Monthly Archives: July 2008

IT cos find Pune rentals high-priced

The Times of India is reporting that the increasing rentals in Pune could be a significant deterrent in growth of IT in Pune.

Sunil Patil, president (Pune region), UBICS, a software company of the UB group, believes that the rentals may spoil the show. “Rentals in Pune for software companies have gone up 300% in three years. We are being offered space at Rs 65 per sq ft, which at $1.50 is the rate in Manhattan,” he said.

This comes on top of the disappearing cost advantage, especially in product companies. Salaries have been going up, and what used to be a 1 :: 6 or at least 1 :: 4 cost advantage is fast evaporating, especially at the higher levels. For people with 7-8 years of experience or more, I’ve heard numbers like 1 :: 1.5, and in some cases, I’ve heard that execs in India actually need to be paid more than the equivalent US salary. Factor in the increasing cost of real estate, travel, and other overheads associated with having India operations, and the economics of the situation start looking troubling.

When riya.com (now like.com) shut down their Bangalore operations, CEO Munjal Shah wrote a detailed post on why they couldn’t afford India. It is very instructive reading. Larger companies have an internal headcount ratio – if you have budget to fund a 100 person team in the US, how many people can you fund in India. This number used to be 300 earlier, and there’s at least one company that has updated its numbers to 100. Think about that. They end up with the same cost irrespective of whether the team is in the US or India – and this factors in the fact that junior programmers in India are much cheaper than those in the US.

If you are not careful, your job is going to Shanghai. Or Philippines.

Note: I am talking about product companies that are trying to do full-fledged product development out of India. In services (i.e. outsourcing) the ratios are better. But even there the situation is grim. Read Sramana Mitra’s “The Death of Outsourcing“, for example.

Zemanta Pixie

UoP accepts online proposals to fund research

The University of Pune has now created a website where college and university level researchers may submit research proposals online to get them funded by UoP, which has earmarked Rs. 8 crore for this purpose.

Since 2006, the UoP introduced the scheme to encourage college and varsity-level research projects by teachers and students. The university provides Rs 50,000 to Rs 3.5 lakh for each project, depending upon the proposal.

Source: Now submit your research papers online (The Times of India).

Company Profile: hover.in

Go Ergo has an interview of the founders of Pune-based web startup hover.in. Excerpt:

Q: Hover.in was born out of constant frustration that most bloggers and web publishers face regarding their content presentation and monetisation. Could you explain how hover bridges this gap?
A:? As a professional blogger, one of my main problems has been monetising (making money) from my blog without compromising on user experience. Normally, a visitor does not like to see too many ads on a blog or a website. Most of the new visitors will turn away from the blog on seeing too many ads. Hover was born to address this pain point!
Hover.in is an in-text “customised content” and “customised ad” delivery platform for websites and blogs. It enables web publishers to link and monetise keywords or phrases within their existing content.
Till date, in-text technology has been primarily used only to display contextual ads – mostly automated, without any publisher control. However, with hover.in, publishers can create and customise the content appearing within the hover bubble (hoverlet). Hover.in goes even further, allowing the publisher to change the look and feel of the hoverlet as per the theme of the website or blog.

Read the full interview.

hover.in provides web publishers and bloggers with in-text customized content display. It also provides opportunities for contextual in-text ads for increased revenues to publisher. More information about hover.in from the PuneTech wiki:

Key Features

  • Complete control of what appears within the hover window, via an administrative panel
  • Publishers can choose between hundreds of 3rd party contextual widgets or browse applications within the hover.in community
  • Improve reader engagement by displaying targeted content for particular key phrase of choice, or choose default applications
  • Customize the interface, add your own content or integrate advertisements from third party ad networks

Hover.in is currently in closed alpha and will be opening up shortly to selected beta users.

[editArticles

[edit]Links

[edit]People

Cloud Computing and High Availability

This article discussing strategies for achieving high availability of applications based on cloud computing services is reprinted with permission from the blog of Mukul Kumar of Pune-based ad optimization startup PubMatic

Cloud Computing has become very widespread with startups as well as divisions of banks, pharmaceuticals companies and other large corporations using them for computing and storage. Amazon Web Services has led the pack with it’s innovation and execution, with services such S3 storage service, EC2 compute cloud, and SimpleDB online database.

Many options exist today for cloud services, for hosting, storage and application hosting. Some examples are below:

Hosting Storage Applications
Amazon EC2 Amazon S3 opSource
MOSSO Nirvanix Google Apps
GoGrid Microsoft Mesh Salesforce.com
AppNexus EMC Mozy
Google AppEngine MOSSO CloudFS
flexiscale

[A good compilation of cloud computing is here, with a nice list of providers here. Also worth checking out is this post.]

The high availability of these cloud services becomes more important with some of these companies relying on these services for their critical infrastructure. Recent outages of Amazon S3 (here and here) have raised some important questions such as this – S3 Outage Highlights Fragility of Web Services and this.

[A simple search on search.twitter.com can tell you things that you won’t find on web pages. Check it out with this search, this and this.]

There has been some discussion on the high availability of cloud services and some possible solutions. For example the following posts – “Strategy: Front S3 with a Caching Proxy” and “Responding to Amazon’s S3 outage“.

Here I am writing of some thoughts on how these cloud services can be made highly available, by following the traditional path of redundancy.

[Image: Basic cloud computing architectures config #1 to #3]

The traditional way of using AWS S3 is to use it with AWS EC2 (config #0). Configurations such as on the left can be made to make your computing and storage not dependent on the same service provider. Config #1, config #2 and config #3 mix and match some of the more flexible computing services with storage services. In theory the compute and the storage can be separately replaced by a colo service.

[Image: Cloud computing HA configuraion #4]

The configurations on the right are examples of providing high availability by making a “hot-standby”. Config #4 makes the storage service hot-standby and config #5 separates the web-service layer from the application layer, and makes the whole application+storage layer as hot-standby.

A hot-standby requires three things to be configured – rsync, monitoring and switchover. rsync needs to be configured between hot-standby servers, to make sure that most of the application and data components are up to date on the online-server. So for example in config #4 one has to rsync ‘Amazon S3’ to ‘Nirvanix’ – that’s pretty easy to setup. In fact, if we add more automation, we can “turn-off” a standby server after making sure that the data-source is synced up. Though that assumes that the server provisioning time is an acceptable downtime, i.e. the RTO (Recovery time objective) is within acceptable limits.

[Image: Cloud computing Hot Standby Config #5]
This also requires that you are monitoring each of the web services. One might have to do service-heartbeating – this has to be designed for the application, this has to be designed differently for monitoring Tomcat, MySQL, Apache or their sub-components. In theory it would be nice if a cloud computing service would export APIs, for example an API for http://status.aws.amazon.com/ , http://status.mosso.com/ or http://heartbeat.skype.com/. However, most of the times the status page is updated much later after the service goes down. So, that wouldn’t help much.

Switchover from the online-server/service to the hot-standby would probably have to be done by hand. This requires a handshake with the upper layer so that requests stop and start going to the new service when you trigger the switchover. This might become interesting with stateful-services and also where you cannot drop any packets, so quiscing may have to be done for the requests before the switchover takes place.

[Image: Cloud computing multi-tier config #6]
Above are two configurations of multi-tiered web-services, where each service is built on a different cloud service. This is a theoretical configuration, since I don’t know of many good cloud services, there are only a few. But this may represent a possible future, where the space becomes fragmented, with many service providers.

[Image: Multi-tier cloud computing with HA]
Config #7 is config #6 with hot-standby for each of the service layers. Again this is a theoretical configuration.

Cost Impact
Any of the hot-standby configurations would have cost impact – adding any extra layer of high-availability immediately adds to the cost, at least doubling the cost of the infrastructure. This cost increase can be reduced by making only those parts of your infrastructure highly-available that affect your business the most. It depends on how much business impact does a downtime cause, and therefore how much money can be spent on the infrastructure.

One of the ways to make the configurations more cost effective is to make them active-active configuration also called a load balanced configuration – these configurations would make use of all the allocated resources and would send traffic to both the servers. This configuration is much more difficult to design – for example if you put the hot-standby-storage in active-active configuration then every “write” (DB insert) must go to both the storage-servers, writes (DB insert) must not complete on any replicas (also called mirrored write consistency).

Cloud Computing becoming mainstream
As cloud computing becomes more mainstream – larger web companies may start using these services, they may put a part of their infrastructure on a compute cloud. For example, I can imagine a cloud dedicated for “data mining” being used by several companies, these may have servers with large HDDs and memory and may specialize in cluster software such as Hadoop.

Lastly I would like to cover my favorite topic –why would I still use services that cost more for my core services instead of using cloud computing?

  1. The most important reason would be 24×7 support. Hosting providers such as servepath and rackspace provide support. When I give a call to the support at 2PM India time, they have a support guy picking up my calls – that’s a great thing. Believe me 24×7 support is a very difficult thing to do.
  2. These hosting providers give me more configurability for RAM/disk/CPU
  3. I can have more control over the network and storage topology of my infrastructure
  4. Point #2 above can give me consistent throughput and latency for I/O access, and network access
  5. These services give me better SLAs
  6. Security

About the Author

Mukul Kumar, is a founding engineer and VP of Engineering at Pubmatic. He is based in Pune and responsible for PubMatic’s engineering team. Mukul was previously the Director of Engineering at PANTA Systems, a high performance computing startup. Previous to that he joined Veritas India as the 13th employee and was Director of Engineering for the NetBackup group, one of Veritas’ main products. He has filed for 14 patents in systems software, storage software, and application software and proudly proclaims his love of π and can recite it to 60 digits. Mukul is a graduate of IIT Kharagpur with a degree in electrical engineering.

Mukul blogs at http://mukulblog.blogspot.com/, and this article is cross posted from there.

Zemanta Pixie

Azingo to raise Rs 200 cr for acquisitions in India

LiMo FoundationImage by mtlin via Flickr

Azingo, a mobile platform development company, which provides a full Linux-based mobile stack, as well as services, (and which has a development center in Pune), is planning to raise Rs 200 cr in a Series-B funding from US-based private equity firm Garnett Helfrich Capital and a few other VCs.

Azingo, one of the core members of UK-headquartered LIMO Foundation, a not-for-profit organisation dedicated to creating an open, hardware-independent, Linux-based operating system for mobile devices, helps the foundation’s 55 members, including nine tier-I operators like Verizon, Orange, SK Telecom and Soft Bank Mobile, to develop, integrate and tests its Mobile Linux software platform.

“Our Mobile Linux operating system is currently in the beta stage and we are in the process of commercialising the technology. The funds will be utilised to build applications for service and delivery to large operators and vendors, besides scaling up our workforce in India through the inorganic growth route,” Azingo’s chief executive officer Mahesh Veerina told Business Standard.

Veerina said they had identified a couple of companies in India and abroad that could bring in engineering talent, mobile application development, intellectual property IP or customer relations. It expected to wrap up the buyout deal in the next six to nine months. Azingo currently has 300 engineers working out of its Hyderabad and Pune centres. It will add close to 700 engineers in the country in the next one year.

Source Azingo to raise Rs 200 cr

Zemanta Pixie

Pune Flex Users Group Meeting – 19 July

What: Pune Flex Users Group Meeting
When: Saturday, 19th July, 11am to 12:30pm
Where: SANSUI SOFTWARE PVT. LTD. Fourth Floor, Nyati Millennium, Viman Nagar, Nagar Road, Pune – 411 014, India
Registration: This event is free. Please register here.

For more information, see the Pune Flex Users Group wiki.

Zemanta Pixie

OpenID – Your masterkey to the net

The OpenID logoImage via Wikipedia

OpenID is a secure, customizable, user-controllable, and open mechanism to share personal information (username/password, credit card numbers, address) on the web. It will eliminate the need to enter the same information over and over again in different websites, or to remember different username/password combinations. It will be a major improvement over the current system once it gains widespread adoption. PuneTech asked Hemant Kulkarni of singleid.net to give us an introduction to OpenID, its benefits, and how it works.

Overview

In 2005, a new idea took hold and spread across the internet – OpenID. The concept is very simple – to provide users with a single unique login-password set with which they will be able to access all the different sites on the internet.

In June 2007 the OpenID Foundation was formed with the sole goal to protect OpenID. The original OpenID authentication protocol was developed by Brad Fitzpatrick, creator of popular community website LiveJournal, while working at Six Apart. The OpenID Foundation received a recent boost when the internet leaders Microsoft, Google, Yahoo! and Verisign became its corporate members.

Millions of users across the internet are already using OpenID and several thousand websites have become OpenID enabled.

Need for OpenID

The internet is fast becoming an immovable part of our everyday life. Many tasks such as booking tickets for movies, airlines, trains and buses, shopping for groceries, paying your electricity bills etc. can now be done online. Today, you can take care of all your mundane household chores at the click of a button.

When you shop online, you are usually required to use a login and a password to access these sites. This means that, as a user, you will have to maintain and remember several different login-password sets.

OpenID enables you to use just one login-password to access these different sites – making life simpler for you. With OpenID, there is no need to bother with remembering the several different logins and passwords that you may have on each different site.

Internet architecture inherently assumes that there are two key players in today’s internet world – end users who use the internet services and the websites which provide these services. It is a common misconception that OpenID-based login benefits only the end users. Of course it does. But it also has an equal value proposition for the websites that accept OpenID too.

Later, in a separate section, we will go into the details of the benefits to the websites that accept OpenID-based logins.

And before that, it is equally important to understand the few technological aspects and the various entities involved in the OpenID world.

What is OpenID

OpenID is a digital identity solution developed by the open source community. A lightweight method of identifying individuals, it uses the same framework for identifying websites. The OpenID Foundation was formed with the idea that it will act as a legal entity to manage the community and provide the infrastructure required to promote and support the use of OpenID.

In essence, an OpenID is a URL like http://yourname.SingleID.net which you can put into the login box of a website and sign in to a website. You are saved the trouble of filling in the online forms for your personal information, as the OpenID provider website shares that information with the website you are signing on to.

Adoption

As of July 2007, data shows that there are over 120 million OpenIDs on the Internet and about 10,000 sites have integrated OpenID consumer support. A few examples of OpenID promoted by different organizations are given below:

  • America Online provides OpenIDs in the form “openid.aol.com/screenname”.
  • Orange offeres OpenIDs to their 40 million broadband subscribers.
  • VeriSign offers a secure OpenID service, which they call “Personal Identity Provider”.
  • Six Apart blogging, which hosts LiveJournal and Vox, support OpenID – Vox as a provider and LiveJournal as both a provider and a relying party.
  • Springnote uses OpenID as the only sign in method, requiring the user to have an OpenID when signing up.
  • WordPress.com provides OpenID.
  • Other services accepting OpenID as an alternative to registration include Wikitravel, photo sharing host Zooomr, linkmarking host Ma.gnolia, identity aggregator ClaimID, icon provider IconBuffet, user stylesheet repository UserStyles.org, and Basecamp and Highrise by 37signals.
  • Yahoo! users can use their yahoo ids as OpenIDs.
  • A complete list of sites supporting OpenID(s) is available on the OpenID Directory.

Various Entities in OpenID

Now let us look at the various entities involved in the OpenID world.

The Open ID Entities

End user

This is the person who wants to assert his or her identity to a site.

Identifier

This is the URL or XRI chosen by the End User as their OpenID identifier.

Identity provider or OpenID provider

This is a service provider offering the service of registering OpenID URLs or XRIs and providing OpenID authentication (and possibly other identity services).

Note: The OpenID specifications use the term “OpenID provider” or “OP”.

Relying party

This is the site that wants to verify the end user’s identifier, who is also called a “service provider”.

Server or server-agent

This is the server that verifies the end user’s identifier. This may be the end user’s own server (such as their blog), or a server operated by an identity provider.

User-agent

This is the program (such as a browser) that the end user is using to access an identity provider or a relying party.

Consumer

This is an obsolete term for the relying party.

Technology in OpenID

Typically, a relying party website (like example.website.com) will display an OpenID login form somewhere on the page. Compared to a regular login form where there are fields for user name and password, the OpenID logic form only has one field for the OpenID identifier. It is often accompanied by the OpenID logo: open id logo medium. This form is in turn connected to an implementation of an OpenID client library.

The Open ID Protocol

A user will have to register and have an OpenID identifier (like yourname.openid.example.org) with an OpenID provider (like openid.example.org). To login to the relying party website, the user will have to type in their OpenID identifier in the OpenID login form.

The relying party website will typically transform the OpenID identifier into a URL (like http://yourname.openid.example.org/). In OpenID 2.0, the client will thus discover the identity provider service URL by requesting the XRDS document (which is also called the Yadis document) with the content type application/xrds+xml which is available at the target URL and is always available for a target XRI.

Now, here is what happens next. The relying party and the identity provider establish a connection referenced by the associate handle. The relying party then stores this handle and redirects the user’s web browser to the identity provider to allow the authentication process.

In the next step, the OpenID identity provider prompts the user for a password, or an InfoCard and asks whether the user trusts the relying party website to receive their credentials and identity details.

The user can either agree or decline the OpenID identity provider’s request. If the user declines, the browser is redirected to the relying party with a message to that effect and the site refuses to authenticate the user. If the user accepts the request to trust the relying party website, the user’s credentials are exchanged and the browser is then redirected to the designated return page of the relying party website. Then the relying party also checks that the user’s credentials did come from the identity provider.

Once the OpenID identifier has been properly verified, the OpenID authentication is considered successful and the user is considered to be logged into the relying party website with the given identifier (like yourname.openid.example.org). The website then stores the OpenID identifier in the user’s session.

Case Study

Now let us take a simple case of Sunil, who wants to buy a Comprehensive Guide to OpenID by Raffeq Rehman, CISSP. This e-book is available only on-line at www.MyBooks.com a technology thought leader which believes in easing the end user’s on-line experience by accepting OpenID based login.

Sunil is a tech savvy individual who has already registered himself at www.singleid.net (India’s first OpenID provider) and they have provided him with his unique login identity, which is: http://sunil.sigleid.net.

The easiest entity to recognize in this purchase scenario is Sunil, the End-User. Obviously Sunil will use his web browser, which is known as the User-agent to access the MyBooks.com.

So, Sunil visits www.MyBooks.com and starts to look for the book he wants. He follows the standard procedures on this website and chooses his book and clicks the check-out link to buy this book. First thing MyBooks.com does is asks him to log-in and gives him an option of logging in with your OpenID.

Since Sunil has already registered himself with SingleId.net, they have provided him with his login-id (which is bit different). So here, www.singleid.net is the Identity Provider or OpenID provider.

Now we know that OpenID uses same method to identify individuals, which is commonly used for identifying websites and hence his identity (Identifier in OpenID context) is http://sunil.sigleid.net. Now SingleId.net part in his identity tells MyBooks.com that he has registered himself at www.singleid.net.

At this stage MyBooks.com sends him to www.singleid.net to log in. Notice that MyBooks.com does not request Sunil to login but relies on SingleID.net. And so MyBooks.com or www.MyBooks.com is the Relying Party or the Consumer. Once Sunil complete his login process which is authenticated against the Server-Agent (typically Server-Agent is nothing but your identity provider) SingleID.net sends him back to MyBooks.com and tells MyBooks.com that Sunil is the person who he says he is, and MyBooks.com can let him complete the purchase operation.

Leading Players in the OpenID World & Important Milestones

  • Web developer JanRain was an early supporter of OpenID, providing OpenID software libraries and expanding its business around OpenID-based
  • In March 2006, JanRain developed a Simple Registration Extension for OpenID for primitive profile-exchange
  • With Verisign and Sxip Identity joining and focusing on OpenID development new standard of OpenID protocol OpenID 2.0 and OpenID Attribute Exchange extension were developed
  • On January 31, 2007, computer security company Symantec announced support for OpenID in its Identity Initiative products and services. A week later, on February 6 Microsoft made a joint announcement with JanRain, Sxip, and VeriSign to collaborate on interoperability between OpenID and Microsoft’s Windows CardSpace digital identity platform, with particular focus on developing a phishing-resistant authentication solution for OpenID.
  • In May 2007, information technology company Sun Microsystems began working with the OpenID community, announcing an OpenID program.
  • In mid-January 2008, Yahoo! announced initial OpenID 2.0 support, both as a provider and as a relying party, releasing the service by the end of the month. In early February, Google, IBM, Microsoft, VeriSign, and Yahoo! joined the OpenID Foundation as corporate board members

OpenID: Issues in Discussion and Proposed Solutions

As is the case with any technology, there are some issues in discussion with regard to OpenID and its usability and implementation. Let us have a look at the points raised and the solutions offered:

Issue I:

Although OpenID may create a very user-friendly environment, several people have raised the issue of security. Phishing and digital identity theft are the main focus of this issue. It is claimed that OpenID may have security weaknesses which might leave user identities vulnerable to phishing.

Solution Offered:

Personal Icon: A Personal Icon is a picture that you can specify which is then presented to you in the title bar every time you visit the particular site. This aids in fighting phishing as you’ll get used to seeing the same picture at the top of the page every time you sign in. If you don’t see it, then you know that something might be up.

Issue II:

People have also criticized the login process on the grounds that having the OpenID identity provider into the authentication process adds complexity and therefore creates vulnerability in the system. This is because the ‘quality’ of such an OpenID identity provider cannot be established.

Solution Offered:

SafeSignIn: SafeSignIn is an option that users can set on their settings page that allows you to choose the option where you cannot be redirected to your OpenID provider to enter a password. You can only sign-in in provider’s login page. If you are redirected to your provider from another site, you are presented with the dialog warning you not to enter your password anywhere else.

Value Proposition

There are several benefits to using OpenID – both for the users and for the websites.

Benefits for the End User:

  • You don’t have to remember multiple user IDs and passwords – just one login.
  • Portability of your identity (especially if you own the domain you are delivering your identity from). This gives you better control over your identity.

Benefits for OpenID Enabled Websites:

  • No more registration forms: With OpenID, websites can get rid of the clutter of the registration forms and allow users to quickly engage in better use of their sites, such as for conversations, commerce or feedback.
  • Increased stickiness: Users are more likely to come back since they do not have to remember an additional username-password combination.
  • Up-to-date registration information: Due to the need of frequent registrations, users often provide junk or inaccurate personal information. With OpenID, since only a one-time registration is necessary, users are more likely to provide more accurate data.

OpenID thus provides the users with a streamlined and smooth experience and website owners can gain from the huge usability benefit and reduce their clutter.

Why Relying Parties should implement OpenID based authentication?

  • Expedited customer acquisition: OpenID allows users to quickly and easily complete the account creation process by eliminating entry of commonly requested fields (email address, gender, birthdates etc.), thus reducing the friction to adopt a new service.
  • Outsourcing authentication saves costs: As a relying party you don’t have to worry about lost user names, passwords, a costly infrastructure, upgrading to new standards and devices. You can just focus on your core. From research the average cost per user for professional authentication are approximately €34 per year. In the future, the relying party will end up paying only a few Cents per authentication request (transaction based).
  • Reduced user account management costs: The primary cost for most IT organizations is resetting forgotten authentication credentials. By reducing the number of credentials, a user is less likely to forget their credentials. By outsourcing the authentication process to a third-party, the relying party can avoid those costs entirely.
  • Your customers are demanding user-centric authentication: User-centric authentication gives your customers comfort. It promises no registration hassle and low barriers of entry to your service. Offering UCA to your customers can be a unique selling point and stimulate user participation.
  • Thought leadership: There is an inherent marketing value for an organization to associate itself with activities that promote it as a thought leader. It provides the organization with the means to distinguish itself from its competitors. This is your chance to outpace your competitors.
  • Simplified user experience: This is at the end of the list because that is not the business priority. The business priority is the benefit that results from a simplified user experience, not the simplified user experience itself.
  • Open up your service to a large group of potential customers: You are probably more interested in the potential customers you don’t know, versus the customers you already service. UCA makes this possible. If you can trust the identity of new customers you can start offering services in a minute.
  • The identity provider follows new developments: When a new authentication token or protocol is introduced you don’t have to replace your whole infrastructure.
  • Time to market: Due to legislation you are suddenly confronted with an obligation to offer two factor authentications. UCA is very easy to integrate and you are up and running a lot quicker
  • Data sharing: If the identity provider also offers the option to provide additional (allowed) attributes of the end-user you don’t have to store all this data yourself. For example, if I go on a holiday for a few weeks, I just update my temporary address instead of calling the customer service of my local newspaper!
  • Quickly offer new services under your brand: If you take over a company or want to offer a third party service under your brand/ infrastructure UCA makes it much easier to manage shared users. How much time does this take at the moment?
  • Corporate image: As SourceForge states they also offer OpenID support to join the web 2.0 space and benefit from the first mover buzz. Besides adding a good authentication mechanism provided by a trusted identity provider could add value to your own service. It is like adding a trust seal of your SSL certificate provider.
  • Extra Traffic: Today you get only those users whom you solicit but miss on those who are solicited by other similar businesses like yours. OpenID brings extra traffic to your website without you spending that extra effort.
  • Analytics: Providers can give you much more analytics on your users’ behavior patterns (this can be anonymous to keep user identity private and report something like 30% of people who visit your site also visit site ‘x’).

OpenID and Info-Cards

It is believed that user-id/password based log-in is the oldest, commonly used and easily implementable, but, at the same time, a weak method of authenticating and establishing somebody’s identity.

To overcome this problem and enhance the security aspect of OpenID based login processes, OpenID providers are using new techniques such as Info-cards (virtual cards based on user PC) based authentication. Microsoft is specially working with various leading OpenID providers to make Microsoft CardSpace as the de-facto standard for OpenID authentication.

There are two types of Info-Cards, Self-issued and Managed (or Managed by the provider). Self issued are the ones which are created by user stored on her/his PC and used during the login process. Since these cards are self issued level of verification provided by the users, their use is limited to the self-verified category and as such, provides a more secure replacement for User Id / Password combination only.

On the other hand ‘Managed Cards’ are managed by the specific provider. This can be your OpenID provider or your Bank. In this scenario, the data on the card is validated by the provider significantly enhancing the value of the verification. As such, these cards can easily be used in financial transactions for easing your on-line purchase process or for proving your legal identity.

There is emerging trend to bridge the gap between info-cards (virtual) and smart-cards (physical) and establish the link between them. Data can be copied to and fro giving your virtual card a physical status. In this scenario, your Info card (which was managed by the required management authority like Bank, RTO or so on) can take the place of your identity proof.

Some Interesting Sites Which Accept OpenID

Circavie.Com

An interesting site where you can create your own ‘story of your life’ – an interactive and chronological blog site, but with a difference (and that difference is not about being OpenID enabled) – see it to believe it!

Doxory.Com

If you are the kind of person who simply cannot decide whether to do ‘x’ or ‘y’, then here is the place for you. Put up your question and random strangers from the internet post their advice.

Highrisehq.Com

Here is the perfect solution for all those internet based companies – manage your contacts, to-do lists, e-mail based notifications, and what-not on this site. If the internet is where you work, then this site is perfect for you to get managing your business smoothly!

Foodcandy.Com

If you are a foodie then this site is the place for you! Post your own recipes and access the recipes posted by other people. Read opinions of people who have tried out the different recipes. Hungry?

About SingleID

SingleID is an OpenID provider – the first in India to do so. It allows users to register and create their OpenID(s) for FREE. It provides all the typical OpenID provider functions – allowing users to create their digital identity and using that to login to several OpenID enabled websites across the internet.

OpenID is being hailed as the ‘new face of the internet’ and SingleID is bringing it close to home. The main focus area of the company is to promote usage of OpenID in India.

If a user wants, he can also create multiple SingleID(s) with different account information, to use on different sites. So it allows you – the user – to control your digital identity, much in the same way as a regular login-password would – but with the added benefits of the OpenID technology.

SingleID has created a unique platform for website owners in India to generate a smooth user experience and create a wider base of operations and access for their websites.

Other user-centric services such as Virtual Cards (for more secure authentication) or allowing the use of user specific domain name (e.g. hemant.kulkarni.name) as an OpenID will be offered very soon.

For our partners we provide secured identity storage and authentication and authorization service alleviating headaches of critical security issues related to personal data.

We also provide the OpenID enablement service. Using our services companies can upgrade their user login process by accepting the OpenID based login largely enhancing their user base.

Links for Reference

· SingleID Home Page – http://www.singleid.net and Registration – https://www.singleid.net/register.htm

· OpenID Foundation Website – http://openid.net

· The OpenID Directory – http://openiddirectory.com/

About the author: Hemant Kulkarni is a founder director of SingleID.net. He has more than 25 years of product engineering and consulting experience in domains of networking and communications, Unix Systems and commercial enterprise software. You can reach him at hemant@singleid.net.

Zemanta Pixie

Narendra Karmarkar’s recent research

After working on the Interior Point Method, Karmarkar worked on a new architecture for supercomputing, based on concepts from projective geometry. Currently, he is synthesizing these concepts with some new ideas he calls sculpturing free space (a non-linear analogue of what has has popularly been described as folding the perfect corner). This approach allows him to extend this work to the physical design of machines. He is now publishing updates on his recent work on PuneTech.

Upcoming Presentations:

Narendra will be presenting new paradigm as follows:

16th July 2008: “Vacuum nanoelectronics devices from the perspective of optimization theory“, The 21st International Vacuum Nanoelectronics Conference in Wroc?aw, Poland, on July 13-17, 2008.

25th July 2008: “Seminar on Massively Parallel Systems and Global Optimization“, Computation Research in Boston, at  Massachusetts Institute of Technology.

PMI meet – Process Modeling; Using NLP – 12 July

PMI logo.Image via Wikipedia

What: Project Management Institute, Pune Chapter‘s monthly meeting, consisting of two sessions – 1. Process Modeling, a key enabler and 2. Use of Neuro-Linguistic Programming (NLP) for organizational effectiveness

When: Saturday, July 12, 10:00 am to 12:30 pm

Where: Cummins Auditorium, Pune Shramik Patrakar Sangh, 193 Navi Peth, Ganjwe Chowk, Near Alka Talkies, Garware bridge & S. M. Joshi hall, Pune 411030. Reception (Tel) – +91(20) 24534190

Registration: This event is free for all, and no registration is required

Details:

Process Modeling – An approach and challenges in its successful adoption, as a key enabler

The use of off-line, steady-state Process Simulators has grown in the global Chemical and Hydrocarbon Processing Industry, particularly over the last decade or so. Many companies of different hue, in terms of size and type of business have derived significant benefits from the implementation of simulation technology.

Having witnessed this growth from both the angles – As a user and as a vendor, Mr. Pandit has also seen some myths, floating in the industry, about simulation technology. He believes that some of these misconceptions have thwarted the efforts of many a companies in adopting simulators as an in-house design and process-monitoring tool.

This presentation would cover some of these myths and/or challenges that industry has faced while adopting simulation technology. It will also present some examples of organizations that have done well in absorbing simulation technology in their organizations.

About the Speaker – Alok Pandit

Alok Pandit has over 20 year’s association with Process Simulation industry, in various capacities. Starting as a Technical Support Executive on Chemshare’s products, he has worked extensively with Aspen Tech and Hyprotech products in Training, Technical Support, Product customization and Business Development. He has conducted more than 100 training programs, on different simulation software, for leading companies in India, Abudhabi, Netherlands and UK.

Alok holds M.Tech (Chem) degree from I.I.T Kanpur (1986) and B.Sc. (Engg) degree from Panjab University, Chandigarh (1983). Alok also holds a PG Diploma in Advanced Computing from C-DAC, Pune.

Alok is presently the Director of Equinox Software & Services Private Limited, a company he has set-up to provide modeling based consulting services to the process industry. Alok was previously working as Country Manager – SAARC and Vice President – Sales, for Aspen Technology Inc. covering a wide territory from Pakistan to Australia. Prior to that, he has worked with Hyprotech, Onward Technologies Limited, Hinditron Computers and Hindustan Petroleum Corporation (Mumbai Refinery).

Use of Neuro-linguistic programming (NLP) for organizational effectiveness

NLP® (Neuro Linguistic Programming) is the art and technology of achieving personal, professional and corporate excellence. NLP enables you to understand and change the way you think, feel and behave. It helps you to choose what to do, and be what you want to be. It is a Methodology based on the fact that behavior has a structure, and that structure can be modeled, learned, taught and changed i.e. re-programmed.

Special features of these techniques are that they

  • Align thinking and behavior patterns to meet goals and objectives in a seamless manner.
  • Help to achieve a wide variety of outcomes such as motivation, creativity, emotional management, new skill development, team synergy, health, belief change and more.
  • Acknowledge uniqueness of individuals and change behaviors in ways most appropriate to them.
  • Cause changes without stress. Within a relatively short period this person can start experiencing personal power and euphoria.

About the Speaker – Vikas Dikshit

Mr. Dikshit has done extensive research in the field of mind sciences, psychology and the behavior modification techniques. He has conducted many Workshops and Seminars on various topics to bring about holistic & significant improvements in professional and personal lives of people. He is B.E. (Mech.) from college of Engineering, Pune and after graduating, he had business interests in road transport, bore-well drilling and leather garment manufacturing and exports to North America and Europe. These businesses gave him a hands-on experience of managing a wide variety of people in various management environments, circumstances and cultures.

For more information about PMI Pune, see it’s PuneTech wiki profile

Zemanta Pixie

Upcoming Event: Python and Fedora Session

CPythonImage via Wikipedia

What: A detailed day-long session consisting of an introduction to Python, and opportunities for contributing to the Fedora project. Organized by LinuxChix Pune.

When: Sunday, 13 July, 11am to 5pm.

Where: RedHat office, Kalyaninagar

Registration: The event is free, but open only to the first 15 participants who register

Details:

Python Session by Ramkrsna

  • Instant Python :: Basically Teaching all of Python in the first Hour, before going deeper.
  • Lexcial Conventions and Syntax
  • Types and Objects
  • Operators and Expressions
  • Control Flow
  • Functions and Functional Programming
  • Classes and Object Oriented Programming
  • Modules and Packages
  • Input and Output
  • Execution Environments

A session on opportunities for volunteering at the Fedora Project, by Rahul Sundaram.

For more details see:
http://linuxchix.org.in/wiki/index.php/PunePythonSession

Please note, since the room has a maximum capacity for 15 people do ensure that you have your name
within the first 15. The names can be enlisted in the above mentioned page.

For further assistance, please do contact any of the following:

Runa Bhattacharjee (runa.misc at gmail dot com)
Smriti Garg (smritigarg87 at gmail dot com)
Shubhra Samnani (shubhra.samnani at gmail dot com)

Zemanta Pixie