- Privacy Policy
- Our Service Commitment
- Red Hat Delivers Accessible, Open Source Generative AI Innovation with Red Hat Enterprise Linux AI
- Is Red Hat OpenShift Container Platform Virtualization the Best Alternative to VMware Amid Rising Costs?
- Top 10 Stories About Compute Engines, Linux of 2024 (So Far) - ITPro Today
UR Solutions News
Open-source News
The Janssen Project Takes on World’s Most Demanding Digital Trust Challenges at Linux Foundation
New Janssen Project seeks to build the world’s fastest and most comprehensive cloud native identity and access management software platform
SAN FRANCISCO, Calif., December 8, 2020 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the Janssen Project, a cloud native identity and access management software platform that prioritizes security and performance for our digital society. Janssen is based on the Gluu Server and benefits from a rich set of signing and encryption functionalities. Engineers from IDEMIA, F5, BioID, Couchbase and Gluu will make up the Technical Steering Committee.
Online trust is a fundamental challenge to our digital society. The Internet has connected us. But at the same time, it has undermined trust. Digital identity starts with a connection between a person and a digital device. Identity software conveys the integrity of that connection from the user’s device to a complex web of backend services. Solving the challenge of digital identity is foundational to achieving trustworthy online security.
While other identity and access management platforms exist, the Janssen Project seeks to tackle the most challenging security and performance requirements. Based on the latest code that powers the Gluu Server–which has passed more OpenID self-certification tests than any other platform–Janssen starts with a rich set of signing and encryption functionality that can be used for high assurance transactions. Having shown throughput of more than one billion authentications per day, the software can also handle the most demanding requirements for concurrency thanks to Kubernetes auto-scaling and advances in persistence.
“Trust and security are not competitive advantages–no one wins in an insecure society with low trust,” said Mike Schwartz, Chair of the Janssen Project Technical Steering Committee. “In the world of software, nothing builds trust like the open source development methodology. For organizations who cannot outsource trust, the Janssen Project strives to bring transparency, best practices and collective governance to the long-term maintenance of this important effort. The Linux Foundation provides the neutral and proven forum for organizations to collaborate on this work.”
The Gluu engineering teams chose the Linux Foundation to host this community because of the Foundation’s priority of transparency in the development process and its formal framework for governance to facilitate collaboration among commercial partners.
New digital identity challenges arise constantly, and new standards are developed to address them. Open source ecosystems are an engine for innovation to filter and adapt to changing requirements. The Janssen Project Technical Steering Committee (“TSC”) will help govern priorities according to the charter. The initial TSC includes:
- Michael Schwartz, TSC Chair, CEO Gluu
- Rajesh Bavanantham, Domain Architect at F5 Networks/NGiNX
- Rod Boothby, Head of Digital Trust at Santander
- Will Cayo, Director of Software Engineering at IDEMIA Digital Labs
- Ian McCloy, Principal Product Manager at Couchbase
- Alexander Werner, Software Engineer at BioID
For more information, see the project Github site: https://github.com/JanssenProject
Supporting Comments
BioID
“BioID’s biometric authentication service provides GDPR compliant, device independent, 3D liveness detection and facial recognition APIs, supported out-of-the-box by the Janssen project. Exposing BioID’s capabilities via OpenID Connect makes sense in many cases, especially as part of the rollout for a large organization. The availability of a high-quality open source implementation of OpenID Connect gives us more options to build products and to expand the options for our customers to deploy our technology,” said Alexander Werner, Software Engineer at BioID.
Couchbase
“The Couchbase database is supported today in the Janssen project for both caching and persistence. This makes sense given the distributed, elastic, in-memory requirements for a multi-cloud, hyper-scale identity service. Contributing to this project aligns with our goal to advance open source infrastructure software that results in more options for the Couchbase community,” said Ian McCloy, Principal Product Manager at Couchbase.
F5
“It’s an immense pleasure to join the Janssen Project, as it’s aimed to improve the performance, reliability and security on OAuth2 Components that are similar to NGINX Principles. Being part of Linux Foundation, the Janssen Project will be well governed and evolve with the open source community to achieve its goals,” said Rajesh Bavanantham, F5.
IDEMIA
“I have been a part of the Gluu community for many years. I’m excited to see the project moving to the Linux Foundation where we can collaborate with an even larger ecosystem of individuals and companies,” said Will Cayo, IDEMIA.
About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 1,500 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.
###
The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.
Media Contact
Jennifer Cloer
Story Changes Culture
503-867-2304
jennifer@storychangesculture.com
The post The Janssen Project Takes on World’s Most Demanding Digital Trust Challenges at Linux Foundation appeared first on The Linux Foundation.
CentOS 8 Ending Next Year To Focus Shift On CentOS Stream
Well here is a surprise for those that have long used CentOS as the community-supported rebuild of Red Hat Enterprise Linux... CentOS 8 will end in 2021 and moving forward CentOS 7 will remain supported until the end of its lifecycle but CentOS Stream will be the focus as the future upstream of RHEL...
Radeon RX 6900 XT Launches As Flagship Card With Open-Source Drivers But Very Limited Availability
After the Radeon RX 6800 series launched just under a month ago, the flagship AMD Radeon RX 6900 XT is launching today. This is currently the most powerful RDNA 2 graphics card and should work under Linux with the open-source driver stack but the card is likely to be scarcer than even the RX 6800 series...
Qt 6.0 Officially Released
The Qt Company has officially released Qt 6.0 as the latest major release to this open-source, cross-platform toolkit...
Download the Report on the 2020 FOSS Contributor Survey
Free and Open Source Software (FOSS) has become a critical part of the modern economy. It has been estimated that FOSS constitutes 80-90% of any given piece of modern software, and software is an increasingly vital resource in nearly all industries. This heavy reliance on FOSS is common in both the public and private sectors, in both tech and non-tech organizations. Therefore, ensuring the health and security of FOSS is critical to the future of nearly all industries in the modern economy.
To better understand the state of security and sustainability in the FOSS ecosystem, and how organizations and companies can support it, the Linux Foundation‘s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH) collaborated to conduct a widespread survey of FOSS contributors as part of larger efforts to take a pre-emptive approach to strengthen cybersecurity by improving open-source software security.
These efforts — recently incorporated into the Open Source Security Foundation (OpenSSF) working group on securing critical projects — aim to support, protect, and fortify open software, especially software critical to the global information infrastructure.
This survey’s primary goal is to identify how best to improve FOSS’s security and sustainability — especially those projects that are widely relied upon by the modern economy. Specifically, the survey seeks to help answer the question,
“How can we better incentivize adequate maintenance and security of the most used FOSS projects?”Importantly, in conducting this survey, the research team sought to take a holistic view of security. The methodology for recruiting survey participants emphasized contributors to FOSS projects that have been identified as widely used via previous research that culminated in the release of “CII Census II Preliminary Report – Vulnerabilities in the Core.”
This new report summarizes the results of a survey of free/open source software (FOSS) developers in 2020. The goal was to identify key issues in improving FOSS’s security and sustainability since the world now depends on it as a critical infrastructure that underlies the modern economy.
To capture a cross-section of the FOSS community, the research team distributed the survey to contributors to the most widely used open source projects and invited the wider FOSS contributor community through an open invitation. It captured more technical aspects of security and also considered the more human side.
The survey included questions about contributor motivations and level of involvement, corporate involvement in FOSS, the role of economic considerations in contribution behavior, and sought to answer the following:
- Demographics: What are the demographics of FOSS contributors? In particular, what are their gender, employment, and geographic location?
- Motivations: What are their reasons for starting, continuing, or stopping contributions to FOSS? How can projects keep contributors engaged, and do contributors feel that their employers or others value their work?
- Pay: How many FOSS contributors are paid for their work on FOSS? If paid, by whom (e.g., by employers and/or corporate sponsorship)? If they are not, does the lack of payment lead to significantly poorer security or sustainability?
- Time Spent: How much time do contributors spend contributing to FOSS, and how would they like to spend it? Is there an interest in increasing time spent on security issues?
- Aid: What kinds of actions from external actors would help improve security (e.g., code contributions and/or money)?
- Current activity: What kinds of security-related activities are already taking place in the FOSS projects represented by the respondents?
- Education/training: How much education/training have FOSS contributors had in secure software development and operations? From which sources did they receive it?
The goals in running this survey were to understand the state of security and sustainability in FOSS and identify opportunities to improve them, and ensure FOSS’s viability in the future. In particular, this survey focused on the “human side” of FOSS, more than the technical side, although the two are certainly inter-related, and these findings relate to both.
The results identified reasons for optimism about the future of FOSS (individuals are continuing to contribute to FOSS, companies are becoming friendlier to FOSS to the point of paying some employees to contribute, etc.), but also areas of concern (in particular, the lack of security-related efforts, and potential difficulties in motivating such efforts).
In the end, free and open source software is, and always has been, a community-driven effort that has led to the development of some of the most critical building blocks of the modern economy. This survey highlights the importance of the security of this important dynamic asset. Likewise, it will take a community-driven effort, including individuals, companies, and institutions, to ensure FOSS is secure and sustainable for future generations.
Authors:
- Frank Nagle, Harvard Business School
- David A. Wheeler, The Linux Foundation
- Hila Lifshitz-Assaf, New York University
- Haylee Ham, Laboratory for Innovation Science at Harvard
- Jennifer L. Hoffman, Laboratory for Innovation Science at Harvard
The post Download the Report on the 2020 FOSS Contributor Survey appeared first on The Linux Foundation.
The 10 Most Interesting Features Of Linux 5.10
With the Linux 5.10 kernel expected to be released this weekend, here is a look at some of the most interesting changes and new additions. Besides being the last kernel release of 2020, Linux 5.10 is significant in that it's also serving as a Long Term Support (LTS) release...
AMD Zen 3 Support Published For The LLVM Clang Compiler
After Zen 3 support was sent out and merged into GCC 11 last week, the LLVM Clang compiler support has now been published for this newest member of the AMD Zen family...