In a recent discussion a colleague mentioned that my self-coined terminology in the security stack article was somewhat confusing. While I intentionally did this to make sure that the security stack was being treated as an entity in itself, I agree that the new terminology might actually do more harm than good.

Therefore, please find a 'map' from my terms to the ones that are more common in the network protocol stack. The first phrase is my new term, then follows a mapping to more common terms:

1. physical network security - Link Layer (layer 2), not to be confused with the actual physical layer 1
2. network transport security - Layer 3 and 4 in the seven layer OSI/ISO stack
3. platform security - Session security
4. application transport security - Also session security, but I think it would be important to make a distinction here between the platform session and the application session
5. application security - Same. 

I hope that this clarifies the original intent a little and makes it more readable. Thanks to Nico Williams for pointing this out.  

Interesting timing: just as ATOM 1.0 is finally becoming an IETF/W3C standard, Microsoft publishes her extension to RSS 2.0 here. While the Microsoft extensions are licensed under the Creative Commons ShareAlike license and Microsoft also seems to pledge to not apply royalties to implementors, RSS 2.0 is still under copyright from Harvard and cannot be changed at this point.

It will be interesting what Sam Ruby and Tim Bray will have to say about this. Meanwhile, you can take a look at Sam's RSS to ATOM comparison.

Once more, I am toying with the idea of using an offline editor to edit my blog entries. There are currently two contenders: WB Editor and RocketPost. While I do like the RocketPost interface better (so far), they do not seem to support non-standard TCP ports. Since my blog lives on port 8080 (for a variety of historical reasons), this could be a show stopper.

As for WB Editor, I am quite pleasantly surprised how far offline blogging has come since the early days of w.bloggar. A really nice feature is that it utilizes the IE URL history, making it ridicously easy to add hyper links. I will probably continue to use this tool, at least during the trial, and then make a decision afterwards.

A useful tip for installing JES on Windows:

JES requires the domain name to be set on the Windows machine. It is not sufficient to simply set the domain name in the %Systemroot%\system32\drivers\etc\host file. Instead you need to change it in the System Control Panel. See here for details.

It seems that Microsoft Office Activation is more sensitive to hardware changes than Windows: after restoring my desktop from one laptop to the other (see below), Windows worked out of the box. However, Office complained about the need to re-activate. This is quite interesting, particularly in the context of where Microsoft gets their profits from ...

While this might sound quite boring for most of you, but I am rather relieved that NTBackup works .. I just had to send in my laptop, since it developed a nasty vertical bar (2 inches - 5 cm, in the middle of the screen). Now with out a laptop, I do feel rather nacked in the web world, so I decided to revive an older system I still had. Just re-installing was no option, since by the time I would have had it properly configured, the old laptop will hopefully be back.

So, the only possible solution boiled down to the equivalent of a haert transplantation: restoring the backup from my broken laptop to the interim one. First of all, I discovered that I could not restore from a UNC path. Since I didn't have a 120+ GB 2.5" drive, an external HDD was the only option. I decided to pickup a 300GB drive and put it into a CompUSA aluminum case with IEE1394 and USB2. Now, FireWire cables are really expensive: a 4-6 pin cable was at $45, which I personally consider either extortion or at least price gouging.

But I digress. At the end of the day, NTBackup worked quite nicely, the only major issues being the drivers (that was obviously) and the need to re-initialize offline files (sigh ... again).

So here is my recipe:

1. Backup your laptop using NTBackup. Be sure to select the SystemRoot drive (usually C:) and SystemState.
2. Copy the resulting .bkf file to a local disk on the new system.
3. Install the OS on the new system.
4. Run NTBackup in restore mode.
5. Install any new drivers.
6. Check your offline files.

One more caveat (but that should be obvious): if you have special software hooked to one of the system devices, you must re-configure your new devices. For me this was Proxyfier, which is a universal HTTP proxy client, that hooks into the protocol stack of the network interfaces.

Well, the new release of FireFox is out and it is not looking bad. It is really refreshing to see that after the browser wars were supposed to be over, we are seeing again some healthy competition. There are already a few nice features that FireFox introduced that Microsoft announced for IE7 which is due some time in December. Tabbed browsing is one of them, eliminating browser clutter.

Recently a German news weekly posted on their website that they are already seeing between 32% (weekdays) and 40% (weekends, from private PCs) FireFox usage, which is significantly more than the usual reported numbers of around 5% market share.

I expect a fairly interesting new battle in the browser wars epic with the arrival of WPF/E capable browsers [1] on the Microsoft platforms. This time HTML might be at stake, although I would be surprised if XAML applications would actually start to replace HTML applications on the public internet.

[1] For the uninitiated: WPF stands for Windows Presentation Foundation which is the long announced, yet to be delivered Avalon API for .NET. the "/E" stands for Everywhere - WPF/E is supposedly an IE-embedded Avalon/XAML runtime, that will render XAML instead of HTML.

...contains a nice collection of articles and factoids on the Open Document Format debate. Please take a look at it here.

Since I finally decided to follow my most basic instincts/conscience/sudden inspiration/whatever and setup a personal web site, I am now promoting it...

Please check http://www.beuchelt.com/ or http://www.beuchelt.net/ for my page. You will be able to get to this blog at http://blog.beuchelt.com/ and http://blog.beuchelt.net/, although the old address (http://beuchelt.blogdns.net:8080/ will stay).

In the unlikely circumstance that you are interested in taking a look at some of my older articles, please drop me a line at: work at beuchelt dot com.

My recent GSS-SAML musings lead me to think about the relation of security, applications and platforms. My firm belief until recently was that security should be handled low in the stack: in the network protocol layer, the operating system, etc. The benefit is quite obvious: by securing the transport, OS, etc., the applications and their developers can be fairly ignorant about security (which they mostly are anyways) and yet build a reasonably save solution.

Now, there is one problem with this model. In order to be really secure, the network and OS developer tend to put fairly restrictive security system in place. This in turn inconveniences the application developer whose first reaction to a security problem will be to simply shut security off. The results can be seen all over the internet ...

The security stack

I better solution - I think - would be to start formalizing a full security stack. By that I mean essentially the same as when talking about a network stack. A security stack should define clear security layers, with well-defined boundaries of security domain.

Such layers should be isolated, yet permeable for permissable security information. One example would be the public key of a specific identity for message integrity and confidentiality. The associated name and other attributes are not strictly required for this operation and should - as such - not be permitted to pass through the security layers.

A possible arrangement of the security stack could be modeled along the ISO network layer model (lowest to highet layer):

1. physical network security - This would include very low level protocols, such as e.g. EAP/802.1x
2. network transport security - I would put protocols such as IPSec into this layer
3. platform security - Here, GSS-API, Kerberos, and maybe SASL would be located
4. application transport security - Within this layer, we could find things like HTTP authentication
5. application security - This layer might justify another division, but probably not horizontally, but vertically in different silos, such as web services and applications (Liberty, SAML, WS-Security), databases, etc.

In today's world, many of the different protocols are not capable of easily passing security information through the different layers of this stack (although there are some notable exceptions).

It should also be noted that while some security protocols do provide for the inclusion of authentication and authorization data, many do not.

What would we gain, if we had such a stack?

A clearly defined stack could serve as a framework for classifying, combining, and architecting new security protocols. Features available in different layers of the stack could then percolate up and down. An example would be the privacy features in SAML that - when profiled properly - could then be available at lower levels, effectively allowing anonymous (or psedonymous), yet authenticated access to resources.

I just wanted to step back and thank my collegue Lauren Wood for her superb efforts organizing the XML conference (for the 5th year!). As a speaker, as well as an attendee, this was a most pleasant and interesting conference.

Once more, Microsoft is targeting ECMA as the consortium to sign of on their technology. Just as a few years ago, when they submitted parts of the CLR and C#. This time it is the Office '12' formats, which have become quite a burden under the current plans of the Commonwealth of Massachusetts, the E.U. and the Country of Denmark: All these three governmental bodies decided to require an open file format for all future forms and documents.

For the longest time, the license that came with the Office XML formats was far less than open - bottomline was: you can look, but you cannot really implement.

Now Microsoft promises that this will change under the ECMA process.

For all attendees of XML 2005: I just updated my paper on Using SAML for Platform Security. Please check http://2005.xmlconference.org/proceedings for the updated version.

All non-attendees: The proceedings will be made publicly available by Nov 30, this year. I will also publish the paper here.

I have just configured dasBlog to use cross posts. Let's see if this post makes it to my old blogs.sun.com blog.

For those reading this on blogs.sun.com: my new blog is at http://beuchelt.blogdns.net:8080/.

Hmm - 2nd try.

Please find the PDF slide deck for my presentation at XML 2005 here:

XML 2005 - Using SAML for Platform Security

The paper for this talk will be - as far as I understand - available for public download some time later this year or early next year from the conference Web Site.