The New Nation - Internet Edition

Zahidul Haque

Oracle today announced that it has acquired Bridgestream, Inc., a leading provider of Enterprise Role Management software. Enterprise Role Management has emerged as a key component of identity management deployments to improve overall security and address regulatory requirements. By adding Bridgestream's leading role discovery, definition and management capabilities to Oracle's widely adopted access management and user provisioning solutions, Oracle provides the most comprehensive and feature-rich identity management solution. Oracle's Identity and Access Management Suite is a component of Oracle Fusion Middleware, the industry's fastest growing, most standards- compliant, and best-of-breed technology foundation for Service-Oriented Architecture.

"With the acquisition of Bridgestream, Oracle can help organizations streamline compliance related tasks and automate role management" said Hasan Rizvi, vice president, Identity Management and Security Products, Oracle. "We believe that the combination of Bridgestream's Enterprise Role Management capabilities and Oracle Identity Management will enable the next generation of integration between security and business process controls by delivering a closed - loop solution that combines role discovery, modeling, enforcement, atestation and audit in a single integrated solution"

Increased focus on compliance regulations, such as Sarbanes-Oxley and HIPAA, has created a need for organizations to strictly control access to sensitive systems and monitor access privileges regularly. However, managing and monitoring who has access to what, on an individual user and resource basis, can be costly for large organizations. Bridgestream's SmartRoles and Discoverer products address these issues by enabling role-based access control, where privileges are grouped by business roles, managing access and improving compliance. Enterprises use these products for analyzing existing access rights to define candidate roles, administering roles across the entire user population and enforcing segregation of duties during role assignment

"Bridgestream's core competency in Enterprise Role Management complements Oracle's already strong presence in identity and access management" said Mark Tice, president and CEO of Bridgestream. "This combination will enable us to accelerate the deployment of identity management solutions for our joint customers and prospects" Financial details of the transaction were not disclosed. More information is available at htp:// www. oracle.com/ Bridgestream.

An IP address (Internet Protocol address) is a unique address that certain electronic devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)-in simpler terms, a computer address. Any participating network device-including routers, computers, time-servers, printers, Internet fax machines, and some telephones-can have their own unique address.

In other words, the IP address acts as a locator for one IP device to find another and interact with it It is not intended, however, to act as an identifier that always uniquely identifies a particular device.

An IP address can also be thought of as the equivalent of a street address or a phone number (compare: VoIP (voice over (the) internet protocol) for a computer or other network device on the Internet Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network. An IP address differs from other contact information, however, because the linkage of a user's IP address to his/her name is not publicly available information.

In the past, an IP address could be considered a unique identifier of a particular IP host, in addition to being a locator. When it was usable as an identifier, it was static, and it was assumed to be globally unique from end to end of the Internet

In current practice, an IP address is less likely to be an identifier, due to technologies such as:

Dynamic assignment, as with an address that is assigned by the access device by which the user's host connects over a dialup telephone line or by a set-top box for an IP over cable network

Network address translation, where the address visible on the Internet is the "outside" of a device that maps it to a completely different and hidden address on the "inside".

Static and dynamic IP addresses

A Static IP address is where a computer uses the same address every time, as opposed to situations where the user IP address changes frequently, when a user logs on to a network by dialup or on shared residential cable. Static addressing is essential in some infrastructure situations, such as finding the Domain Name Service directory host that will translate names to numbers.

Static addresses are convenient, but not absolutely necessary, to locate servers inside an enterprise. An address obtained from a DNS server comes with a lifetime argument, after which it should be looked up to confirm that it has not changed. Addresses do change as a result of network administration (RFC 2072).

This contrasts with a Dynamic IP address, wherein an IP address is assigned to a computer, usually by a remote server which is acting as a Dynamic Host Configuration Protocol server. IP addresses assigned using DHCP may change depending on the addresses available in the set scope. Dynamic IP Addresses assigned by Dynamic Host Configuration Protocol servers are used because it reduces the administrative burden of assigning static addresses within a network.

IP address translation

IP addresses can appear to be shared by multiple client devices either because they are part of a shared hosting web server environment or because a network address translator (NAT) or proxy server acts as an intermediary agent on behalf of its customers, in which case the real originating IP addresses might be hidden from the server receiving a request A common practice is to have a NAT hide a large number of IP addresses, in the private address space defined by RFC 1918, an address block that cannot be routed on the public Internet Only the "outside" interface(s) of the NAT need to have Internet-routable addresses.

Most commonly, the NAT device maps TCP or UDP port numbers on the outside to individual private addresses on the inside. Just as there may be site-specific extensions on a telephone number, the port numbers are site-specific extensions to an IP address.

IP addresses are managed and created by the Internet Assigned Numbers Authority (IANA). The IANA generally allocates super-blocks to Regional Internet Registries, who in turn allocate smaller blocks to Internet service providers and enterprises.

IP versions

The Internet Protocol has two versions currently in use (see IP version history for details). Each version has its own definition of an IP address. Because of its prevalence, "IP address" typically refers to those defined by IPv4.

IP version 4

IPv4 only uses 32-bit (4 byte) addresses, which limits the address space to 4,294,967,296 (232) possible unique addresses. However, many are reserved for special purposes, such as private networks (~18 million addresses) or multicast addresses (~270 million addresses). This reduces the number of addresses that can be allocated as public Internet addresses, and as the number of addresses available is consumed, an IPv4 address shortage appears to be inevitable in the long run. This limitation has helped stimulate the push towards IPv6, which is currently in the early stages of deployment and is currently the only contender to replace IPv4.

Example: 127.0.0.1 (Loopback)

IP version 6

IPv6 is the new standard protocol for the Internet Windows Vista, Apple Computer's Mac OS X, and an increasing range of Linux distributions include native support for the protocol, but it is not yet widely deployed elsewhere.

Addresses are 128 bits (16 bytes) wide its not use every where now. When we need huge IP address that's time we use IPv6 version.

(Muhammad Azizur Rahman

It professional and freelance Journalist ( Ref : Internet ))

(To be continued)

AFP, Washington

Inexpensive laptop computers designed for students in developing countries will be sold to the public in a buy-one, give-one scheme, the non-profit organization behind the project said Monday.

The "100 dollar laptops"-which currently cost nearly twice that amount-will go on sale for two weeks starting November 12, One Laptop Per Child (OLPC) said in a statement

The non-profit group was organized by Nicholas Negroponte, a co-founder of the Massachusets Institute of Technology (MIT) Media Laboratory, who came up with the idea of providing low-cost computers for students in underdeveloped countries as key step to promote education.

The sales program is designed to give the overall OLPC project more publicity, and to encourage open-source software developers to write programs for the laptop's operating system, the non-profit said.

The program is "a terrific opportunity for the public to help eliminate poverty and make the world a beter place by inoculating children against ignorance," said Negroponte in the statement

The laptop-dubbed the XO-is a shock-and water-resistant device with a high-resolution screen that can be read in direct sunlight and in the dark, and has no moving parts aside from a rabbit ear antenna to connect to a wireless network.

The XO consumes about one-tenth of the energy a regular laptop uses, its designers say, and can be powered by solar energy or manually by pulling cords and hand cranks. It comes with a built-in video camera, a word processor, music and art software, and can be used as an electronic book reader.

Between November 12-26 US and Canadian customers can pay 399 dollars for two XOs on a first-come, first-served basis. One laptop goes to the buyer, the other to a needy student the non-profit will determine.

OLPC said in May it hopes the price will come down to 100 dollars by 2009.

UNICEF, the UN children's fund, announced earlier that it is puting its education content on all the laptops shipped.

Dwight Silverman

Microsoft's latest operating system has taken it on the chin lately. It seems Windows Vista has become the software version of the kid always picked last for schoolyard sports.

Consider these developments:

Jim Louderback, who recently left as executive editor of PC Magazine, wrote in his departure column that he really doesn't like Windows Vista that much. "Maybe it was something in the water?" he said. "I've been a big proponent of the new OS over the past few months, even going so far as loading it onto most of my computers and spending hours tweaking and optimizing it So why, nine months after launch, am I so frustrated? The litany of what doesn't work and what still frustrates me stretches on endlessly."

As is usually the case with a new version of Windows, the major PC makers all switched to offering only Vista on their new computers almost as soon as it was available. Now, because of customer demand, most of them are offering a downgrade to Windows XP on their Web-based configurators, or they continue to offer XP in their sites' small/home business areas.

Tech Web sites are increasingly peppered with blog posts in which the writer declares he or she is returning to XP out of frustration.

And, in perhaps the unkindest cut of all, some are referring to Windows Vista as Windows ME 2, likening it to what's considered the worst Microsoft operating system of all time.

Still, Windows Vista is a sales success in spite of all the negative buzz. Microsoft says it has sold more than 60 million licenses for Vista since it launched for businesses in November, and consumers in January. However, the company doesn't break down those numbers. Most come from sales of new PCs with Vista already installed. It may include sales to resellers and businesses. It doesn't mean people are lined up to buy Vista at the neighborhood computer store.

As I wrote in May (see www.chron.com/novista), one of the biggest issues with Vista - and with any new Windows operating system - are drivers. Add to that programs that are incompatible and the usual set of bugs that come with any new OS release, and you can see why people are frustrated.

But I think there's a much bigger dilemma here. Vista's woes are just a symptom of an overarching crisis. Basically, the Windows ecosystem is broken.

This is a tremendous issue, because it is the ecosystem surrounding Windows - the vendors that make hardware that rely on it, the software developers who make programs that run on it and the computer makers who sell it all as a package - that has driven Microsoft's success. The ecosystem has become horribly complex over time, to the point that it's collapsing of its own weight

Here's how it's supposed to work:

Windows, although a proprietary operating system, is the hub of an open computing system. Anyone can build a computer that runs it, using off-the-shelf parts. Any hardware vendor can make components for it And software vendors have access to the Windows Application Programming Interface, or API, and can write programs that run on it

This open system has worked well so far; it's what has driven the growth of the personal computing industry for decades. The opportunity for anyone to enter the market has driven prices down and innovation up, and consumers have benefited. It's why Windows has a market share that dwarfs those of all other operating systems.

But its strengths are also its weaknesses. The ecosystem has two huge drawbacks.

The first is Microsoft's promise to make each generation of Windows compatible with as many products designed for previous generations as possible. It's why many components and programs made for Windows 98 - and some even for Windows 95 and 3.1 - still run on Windows XP and Vista.

The compatibility promise is very hard to keep. Ensuring that legacy code and hardware still works on the latest version of Windows gets harder with each successive version, and it's a big reason why Windows is so horribly bloated. It also introduces instability, which becomes a security risk for network-connected machines.

The second vulnerability is the growing number of products produced to run on Windows. There are several times more printers, scanners, mice, monitors, video cards, audio adapters, Wi-Fi cards, etc., available now than there were when Windows XP came out People are still using them, and they expect them to work with Windows Vista!

With each successive version of Windows, hardware makers and developers must decide whether to support their older products on the new operating system. They can throw resources at writing drivers for hardware and patches for software, but as time goes on, they have more and more legacy products in the mix. At some point, they have to abandon older products, angering consumers who suddenly find the hardware and software they own no longer works.

Add to that PC makers bogging down their consumer machines with junkware, much of which runs in the background, and hurts performance.

I think Microsoft needs to do what Apple periodically does - start over from scratch. I'd like to see Microsoft develop an entirely new operating system that isn't based on past versions of Windows. It should be built from the ground up with security, efficiency and ease-of-use in mind.

I'd go even further. If I was Microsoft CEO Steve Ballmer, I'd close the Windows ecosystem a bit I'd hold a summit with my top hardware vendors and say, "We're standardizing on specific hardware designs and narrowing those standards, and we're doing it for the sanity of our users. Get on board or get out of the way."

Yeah, there'd be a period of pain for Microsoft because the new won't work with the old. But if the reworked Windows benefits from simplification and a new focus, then Microsoft, the PC ecosystem and, most importantly, its users will benefit in the long run.

Think this is too far-fetched? Something Microsoft would never do? Think again.

Microsoft is working on a from-scratch OS. It's called Singularity, and you can read more about it at research.microsoftcom/os/singularity/. Will it someday replace Windows?