Recently I had an opportunity to do an extensive Literature review of
the whole federated authentication space within web services. The
literature review is attached and the abstract for the same is shown
below.
----------------------------------------------------------------------------
Abstract
Over the past few years as web services technology has matured, so has
its use in complex line of business applications. Projects to create
Service Oriented Architecture and Complex Supply Chain Integration are
pushing the boundaries of present web services specifications. As
organisations and applications using web services collaborate across
security domains the risks associated with compromised identities
increase. In order to mitigate these risks a system of Federated
Security domains is being used in web services projects. This paper
will look at the concepts behind digital identities, aspects of web
services security (WS-Security) and how federation is achieved in such
a landscape. Lastly it looks at Liberty Alliance ID-WSF and
WS-Federation specifications and how they compare against each other.
The paper finishes off with some recommendation for future projects to
investigate and do a threat assessment of applications built to these
two specifications.
----------------------------------------------------------------------------
Unfortunately I cant attach files to my blog, will have to find a way around this predicament.
Sunday, November 28, 2004
Saturday, November 20, 2004
SOA and the confusion
Recently I had an opportunity to talk to some one about SOA. During
this time I asked the person what they understood about SOA and was
quite surprised at the confusing answer. Mind you the person is
question is very bright and has been active in the web services world
for a long time. At that point I thought to myself if such a
knowledgeable person is struggling with the concepts what hope do the
rest of the community have.
We all know there is a general push in the business circles for using
COTS (Commercial Off The Shelf) products. Now in an industry where
everyone is using SAP or what ever to run their business, they
invariably are subscribing their business practises to what SAP
Product Managers think. This being the case there would be a general
homogenisation of the sector. How does one company differentiate
itself from another? If IT and COTS become commodity then the opinion
raised by Nicholas Carr "IT doesn't matter"
(http://searchcio.techtarget.com/originalContent/0,289142,sid19_gci905877,00.html)
becomes valid.
I think there is another evolution coming to the IT market which will
make IT matter which is SOA. Once all my Uni stuff is over I plan to
write on this topic further. I think SOA provides companies's to
retain their edge by using IT as a fabric that weaves complex
applications inside an organisation into a cohesive whole.
More on this later.................. I think I should come off my high
horse now -)
this time I asked the person what they understood about SOA and was
quite surprised at the confusing answer. Mind you the person is
question is very bright and has been active in the web services world
for a long time. At that point I thought to myself if such a
knowledgeable person is struggling with the concepts what hope do the
rest of the community have.
We all know there is a general push in the business circles for using
COTS (Commercial Off The Shelf) products. Now in an industry where
everyone is using SAP or what ever to run their business, they
invariably are subscribing their business practises to what SAP
Product Managers think. This being the case there would be a general
homogenisation of the sector. How does one company differentiate
itself from another? If IT and COTS become commodity then the opinion
raised by Nicholas Carr "IT doesn't matter"
(http://searchcio.techtarget.com/originalContent/0,289142,sid19_gci905877,00.html)
becomes valid.
I think there is another evolution coming to the IT market which will
make IT matter which is SOA. Once all my Uni stuff is over I plan to
write on this topic further. I think SOA provides companies's to
retain their edge by using IT as a fabric that weaves complex
applications inside an organisation into a cohesive whole.
More on this later.................. I think I should come off my high
horse now -)
Tuesday, November 16, 2004
Sorry about no blogs
I had gone away on holiday to India for 3 weeks and now for next 2 weeks I have to complete a report on Federated Identity in Web Services for Uni as part of my final year Msc Project. Once that is over there will be a bit more time to blog and post some cool stuff.
Subscribe to:
Posts (Atom)