[Log In] []

Exploring the science and magic of Identity and Access Management
Tuesday, October 29, 2024
 

Catalyst 2005 – Day Three

Identity
Author: Mark Dixon
Friday, July 15, 2005
8:00 pm

This morning’s sessions are "cross
cut" sessions – spanning multiple tracks. I attended the Application Security
session.

Dan
Blum
, Senior VP, Group Research Director, Burton Group – Application
Security Strategies: Aligning Developer Needs and Security Imperatives

  • Services Oriented Architectures, which are more than Web Services, should
    be good for application security, becase SOA’s require disciplined governance.
  • Use a systematic, comprehensive approach to application security.

Ann
Thomas Manes
, VP, Research Director, Burton Group – Security
in an SOA World

  • The goal of SOA is to increase business agility and keep up with business
    change.
  • SOA is more than web services. SOA may be implemented using web services,
    but governance is paramount.
  • SOA is more about behavior than technology
  • SOA will have a challenging adoption path for any enterprise
  • Use Identity-based security throughout

Brook Schoenfield, Senior Security Architect Cisco Systems,
Inc. – From Web Services to Service Oriented Architectures

  • Trust establishment is a currently a manual process that must be in place
    before web services interaction
  • Trust establishment is currently blocking the promise of web services
  • He proposed automation of trust establishment between enterprises, using
    a trusted third party, modeled after the credit card infrastructure.

Nick
Nikols
, Analyst, Burton Group – Leveraging Identity for Application
Security

  • Identity management is becoming a basis for improving application security
  • Identity services will facilitate the consumption of identity by applications
    and services
  • The value of Identity increases with broader integration

Diana
Kelley
, Senior Analyst, Burton Group – Application Security:
Everybody’s Problem

  • Security awareness and methods must be an integral part of the entire Software
    Development Life Cycle
  • Build security into applications using both process and technology
  • Robust software begins with well defined requirements and thoughtful design
  • Take a realistic, process based approach to software quality

Arthur Mateo, Founder and VP of Products, Service Integrity – SOA Transparency
Facilitates Security & Regulatory Compliance

  • SOA promises agility and adaptability
  • Transparent SOA Fastest Way to Compliance
  • Need to see, understand and act in real-time for SOA Transparency
  • Monitoring services should be an integral part of SOA

Note: A computer malfunction that occured during the
conference prevented me from posting this blog entry until Tuesday, July 19th.

Tag:

Comments Off on Catalyst 2005 – Day Three . Permalink . Trackback URL
 

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.