Welcome!

Marc Chanliau

Subscribe to Marc Chanliau: eMailAlertsEmail Alerts
Get Marc Chanliau via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Marc Chanliau

This article focuses on the value of Web services security. It is important to understand what Web services are and their challenges, particularly related to security. Traditionally, companies have relied on conventional, transport-level security but this approach has its limitations. The market now offers complementary XML-based solutions designed to secure documents used in Web services requests and responses. We will explore these solutions and outline "typical case scenarios" to provide a comprehensive landscape on the current offering of Web services security solutions. Web Services Summary Web services are loosely coupled distributed architectures that allow companies to expose business functions over the Internet. Web services are described and accessed using industry standards: Extensible Markup Language (XML): Data format Simple Object Access Protocol (SOAP)... (more)

Identity Propagation in a SOA

One of the challenges IT organizations face is how to propagate identities in complex business processes that are commonly found in Service Oriented Architectures (SOAs). Identities, which are passed from one service invocation to the next in a business process, give the process a user context. Identities can be used to determine access rights to SOA services and for audit and compliance purposes. For example, consider a procurement business process for an application that's used by a number of purchasing agents. Each agent has a different purchasing privilege. Say a senior agen... (more)

Externalizing Fine-Grained Authorization from Applications

The recent spike in insider threats, coupled with a rise in compliance considerations, has forced organizations to ensure only authorized users access sensitive application functionality and data. Historically, user entitlements or authorization logic has been embedded inside an application. For example, if the user of an application meets specific conditions, such as a specific role, access to that application function will be granted at runtime. But if the definition of specific authorization conditions changes over time, then the application developer needs to modify the appli... (more)

Enterprise Web Services Security: A Reference Architecture

Web services are past the initial marketing hype. Early Web services were part of experimental one-off projects within a single enterprise department. Now, larger Web services deployments are moving outside of the enterprise firewall to better leverage existing business partnerships and value chains. Larger Web services projects come with a price, however. They are more complicated to implement and more costly to manage. They require careful deployment planning throughout the enterprise based on well-established business processes. The emerging proliferation of Web services netwo... (more)

Enterprise Web Services Security: A Reference Architecture, part II

Last month (WSJ, Vol. 4, issue 2), we looked at how Web services should not depend on specific security environments and rules but should be managed as part of all of an enterprise's corporate data assets such as Web applications, ERP systems, and in-house applications. We recommended that Web services security be integrated with the overall enterprise security infrastructure at the very beginning of the Web services deployment phase. This month, we'll look at some of those possible deployment models. Deployment Models There are four deployment models based on the guidelines pres... (more)