[Owasp-ireland] Talk on SOA security

John Marmelstein john.marmelstein at gmail.com
Wed Jul 28 05:39:47 EDT 2010

Hi Folks,

You are invited to a talk on security for web apps based on SOA, and
related stuff like SaaS and Cloud services. Ideally, the format will
be less of a presentation, and more of a discussion/argument. 11th
August at 6.30pm, Ernst and Young. (might need to register first.
Registration link later, if there is one)

What is Service Oriented Architecture? SOA means different things to
different people. One common meaning is being able to combine
applications or components to give new applications or features.

The key point is that the things being combined might be under
different ownership. This throws up a load of security issues. For a
start, the various systems involved will all have different security
concepts. As ever, there is a trade-off between how much security you
want, and how much flexibility. Some of the solutions are becoming
important these days, as they are used in ‘cloud’ and SaaS (software
as a service). Federated identity management, in particular.

The first step is to at least understand what the problems are, so
that is what I will focus on in the talk. Between us all, we might
come up with some solutions.

See you there,

John Marmelstein
087 136 0045

More information about the Owasp-ireland mailing list