Securityfocus: Hackproofing Oracle Application Server. Reasonably well written guide to fixing vulnerabilities and insecure defaults in Oracle 9iAS. Useful for breaking too.  6:28:07 PM    

Digital Identity: "This presentation blew me away - it is absolutely the first time that anyone so concisely has addressed the issues and opportunities of Identity and Access Management. The goal: creating context, puts identity in the right framework, rather than the usual upside-down application-centric perspective."  6:21:21 PM    

John Robb: "Just a simple insight.  It's pretty clear to me that the thinking about Web Services to date is just plain wrong. The best data doesn't exist on corporate systems.  The bulk of interesting new data is on the desktop, and it will grow.   P2P Web Services are the future.  How's this for workflow: A personal calling card in the form of a Weblog.  It explains who you are, what you have available, and how to connect to the services you publish. Click on the Web Service, fill out some information, and away you go.  No UDDI and WSDL.  The Weblog helps the document the Service.   Find it on Google (perhaps it is a tab on the the interface).   Simplistic.  Yes. Doable.  Yes."  6:01:06 PM