Log-in | Register Username:   Password:   forgot password? Logged in as | Log-out

blog home blog structured search InfoWorld power search InfoWorld metadata explorer The Screening Room all screencasts popular / general-interest screencasts Friday podcasts Friday podcasts with transcripts Friday podcasts: RSS feed all podcasts all blog items LibraryLookup subscribe with rss: send Jon an email: reading list as opml reading list as html

<<  Friday, July 19, 2002  >> Traction and Radio Roland Tanglao liked my review of Traction, but reconsidered when Jim McGee pointed out that Traction is a whole lot more expensive: What more do you get than buying individual licenses for Radio which you can get for about 1/10 the cost of Traction? [McGee's Musings] Traction is for power users in the enterprise. Some things those users get, right out of the box: - integrated search, both fulltext and structured - email in (with support for attachments), email digests out - deep referential integrity, with bidirectional linking - rss feeds based on arbitrary queries - flexible categorization, with multiple terms available at both document and paragraph level - an advanced "blog this" tool that captures email, web, and Word docs with high fidelity - a security system based on users and projects There was not an opportunity in the review to put Traction and Radio into a wider context, so I'll do that here. Radio is a fabulous KM enabler. Obviously I use it every day for that purpose, and I highly recommend it. It is also, indisputably, a great bargain. Traction aims to serve power users, in enterprises that will pay for things that Radio could surely be configured to do, but doesn't do out of the box. The two are highly complementary. A core team of power K-loggers could use Traction for its advanced features, while integrating (via RSS) with a larger group of Radio users. I am, in fact, considering just such an architecture. The XML support in both products ensures that they can work well with each other, and with other things too. Like the Perl guys say: There Is More Than One Way To Do It. And like Sam Ruby says: "As long as it is interoperable, I am happy."     Amazon's built-in XSLT service Phil Windley found something I missed: the RESTful flavor of Amazon's new API provides its own XSLT service: Amazon's progam supports both a SOAP/RPC model and a RESTful model.  Using the RESTful model, I cobbled up the Amazon results box on the right side of this page.  This is the XSL file that I used and this is the URL I called.  [Windley's Enterprise Computing Weblog] I had instead used the generic W3C XSLT service. In the example I gave the other day, here was the URL that yoked it to Amazon and to my transform: www.w3.org/2000/06/webdata/xslt? xslfile=http://radio.weblogs.com/0100887/gems/amazon.xml &xmlfile=http://xml.amazon.com/onca/xml %3FAsinSearch=1579903002%26mode=books%26f=xml%26type=heavy %26dev-t=D10LHXBPN0XCEJ&transform=Submit Pretty ugly, what with all that escaping going on. Here's a simpler URL that yields the same result using the technique Phil demonstrates: xml.amazon.com/onca/xml? AsinSearch=1579903002&mode=books &type=heavy&dev-t=D10LHXBPN0XCEJ &f=http://radio.weblogs.com/0100887/gems/amazon.xml (The lameness of the MS DHTML edit control  messed these up and make them non-clickable, and the long lines screwed up formatting, hence the line breaks introduced above.) The W3C-based service is still really interesting because it's a general-purpose way to apply any web-accessible XSLT to any web-accessible XML. But using Amazon's built-in XSLT certainly makes shorter and more readable URLs. A minor difference between the two: W3C's service sends a Content-type: application/xml header, whereas Amazon sends Content-type: text/html. The former gives nicer results when viewed in IE. Phil goes on to say of XSLT: XSL needs some good tools for debugging and testing.  As it happens, XSL is a programming language with few (maybe no) support and debugging tools.  What's worse, its a rule based language, an unfamiliar paradigm for most people.  People used to give me a bad time about Scheme and LISP.  I can't believe they'll use XSL. Understood. I felt that way too, and only gradually made my peace with XSLT. There is an excellent XSLT debugger available from ActiveState, by the way. Disclosure: I am a member of ActiveState's Technical Advisory Board. Further disclosure: I don't actually use the XSLT debugger nowadays, but it was very helpful in the early going to visualize how the XSLT engine works.     Translucent databases I had lunch with my old pal Peter Wayner yesterday, and he gave me a copy of his new book, Translucent Databases. In the book, Peter defines translucency as an approach that "lets some light escape the system while still providing a layer of secrecy." Conventionally, databases store information in the clear and rely on a fortress security model. Break into the fortress (or subvert it from inside), and you can scoop up all the information. Over lunch Peter sketched a scenario that might well be a non-starter given that risk. Imagine a web service that enables parents to find available babysitters. A compromise would disastrously reveal vulnerable households where parents are absent and teenage girls are present. Translucency, in this case, means encrypting sensitive data (identities of parents, identities and schedules of babysitters) so that it is hidden even from the database itself, while yet enabling the two parties (parents, babysitters) to rendezvous. The techniques used to accomplish this trick are simple, but the protocols -- like all cryptographic protocols -- require some thought. In general, they elaborate on the possibilities inherent in one-way hashing, like that used to guard passwords in the Unix /etc/passwd file. For example, this SQL statement: INSERT INTO babysitter1 VALUES (MD5("Chris Jones/swordfish"), "No practice and no school.", 1, 1, "2002-01-02 16:00:00", "2002-01-02 23:00:00") means: "Chris Jones (password swordfish) is available Jan 2, from four to eleven." A parent to whom Chris has vouchsafed her password queries Chris' schedule using: SELECT * from babysitter1 WHERE idHash=MD5("Chris Jones/swordfish"); Most of the book spins out variations on these kinds of examples, using simple Java code to generate standard SQL. Some other techniques include misdirection (adding fake data, and certifying the real data with digital signatures), and quantization (rounding off data that doesn't need to be individually precise, as also described in an NY Times Circuits story yesterday). The book was poorly copyedited, unfortunately, and there are an annoying number of typos. But it's an excellent exploration of what will doubtless be an important emerging field: the intersection of databases and cryptography. Perhaps in time Microsoft's initial Hailstorm proposal will be seen in a slightly different light. It was, after all, a translucent database.

Recent Entries Why can't Johnny download? Because he's stuck in a semantic muddle. Justifying the feel-good labels Screen-sharing's long tail Why can't Johnny download? A conversation with Rajiv Gupta about fine-grained access control XBRL use cases: better late than never Tantalizing hints of the Knowledge Navigator Denise Getts wires the web Beyond the election news cycle A conversation with Jim Russell about the Pittsburgh diaspora The SALT talks All roads lead to VNC Mobile speech recognition The Screening Room #10: Dabble DB Scaling the Tufte effect A conversation with John Schneider about Efficient XML What's the video threshold for face-reading? So many social networks, so little time Conversational dynamics in the blogosphere Intense, simple, active demonstrations A conversation with Cricket Liu about the Domain Name System Drowning in a rising tide DRM by asking nicely In search of non-gratuitous 3D A conversation with Mark Ericson about communications-enabled business processes Levelator! Talk to the avatar WordPress for loosely-coupled comments, part 2 Compound documents for the web A conversation with Ellen Ullman about living close to the machine At the Paris SOA Forum ID card anthropology Second Life, MTurk, and on-demand education The Screening Room #9: Windows Live Writer A conversation with Tim Fahlberg about mathcasts, clickers, and the future of education A conversation with Jeff Bezos about Amazon web services Kim Cameron on why business protocols aren't user-centric yet Show me my account activity! WordPress as a loosely-coupled comment engine How translucency could defuse the Turnitin/McLean High controversy A conversation with Cyril Houri about annotating the planet using a GPS/WiFi/cellular hybrid Turk work Screencasting of tacit knowledge Ongoing discussion of translucency and selective disclosure Half-baked ideas Google Earth live and in realtime The politics of data control Audio editing on the move A conversation with Phil Windley about identity in the real and virtual worlds

Sponsored Technology Links
Symantec - Whitepaper: Secure, recover, and archive critical information Microsoft - {Open Source} Heroes Happen Here Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching InterSystems - Use Ensemble - quickly create composite applications. AT&T - Factors to consider when comparing DSL or Cable Cirba - Advanced Workload Analysis Techniques CA - Manage your IT more effectively. Efficient - Flexible - Compliant HP/Intel - If you don't have enough I/O, your VMs aren't going to go. Rackspace - Go Green Without Sacrificing Server Performance AT&T - Measuring mobile productivity AT&T - Thinking about IMS CA - Plan IT better, Manage IT better. AT&T - Refine your company's plan for a Business Disruption Event AT&T - Going mobile with today's technology Cirba - Consolidating Workloads onto Mainframes AT&T - What to expect from a Technology Assessment. AT&T - Class of Service: Myths and Misconceptions AT&T - Enhancing security through Quantum Cryptography		Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. HP - Explore the interactive whitepaper: Rightsizing Blades for the mid-market. Symantec - Webcast: Beyond AntiVirus AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor EMC - EMC and VMware help you build your virtualized infrastructure. AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. MKS - The Power of UNIX/Linux on Windows with MKS Toolkit Vision Solutions - Is your smaller organization ready for High Availability? Vision Solutions - Is system maintenance doing more harm than good? HP - NEW HP LaserJet P4014n printer Starting at $699 after $100 IS. HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW HP - Speed, agility, flexibility - The HP BladeSystem c-Class. Vkernel - Resolve Capacity Bottlenecks and Enhance Your Virtual Environment Nokia - Restore Your Mobile Devices With One Click Oracle - The Power of Two with SOA and BPM

	HOME  NEWS  BLOGS  PODCASTS  VIDEOS  TECHNOLOGIES  TEST CENTER  EVENTS  CAREERS	About | Advertise | Awards | RSS | Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist