The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.| By Eric Newcomer's Weblog | Article Rating: |
|
| May 30, 2008 05:22 PM EDT | Reads: |
557 |
It seems like the Enterprise Integration (Security) Patterns Fred came up with went over pretty well at the Unatek Conference earlier this month.
Last October Fred and I published an article on Handling Multiple Credentials in an Heterogenous SOA Environment and since that was well recieved I thought it might be a good topic for the conference keynote.
Naturally, I asked Fred to help ;-) and he came up with the following three enterprise integration security patterns:
- Message Protection
- Token Propagation
- Token Mediation
These patterns capture solutions to common security challenges when dealing with multiple protocols and credential formats. These challenges frequently occur in an SOA environment that integrates multiple middleware technologies, such as Web services and CORBA, or Web services and J2EE (which actually amounts to pretty much the same thing since J2EE incorporates CORBA's interoperability protocol, IIOP, and the security credential format from CSI_V2, another CORBA standard).
Consider the scenario in which a service request using SOAP/HTTP invokes a second request using CORBA or J2EE in order to complete its work. Security considerations include the use of an encrypted form of HTTP (i.e. HTTPS) and IIOP with SSL to protect the message content, but with two different protocols there's a potential vulnerability at the intermediary (i.e. the place where the HTTPS connection ends and the IIOP/SSL connection begins). The message protection pattern defines how you address this scenario.
Another challenge is handling multile credential types, for example the username/password format in WS-Security and the CSI_V2 format in CORBA/J2EE. Multiple credentials can be aggregated into a common data structure and included in the request context, or one credential can be mapped to another at an intermediary. But the credentials are vulnerable to impersonation at the intermediary. Another alternative is to use WS-Trust or the equivalent to "federate" the incoming token with the new token. The token propagation and token mediation patterns describe the solutions for these.
WS-SecurityPolicy can also help, although to be really useful in heterogenous environments extensions may need to be added to represent credential and key information not in the current spec. However since WS-Policy is essentially a publishing mechanism that describes the capabilities of a service provider, care must be taken to protect sensitive information.
Read the original blog entry...
Published May 30, 2008 Reads 557
Copyright © 2008 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.Feb. 19, 2019 04:15 PM EST |
By Zakia Bouachraoui At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...Feb. 19, 2019 10:15 AM EST |
By Pat Romanski Feb. 19, 2019 07:00 AM EST |
By Yeshim Deniz Feb. 19, 2019 04:00 AM EST |
By Zakia Bouachraoui Feb. 19, 2019 04:00 AM EST |
By Yeshim Deniz Feb. 18, 2019 07:45 AM EST |
By Zakia Bouachraoui Feb. 17, 2019 05:00 PM EST |
By Elizabeth White In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential.
Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...Feb. 16, 2019 04:45 PM EST Reads: 14,062 |
By Roger Strukhoff Feb. 14, 2019 05:00 PM EST |
By Elizabeth White Feb. 13, 2019 08:15 PM EST |


At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential.
Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
"There is a huge interest in Kubernetes. People are now starting to use Kubernetes and implement it," stated Sebastian Scheele, co-founder of Loodse, in this SY...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throughout enterprises of all sizes.
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE).
Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and controlling infrastructure. The rise of Site Reliability Engineering (SRE) is part of that redefini...
The KCSP program is a pre-qualified tier of vetted service providers that offer Kubernetes support, consulting, professional services and training for organizations embarking on their Kubernetes journey. The KCSP program ensures that enterprises get the support they're looking for to roll out new applications more quickly and more efficiently than before, while feeling secure that there's a trusted and vetted partner that's available to support their production and operational needs.
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine f...



















