This session will address how to approach service-oriented architecture (SOA) management from a project-based level while still allowing room for future expansion and incremental growth to an enterprise-wide SOA. The session will provide valuable insight into how SOA management can hel...
The Web Services Interoperability Organization chartered its Basic Security Profile Working Group to develop an interoperability profile involving transport layer security, SOAP message layer security, encryption, signatures, and other security considerations. This session will dis...
This talk defines a new class of threats, XML Content Attacks, and differentiates these threats from more general Web services attacks and XML security-based attacks. These three related but distinct threat areas are explained. The talk covers XML Content Attacks with regard to tree-ba...
Companies are now facing complexities dealing with issues such as regulatory compliance and security while still providing for company-wide collaboration between employees, partners, and suppliers. Identity systems are becoming a crucial component of applications, enabling developers t...
SOAs promise a dramatic improvement in IT responsiveness to business needs. Key within this value proposition is the idea that service consumption policies can be configured instead of coded. While the opportunities to positively impact both the top-line and bottom-line are enormous, s...
A broad range of new security threats is facing enterprises implementing XML Web services, leaving the enterprises open to financial risks, loss of property, and tarnished reputations. The basic rules of security - authentication, authorization, and auditing - no longer provide adequat...
An up-to-date, comprehensive, and practical discussion of Web services security, and the first to cover the final release of new standards SAML 1.1 and WS-Security. Comprehensive coverage and practical examples of the industry standards XML Signature and XML Encryption will be presente...
The mainstreaming of SOAs requires a more general approach to the notion of identities - beyond simply central management of people identities and into the realm of managing applications, devices, and other identities that represent entities that are first-class participants in this ap...


Untitled Document