Updated: 4/30/2007; 4:06:48 PM.
Mark O'Neill's Radio Weblog
        

Monday, January 08, 2007

Last year I helped review a paper authored by Gunnar Peterson and Howard Lipson on "Security Concepts, Challenges, and Design Considerations for Web Services Integration" . The paper is published as part of the US Department of Homeland Security's "Build Security In" website. 

The paper covers a lot of ground, including architecture for deploying WS-Trust, important things to remember when content-filtering XML [e.g. don't forget to also filter the attachments], and where the standards are lacking [e.g. there is no standard for keeping an audit log of XML Web Services traffic].


9:36:50 AM    comment []

© Copyright 2007 Mark O'Neill.
 
January 2007
Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
Nov   Feb