Start with a Java applet and build a server-based proxy system that uses your
browser to access an arbitrary Web service. You'll use JavaScript code to
access applet-based information and call a servlet, which retrieves the
remote information. Thus, you bypass the same-server restrictions on what an
applet can and cannot do.
... (more)
This will be the last [at least for a while] post in the SOA Security Series,
and I want to conclude by sharing my vision and some recommendations and best
practices (most of them fairly common sense) that I have noticed, stole and
otherwise accumulated while working in this field. But before we start, I
would like to fill the gap that I left in my earlier postings by never
providing a
Definition of Secure SOA
Secure SOA is an approach to implement SOA which by design ensures trust
throughout the SOA ecosystem (including services, consumers, composite
applications and infrastructure) by addressing some or all of the following
security aspects:
Authentication Authorization Integrity Confidentiality Accountability
(monitoring, logging, audit, non-repudiation) Identity (federation,
provisioning, trust brokering) Security Policies
It is also worth mentioning that I firm... (more)
WOBURN, MA -- (Marketwire) -- 08/26/09 -- ORSYP
News Facts:
-- ORSYP, provider of IT operations management solutions Dollar Universe(TM)
and UniJob(TM), today announced that it has relocated its North American
corporate headquarters from Bedford, Massachusetts to Woburn, Massachusetts.
The opening of this new office supports the company's plans to expand its
presence in North America to support its growing customer base and capitalize
on the increasing demand for its IT automation and job scheduling products.
-- The opening of the new North American headquarters follows on the heels of
ORSYP's outstanding performance in FY2009, during which the company grew by
more than 15 percent year-over-year, exceeding overall IT market growth of 6
- 7 percent. ORSYP also achieved global customer success, increased its
headcount by 15 percent and expanded its ITIL and IT Governan... (more)
dbMotion, a provider of health interoperability solutions, announced its
participation at HIMSS 2010, March 1-4 in Atlanta, Ga., both as an exhibitor
(Booth 6023) and as a featured contributor to the Interoperability
Showcase—demonstrating how providers can achieve meaningful data-sharing
across a range of healthcare settings. Participation in the Interoperability
Showcase comes on the heels of dbMotion’s successful completion of
interoperability testing at the 11th Annual IHE North American Connectathon
in Chicago.
Advanced solutions from dbMotion are designed to deliver genuinely connected
healthcare by facilitating care coordination and population management.
Integrated applications and tools, based on the SOA-based dbMotion
interoperability platform, deliver vital patient information to the right
provider at the right place and time, in a semantically harmonize... (more)
The fact that you're reading this article means that you are probably
planning a service-oriented architecture (SOA) initiative and recognize that
some level of governance is required in order to be successful. If you are
like most people in this position, you are also somewhat confused as to the
meaning of SOA governance. Governance is the current buzzword, and combining
governance with SOA creates a phrase that every independent software vendor
(ISV) wants a piece of. How do you sort out what is marketing hype from what
is truly valuable and relevant to your organization's SOA efforts?
Governance Scope Within an IT Organization
Much of the hype around SOA governance has been focused on operational
governance. Defining, tracking, and managing factors like service-level
agreements (e.g., average response time, peak response time, average
throughput, peak throughput) ... (more)
Dr Adam Kolowa (pictured), Founder & CEO of Parasoft and panelist at SYS-CON
Events' "SOA Web Services Power Panel" at SOA Web Services Edge Conference
& Expo - June 5-6, 2006 - in New York City, writes:
Security has the inherent nature of spanning many different layers of a Web
Services system. Web Services vulnerabilities can be present in the operating
system, the network, the database, the Web server, the application server,
the XML parser, the Web Services implementation stack, the application code,
the XML firewall, the Web Service monitoring or management appliance, or just
about any other component in your Web Services system.
Therefore security testing, which is important for any software application,
is even more crucial for Web Services. This article explores security issues
specific to Web Services and illustrates the engineering and testing best
practic... (more)
After almost three months of traveling, I returned home today. When I flew
around the island before I touched down, it was one of the most beautiful
November days in the Caribbean. I had left home Labor Day weekend and
traveled through Greece and Italy for most of October. It was one of the
best seasons in Athens and Capri.
Last Tuesday I was on a Turkish Airlines flight from Istanbul to New York.
They must have bought new planes, still Airbus but with a personal
entertainment system on every seat with huge plasma touch screens - beats
JetBlue big time. This flight is almost 12 hours. For a 36-hour stay in
Istanbul, you better try your best to rest before you land in JFK, otherwise
the remainder of your day will be completely shot.
After going through "Two and Half Man" and the rest of the TV sitcoms, all
popular movies including Oceans 13, I continued playing aroun... (more)
With Cloud Expo New York | 12th Cloud Expo [June 10-13, 2013] hurtling
towards us, let's take a look at the distinguished individuals in our
incredible Speaker Faculty for the technical and strategy sessions at the
conference coming up June 10-13 at the Jacob Javits Center in New York City.
We have technical and strategy sessions for you all four days dealing with
every nook and cranny of Cloud Computing and Big Data, but what of those who
are presenting? Who are they, where do they work, what else have they written
and/or said about the Cloud that is transforming the world of Enterprise IT,
side by side with the exploding use of enterprise Big Data – processed in
the Cloud – to drive value for businesses...?
12TH CLOUD EXPO SPEAKER NAME: David Linthicum
TWITTER: @DavidLinthicum
COMPANY: Cloud Technology Partners
12TH CLOUD EXPO SESSION TITLE: Calculating the True Value o... (more)
Kin Lane recently wrote a couple of blogs about why copyrighting an API is
not common. I couldn’t agree more that copyrighting APIs is uncommon. First
of all, the API definition is just an interface (It is the implementation
detail that is important, and needs to be guarded), so it doesn’t make any
sense to copyright an interface. (It is almost like copyrighting a pretty
face ). Secondly, the whole idea of exposing an API is you are looking for
others to finish the work you started by just providing the plumbing work.
Why would anyone want to get involved with a copyrighted API and finish your
work for you?
Kin Lane says, “API copyright would prevent the reuse and remix of common
or successful API patterns within a space. We are at a point where
aggregating common, popular APIs into single, standardized interfaces is
emerging as the next evolution in web and mobil... (more)
Oracle on Ulitzer
Online commerce is no longer just for consumer products, but also for direct
and indirect goods and services. As a result, new demands are placed on
classic customer relationship management (CRM) applications. While most have
successfully automated customer-facing interactions (such as order capture,
configuration, pricing, and order query), they still rely on external systems
to process subsequent steps (such as invoicing, fulfillment, and
pick-pack-ship), which are completed in a back-office enterprise resource
planning (ERP) application. This leads to disjointed business processes and
multiple user interfaces, each executing well within the native application
(CRM or ERP), and requiring the creation of point-to-point and proprietary
integrations and cumbersome custom user interfaces that are difficult to
extend and maintain.
REGISTER FOR SOA W... (more)
A completely new computing platform is on the horizon. They're called
Microservers by some, ARM Servers by others, and sometimes even ARM-based
Servers. No matter what you call them, Microservers will have a huge impact
on the data center and on server computing in general.
What Is a Microserver...and What Isn't
Although few people are familiar with Microservers today, their impact will
be felt very soon. This is a new category of computing platform that is
available today and is predicted to have triple-digit growth rates for some
years to come - growing to over 20% of the server market by 2016 according to
Oppenheimer ("Cloudy With A Chance of ARM" Oppenheimer Equity Research
Industry Report).
According to Chris Piedmonte, CEO of Suvola Corporation - a software and
services company focused on creating preconfigured and scalable Microserver
appliances for deployin... (more)
Subscribe to SOA Best Practices Digest Email News Alerts
Subscribe via RSS
