I am pretty new to Hybris. I am a bit curious about the activities that are taken care of by the production support team in Hybris. please share the information about what are the activities generally a production support person take care.
Maybe this can give you some idea:
Study guide for SAP Certified Support Specialist - SAP Commerce 1811: https://cxwiki.sap.com/display/education/Study+guide+for+SAP+Certified+Support+Specialist+-+SAP+Commerce+1811
I think the scope can be quite big, and it will depend on your contract / agreement. It could cover things like:
Handling day-to-day operations (e.g. backups)
Managing releases or patches
Managing users (e.g. Creating/Updating accounts manually)
Operating Backoffice (e.g. Reloading the widgets, etc) or PCM
Monitoring the system (e.g. Using DynaTrace)
Fixing performance issues
Fixing synchronization issues
Setting up the infrastructure (e.g. clustering, caching, logging, etc)
Being familiar with integration with other services (e.g. Data Hub)
Knowing how to indetify and fix issues / problems in general
etc
Do we have any open source security benchmarks for Google cloud apart from CIS benchmarks?
Generally how pen-testing is done for Cloud infrastructure?
I don't know of any other open source benchmark, but according to security compliance doc the certifications and the compliance standards for GCP are ISO/IEC 27001, HIPAA, FedRAMP, SOC 1.
About the pen testing, according to this other doc, to do a pen test, you are not required to contact Google to begin testing. But it's needed to stick to the Acceptable Use Policy and the Terms of Service and only affect your own projects
In case its useful, there is also a white paper with more info
We are currently working on setting up enterprise level search and need to evaluate the performance of different solutions available in the market. We need insights from experienced people in this field.
Thank you for helping.
P.S- I am new to this platform so may have made some mistake
Micro Focus IDOL (Intelligent Data Operating Layer) provides an excellent platform search and knowledge discovery across the enterprise. We have a wide variety of connectors for the various content repositories in a typical enterprise. IDOL can detect and extract information from over 1000 file types.
Audio, Video and Images are also sources of information and IDOL can perform speech to text, OCR, image classification and a host of visual / audio analytics on unstructured content.
IDOL does all of this while respecting the security model of the content repository. It can map the security so the secure search results are returned in sub second responses. IDOL can map security of a user across the various content repositories. So if a user goes by usernameA in repo1 and user name A in repo2, its possible to map it easily in IDOL.
The strength of IDOL is the Adaptive Probablistic Concept Modelling capability which improves over a large volume of documents. So for example if you wanted to know what are the core concepts discussed in documents in a particular SharePoint site or File Share we can easily do this without firing a single keyword query to IDOL.
Recent advances in Natual Language Question and Answering has enabled the IDOL platform to literally ask a question to your document corpus. So a typical question would be, "Where does the code of conduct say about expense reimbursements on international trips?" and rather than going through each link. We can extract the passage most relevant to the question from 100s of documents and present the answer to the user.
I need your help for my question.
I need to build a web based application that should perform some activity of document management. I'm evaluating existing document management solution and I need a solution that expose api via rest or other protocol, so that I can interact with them from my application.
I read about alfresco, sharepoint and knowledge tree but I find difficult to understant prices for commercial use. Can someone help me with a comparison of function/prices for a commercial use?
Alfresco is available in two versions, Alfresco Community Edition and Alfresco Enterprise. Alfresco Community is under the LGPL license. Assuming you want to use it in-house (not distribute it to others), you can use + customise + extend Alfresco Community to your heart's content, without restriction or charge. (LGPL/GPL/etc are distribution licenses, not use licenses, so only kick in when you redistribute). However, Alfresco Community comes with no commercial support, only support provided by the community. For a lot of uses that's good enough, but for other cases you'll want to be able to ring someone for support / get hotfixes backported to your version / etc. In that case...
Alfresco Enterprise is paid for, coming with commercial support (including SLAs, pick up the phone and talk to an expert etc), along with a handful of features that matter in big deployments (clustering being one). Pricing depends on a few things, mostly around size of deployment and SLA, but for small deployments isn't too bad. For big deployments, it can be a huge saving over other systems! Give sales a call, they're very friendly, and only rarely buy me beer ;-)
If you don't want to run your own repo, there's also the Alfresco Cloud version, which comes with a public API. With this, Alfresco themselves run and maintain the instance for you, and you can use the public API to store / retrieve / manage / etc your content. It's much simpler to get going with! But you don't quite get as much control or customisation as with the on-premise versions.
SharePoint might already be covered by your existing Microsoft licensing deal, if you have one. If not, you'd need to decide between licensing on a per-server or per-user basis. See Microsoft pages like this to get an idea of the options, then ring your Microsoft sales rep to get an idea of the pricing. In many cases, you'd need to pay someone else for support, so you'd be back to a similar thing as with Alfresco Community vs Enterprise.
If you're not sure what system to go with, you might be safest and best off implementing your project using CMIS (Content Management Interoperability Services). This provides a common way to talk to content repositories, allowing you to store/retrieve/browse/search/permissions/etc irrespective of what the underlying repo is. Alfresco provide some information on it, and Apache Chemistry provides open source client libraries for most common programming languages, which makes getting started very quick. There's also an excellent book on CMIS which I can very much recommend! And not only because the authors of that have been known to buy me beer too... ;-)
Has anyone written XACML Implementations other than the Sun XACML Implementation and XEngine?
Who uses them in their products?
Which vendors provide a PDP? I read something about a WebLogic XACML Provider. What other products support XACML?
This has been answered on the XACML TC list already: http://markmail.org/message/w7msffsbi6qzgfoj
XACML is used in a wide variety of industries today. Trying to summarize what's been said
There are 2 types of implementations today:
open-source implementations
They are either backed by commercial organizations, foundations, or universities.
These include:
(Sun-backed) SunXACML (http://sunxacml.sourceforge.net/) - very much dead on its own but used in other products such as WS02's offering (see below)
(R&D-backed) SICSACML (http://www.sics.se/node/2465) backed by SICS, the Swedish Institute for Computer Science, and now taken up by Axiomatics (www.axiomatics.com)
(University-backed) Heras AF (http://www.herasaf.org/heras-af-xacml.html): Orange is using their product. Orange is one of the leading telecommunications providers in Europe.
WS02 is a company that was born from the Apache Synapse project and expanded into different areas successfully including XACML by using the initial SunXACML implementation (http://wso2.org/library/identity-server/user-management/xacml). I am not sure they have customers using XACML today.
Enterprise XACML (http://code.google.com/p/enterprise-java-xacml/) but not updates in nearly a year
Brad Cox also a neat approach to implementing XACML as described in his blog and paper at http://bradjcox.blogspot.com/
Commercial products
Oracle OES provides a SunXACML-based XACML 2.0 implementation. It is hard to know whether OES customers are using XACML features.
IBM Tivoli Security Policy Manager
Axiomatics Policy Server took SICSACML and marketed it in 2006 - their product fully implements XACML 3.0. Their customers include "one of the world's largest bank", Paypal, Bell Helicopter, Swedish National Healthcare service, SOS Alarm, and DATEV eG as listed at www.axiomatics.com/customers.html
There are other vendors such as Jericho Systems and Nextlabs that offer XACML. Also Securent (later bought by CISCO) had a XACML offering.
Lastly I recommend you visit the XACML TC (http://www.oasis-open.org/committees/xacml/) where you can see its contributing members. Those include Oracle, Axiomatics, Boeing, Veterans Administration, EMC who are regular contributors.
I'm a member of the team at IBM that builds a security policy management solution, including XACML for authorization policy; and I used to be the team lead for the XACML runtime component itself. The product is called Tivoli Security Policy Manager, and is definitely under active development.
WebLogic used to be built by BEA, before they were acquired by Oracle. I'm not sure if Oracle still sells it or not.
Axiomatics also has a XACML solution, as does Jericho Systems.
WSO2 Identity Server (http://wso2.org/) is a open source entitlement engine which is based on the sunxacml. WSO2 Identity Server contains a nice XACML UI policy editor which can be easily used to create complex XACML policies. There is a PIP layer to plug any attribute finder module with it. Therefore you are able to find your attribute from any database, LDAP user store , web services and many more .... Also there are decision caching, policy caching and PIP level attribute caching to improve the performance. You can refer the implementation source code from here [1]
[1] https://svn.wso2.org/repos/wso2/branches/carbon/3.2.0/components/identity/org.wso2.carbon.identity.entitlement/
DATEV (a german IT service provider w 5800 employees) announced in 2010 that they will use XACML. Swedish software company Axiomatics will develop a Datev version of its identity management solution.
XACML implementations (Sun, XEngine, and EnterpriseXACML) are currently interpeters, which makes it hard to debug how a decision was reached since debuggers show the interpreter's internal code, not the policy itself.
I've written a compiler for DOD/DISA that transforms XACML directly to Java code. The goal was making policies easier to understand, not speed, but it is gratifying that compiled policies run in about a tenth the space and time as Sun's interpreter.
The compiler has now been verified by using the same Oasis compliance tests that Sun's interpreter uses. Out of ~400 tests, it passes all but 8. Current problem areas are cases the standard isn't clear on; Subject Categories and PolicySet IdReferences to name two.
I'm wiring it up as a SAML-P service this weekend. Release plans aren't final yet but we'll probably release it as open source on forge.mil as soon as the SOA version stabilizes.
Note added: There's a link to an AFCEA paper about it at http://bradjcox.blogspot.com/2011/03/compiling-xacml-to-java-source.html
BiTKOO (http://bitkoo.com) has XACML 3.0 integrated into its Keystone family of authorization management products. I'm the architect of BiTKOO's XACML core technologies (PDP, PAP, PEP).
A wide variety of organizations are now using XACML based solutions for authorization management. Most are large organizations - government agencies (foreign, domestic, military, and state), universities, media companies, industrial companies, etc.
I'm aware that this questions was posted a few years ago but it can be relevant right now to people looking for open source XACML implementations.
The project AuthZForce provide an opensource XACML 3.0 implementation with a multi tenant REST API along with a java based API. It also provide an XACML SDK.
AuthZForce is available on github, on the OW2 repository and a docker container as well as a debian package are available
http://github.com/authzforce
https://tuleap.ow2.org/projects/AuthzForce/
I'm one of the core developper of the project so feel free to reach me if you have any questions.
This may not be helpful as it's not a COTS product, but it may be of interest to you or others.
There is an open-source XACML implementation at http://code.google.com/p/enterprise-java-xacml/ which I've used recently. It covers the entire specification and has pretty decent policy evaluation performance considering it's not optimised.
You can have a look at http://www.herasaf.org/ . It is a highly developed open source project (Although I don't know which license they are under) I looks really promising, but there is still a lot of work to do.
If you are looking for an alternative to Sun XACML you should really have a look at HERAS-AF (www.herasaf.org). It's a very active project and their support is very good and fast responding (e.g. forum.herasaf.org). Code is in good quality and it provides very much extension points. The API is clear and very easy to use. Have a look at the getting started guide. It is developed and published under Apache2 license.
OpenAM, an open source access management and web Single Sign On solution, previously known as OpenSSO, provides a PDP and has support for XACML 3.0 for importing and exporting policies.
More information at openam.forgerock.org.
PicketBoxXACML, formerly JBossXacml also wraps SunXacml's implementation and provides an updated PDP. There's not alot of documentation out there on it, but it's open source.
Hi you might also want to have a look at ViewDS identity Solutions (see http://www.viewds.com). ViewDS have two XACML solutions. Access Sentinel which provides for externalised authorisation services with a PDP/PIP and two PAPs (DortNet & Java) and a variety of PIPS. Their product also supports Delegation, Roles Management & obligations. ViewDS Identity Solutions also have an LDAP Directory with its own integrated searching and matching engine and have XACML enabled the Directory. That is they use XACML to provide the Policy based authorisation system for accessing Directory information over the Web.
Here's an interesting discussion at Forrester blog http://blogs.forrester.com/andras_cser/13-05-07-xacml_is_dead that actually updates the state of XACML as of 2013. Be sure to read the comments as well.