Apache Ranger, a security management framework for Apache Hadoop ecosystem, graduated to top level. Ranger is used as a centralized component to define and administer security policies that are enforced across supported Hadoop components such as Apache HBase, Hadoop (HDFS and YARN), Apache Hive, Apache Kafka, Apache Solr, among others.
Capital One launched the DevExchange Beta developer site and initial API offering last month.
Google has announced at I/O 2015 the Google Identity Platform, a collection of tools and APIs for managing identities and dealing with authentication and authorization across Android, iOS and web applications.
Firebase has this week announced major updates to its user authentication, including automatic session persistence, and rich authentication tokens for use in Security Rules.
Apigee Edge now supports Node.js and has open sourced Volos, a project containing a set of API management modules.
OAuth.io is an API and a service interfacing with more than 80 OAuth providers. This article contains an interview with Mehdi Medjaoui, Co-founder of OAuth.io, providing details on security, licensing and future developments.
The recently released Twitter API V1.1 ships with support for JSON and provides an ability to authenticate apps via OAuth1.0a.
Google+ Sign-In extends the Google+ social network into third-party websites, desktop applications and mobile apps. This service, announced on February 26th, provides features for authentication, authorization and activity sharing. There is also support for user engagement, hangouts and automatic Android app downloads.
Google today disclosed details of Compute Engine, an IaaS offering that runs Linux VMs on demand utilizing Google’s cloud infrastructure. Google Compute Engine (GCE) supports 1, 2, 4 and 8 virtual core VMs with 3.75GB RAM per virtual core
Twitter is the latest to experience downtime when yesterday the company issued a status update indicating instability within the site. This was the second such report from Twitter this week and follows on the heels of outages experienced this week by Google’s Blogger service and Microsoft’s Business Productivity Online Suite (BPOS).
Today Google announced experimental support for OAuth 2.0 with bearer tokens. In addition, as a side announcement they've launched a new consent page for OAuth 2.0 designed with cleanliness and simplicity in mind.
Bill Burke, JBoss's Chief Architect and REST Easy Project Lead, published last week a proposal for a Digital Signature Protocol over HTTP. "DSig" is rapidly gaining popularity, more than 10 years after it was designed, due to the emergence of composite applications and the need to establish trusted relationships between their clients and services.
Eran Hammer-Lahav, one of the editors of the OAuth 2.0 specification, published a diatribe on the latest standard draft. For him, the current proposal mortgages the future of the Web. He sees the current specification focusing too much on simplicity for the application developer while severely limiting the ability to create discoverable and interoperable services.
The WCF Data Services Team have recently been doing a series on the available authentication mechanisms for client/OData service authentication.
As more social networking sites are popping up, the questions around the data they keep are rising. Data portability has become the watch phrase across the Web 2.0 world. Is there something to be learned about data access and portability from these services?