tag:blogger.com,1999:blog-312551883381829534.post376536024812501180..comments2023-10-30T16:27:31.215+01:00Comments on infoarch: Missing Security Features in Enterprise RSS ToolsAnonymoushttp://www.blogger.com/profile/14145886833443377887noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-312551883381829534.post-79857947664744377312014-07-05T08:53:57.579+02:002014-07-05T08:53:57.579+02:00This comment has been removed by a blog administrator.sqiarhttp://www.sqiar.comnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-42105186250341203972011-11-30T06:52:17.424+01:002011-11-30T06:52:17.424+01:00This comment has been removed by a blog administrator.Consultoria RHhttp://www.luizpaschoal.com.brnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-24923639176975694592009-12-04T10:32:02.402+01:002009-12-04T10:32:02.402+01:00Great blog... web templateGreat blog... <a href="http://www.itsolusenz.com" rel="nofollow"> web template </a>Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-77231807248622734902009-06-05T13:00:48.154+02:002009-06-05T13:00:48.154+02:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-61004404024535880982009-01-13T20:50:00.000+01:002009-01-13T20:50:00.000+01:00Have you had a look at the Apache Abdera project?h...Have you had a look at the Apache Abdera project?<BR/>http://abdera.apache.org/Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-5168830352044584192008-12-17T22:26:00.000+01:002008-12-17T22:26:00.000+01:00Peter,I just posted a response to your question re...Peter,<BR/><BR/>I just posted a response to your question regarding the use of secured RSS feeds versus e-mail here: http://ccsblog.burtongroup.com/collaboration_and_content/2008/12/secured-rss-versus-e-mail.html<BR/><BR/>LarryAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-30605545493619588582008-12-17T22:04:00.000+01:002008-12-17T22:04:00.000+01:00I posted some details on my blog as to NewsGator's...I posted some details on my blog as to NewsGator's secure feed implementation, along with the recommended way to address the issue you're seeing:<BR/><BR/>http://www.rassoc.com/gregr/weblog/2008/12/17/enterprise-rss-and-security/Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-38436847605314791652008-12-15T19:11:00.000+01:002008-12-15T19:11:00.000+01:00Hi Peter,I'm a product manager at NewsGator. Than...Hi Peter,<BR/><BR/>I'm a product manager at NewsGator. Thanks for the detailed look at NGES. Security is always a top priority for us, and we always try to take the most secure approach first. That is why in most cases we make access to certain feeds as private in the base case. Unfortunately, you are looking at only one environmental scenario for access to secured content -- one where the user/admin enters a username and password directly against the feed in NGES.<BR/><BR/>To address the scenarios above, we've found that the customer environment drives the solution. There are at least two environments that I'd like to point out where we can accomplish the scenarios above. First is when a customer has implemented Kerberos, and the other is when they are using SharePoint. <BR/><BR/>In the Kerberos case (typically SharePoint actually), we will retrieve the information from the feed based on the authorization provided by the Kerberos ticket.<BR/><BR/>The SharePoint case is actually divided into two other situations -- one, where the user is accessing the list information outside of SharePoint (ie. in a NGES reader); two, where the user is accessing list information from a NewsGator Social Sites web part from within the SharePoint security context. In either case, we can support secure access to commonly subscribed feeds. The best case is when we access the lists from within SharePoint through our views through NewsGator Social Sites. Each view is security trimmed based on the user's authorization to the content contained within the feed/list. Outside of SharePoint, we take a more conservative approach.<BR/><BR/>Finally, there are other scenarios using other SSO technologies like Siteminder to handle these cases.<BR/><BR/>If you'd like a more detailed discussion on our security capabilities, I'd be more than happy to arrange that!<BR/><BR/>Again, thanks for the blog.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-79270457126259971682008-12-12T15:44:00.000+01:002008-12-12T15:44:00.000+01:00Hi Larry,First, thank you very much for your comme...Hi Larry,<BR/><BR/>First, thank you very much for your comments.<BR/><BR/>You are right that I make the assumption that feeds only contain content (like blog postings) and not individual based RSS feeds like your CRM system example.<BR/>In your example there seems to be no need to share RSS Feeds with colleagues or improve collaboration.<BR/>I also am curious what Enterprise RSS solutions such as NewsGator Enterprise Server and Attensa Feed Server, will give you more than E-Mail in this case already can do?<BR/> <BR/>I describe a situation with a growing volume of information within our company, and employees who have problems to find information relevant for them.<BR/><BR/>We think that by sharing RSS Feeds, employees need less time to find information. <BR/>Everyone can see what his or her colleagues within the department or speciality are reading.<BR/><BR/>Because more than 90% of our internal RSS Feeds are secure, we think an Enterprise RSS solution should support this.<BR/><BR/>If we only can share RSS Feeds outside the company, we can also use <A HREF="http://www.google.nl/reader/" REL="nofollow">Google Reader</A> for external RSS Feeds (what a lot of employees are doing now) and an Outlook plugin like <A HREF="http://rsspopper.blogspot.com/2004/10/home.html" REL="nofollow">RSS Popper</A> to read internal RSS feeds.Peter Verhoevenhttps://www.blogger.com/profile/13236533890881034177noreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-28624548746953889062008-12-12T08:37:00.000+01:002008-12-12T08:37:00.000+01:00In general I am missing two functionalities in fee...In general I am missing two functionalities in feed readers, inside and outside the enterprise.<BR/><BR/>One is access to secured feeds. I have access to lots of web based workspaces that have password protected feeds. But a lot of feedreaders simply do not allow you to subscribe to those feeds.<BR/><BR/>Another is being able to tag feeds (not items in feeds, which a number allow you to do), so I can make more different cross-sections of my feedreader's content. Makes it easier for me to hunt for patterns.<BR/><BR/>Is tagging feeds (again: not items, but tagging the subscription itself) something that came up as a requirement for your situation?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-312551883381829534.post-86341951724073668502008-12-11T16:08:00.000+01:002008-12-11T16:08:00.000+01:00You are confusing authentication with authorizatio...You are confusing authentication with authorization. Just because "A" and "B" are both authenticated and are able to use an application (which produces a feed) doesn't guarantee they are authorized to see the same data.<BR/><BR/>You are also making the assumption that feeds only contain content (like blog posts). Feeds can also contain information coming from applications.<BR/><BR/>One way to approach this is think of the feed as a web application that you interact with. For example, a CRM system. Persons "A" and "B" both have access to the CRM system but cannot perform the same functions. Perhaps "A" can look at all outstanding leads but "B" can also look at all closed deals. Therefore, if the CRM system uses the same feed URL "A" will not see some items that "B" does (closed deals).<BR/><BR/>The reason secured feeds cannot be shared is because they may contain different feed items per user.<BR/><BR/>Secured feeds are personalized feeds. Now, think about what opportunities that may enable for the enterprise and there you will find potential benefits that go behind simply saving bandwidth. Personalized feeds are individualized signals coming from enterprise applications.<BR/><BR/>The Newsgator approach to secured feeds seems to allow for the situation in which everyone authorized to use the feed will receive the same content and looks to be a reasonable compromise.Anonymousnoreply@blogger.com