know the finished paper, on which I’m a co-author, is ready for public consumption. Wei submitted it to the International Workshop on Security and Privacy in Enterprise Computing (InSPEC 2008), titled:

A Guanxi Shibboleth based Security Infrastructure for e-Social Science.

It’s based on Sakai, Permis and Guanxi and is the first use of the GSK in the wild that I know of.

You can download the paper here.

With the increased interest in Guanxi, I’ve been forced to take a long look at the coding style I’ve been using, which has meant reading a lot and thinking, do I really want a different style? I’m quite happy with what I’ve been writing over the last 3 years or so but I should at least decide on a style and formalise it, publish Eclipse and IDEA templates and give other developers a chance to format their code to fit in with what’s already there. The problem however is, opinions on how code should be formatted are as personal as how you wash yourself in the morning, or not, depending what language you use. I believe Perl programmers are devoid of soap. Untidy desk, untidy mind, as they say. What about untidy code? Perl is like an explosion in a character factory. Even more so when it’s been written by an academic with a Perl for Dummies book. It takes someone who really loves to code to write readable Perl code. Given that most academics code as a knee jerk reaction to some crisis or to intellectually spar with colleagues. (more…)

As Guanxi 2.0 progresses towards official release and I’ve ironed out a lot of issues and streamlined parts of the system, I thought it was time I took a few steps back, as a painter might, to get an idea of the overall picture and the aims of the application. As skill level increases in a particular domain, in this case Shibboleth, one may work up through the Dreyfus levels, to reach an understanding that encompasses not only the internal workings of the application but the wider context in which it sits. Although Guanxi is primarly a Shibboleth implementation, there are other SSO systems out there, which I should keep an eye on, such as OpenID and OAuth. As well as that, each wagon circle has its own vocabulary and protocol exchanges but underlying all is the concept of trust. (more…)

I was reading the eFoundations blog and came across this interesting article about the user experience side of Shibboleth and it rang a bell, as I happen to think the user experience isn’t that good. In the UK Federation, we have a weird and wonderful concoction of access terminology that is just bound to confuse users. Indeed, I spoke about this last December at the McShibb meeting in Edinburgh. Each service provider has its own access vocabulary, depending whether you’re using Athens or Shibboleth: