[Owasp-ireland] Talk on SOA security

Romans Malinovskis Romans.Malinovskis at agiletech.ie
Thu Jul 29 22:12:28 EDT 2010


Hi John and Others.

Me and few others from my company have been working on a new PHP framework development. It is being designed for business application and SaaS / Web Apps in particular, but it introduces very interesting new ways to data exchange and coding style with cloud services, database, javascript etc. I touched base of our security strategy in my blog post: http://blog.atk4.com/140-security-model/

There are 5 areas of focus:

 1) Web input and output data processing.
 2) JavaScript interaction and data handling.
 3) SQL dynamic language.
 4) Non-Relational database interfaces (SimpleDB, S3, etc)
 5) Front-end and Back-end safe interactions.

If SOA theme is being popular perhaps I could register to talk on one of the further events? I could some plans and ideas we have and discuss how they could help / solve existing security and development issues.

Regards,
Romans


> Hi Folks,
> 
> You are invited to a talk on security for web apps based on SOA, and
> related stuff like SaaS and Cloud services. Ideally, the format will
> be less of a presentation, and more of a discussion/argument. 11th
> August at 6.30pm, Ernst and Young. (might need to register first.
> Registration link later, if there is one)
> 
> What is Service Oriented Architecture? SOA means different things to
> different people. One common meaning is being able to combine
> applications or components to give new applications or features.
> 
> The key point is that the things being combined might be under
> different ownership. This throws up a load of security issues. For a
> start, the various systems involved will all have different security
> concepts. As ever, there is a trade-off between how much security you
> want, and how much flexibility. Some of the solutions are becoming
> important these days, as they are used in ‘cloud’ and SaaS (software
> as a service). Federated identity management, in particular.
> 
> The first step is to at least understand what the problems are, so
> that is what I will focus on in the talk. Between us all, we might
> come up with some solutions.
> 
> See you there,
> JM
> 
> 
> 
> -- 
> John Marmelstein
> 087 136 0045
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland

—
Are you PHP5 Developer? Subscribe to my blog: http://blog.atk4.com/

Romans Malinovskis (CTO)
Agile Technologies - Your Web 2.0 Partner since 2003
Tel: +353 (0)1 443 3256, Mobile: +353 (0)87 654 3713

Project showcase: www.agiletech.ie/2y




-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20100730/6c8458be/attachment-0001.html 


More information about the Owasp-ireland mailing list