Google Wave Security
Google Wave Security will become a very talked about issue in the near future.
Not much is known about Google Wave except that there are hopes it will do away with all other forms of collaboration. The way I see Google Wave developing is that it will become a very useful tool to connect different business services onto one platform. This will become more and more popular as more and more businesses use it. This is a system for the big boys, whoever invests time and effort to implement and understand it, will be leading the pack. However, at the moment we’ve not even touched the tip of the iceberg.
Developers have to get stuck in and create reliable secure programs for the Wave system to plug into and connect business services. The important thing will be security. Google Wave will make it possible to do purchases directly via a Wave.
People and businesses will only adopt these game changing methods (as well as keeping the old methods) once it becomes mainstream and 100% reliable and secure.
(Google Wave Explained by Mashable)
I wouldn’t get my hopes up right now. We’re still a long road away before it becomes integrative for business structures.
In the meanwhile we need to address the security issues and discuss them.
What we talk about and demand the system to have is what the developers will develop.
The butterfly feeling of Google Wave will soon disappear however, it will come back when Wave services have the ability to grow your business’s bottom line securely.
06 Oct 2009
Dian Joubert
I will be interested to see which secure method and tools are used to provide role based access to a Wave that behave somewhat like Active Directory in a Wave World.
Several ideas:
1. Very interested in role based and attribute based access controls tied to an identity & privilege management scheme for all services and data artifacts.
2. Would be interested in applying a robust Wave solution to the selective (health care administrator) and elective (patient as the data owner) sharing of electronic health records. This would be highly transparent to the patient as the authoritative data owner in terms of electing to grant access to specific files to medical care professionals (doctors, nurses, dentists, midwives, etc…), health related institutions (hospitals, clinics, etc…), insurance companies, and family members. Some kind of public key or other token-based exchange would be used to mange authentication of all parties. There is much more to this idea and a similar set of services could be set up for sharing data and services between a client and their accountants, attorneys, financial planners, academic institutions, employers, or other transactional relationships between a people and institutions.