Web services offer distinct go-to-market velocity in terms of real-time innovation, but requires new standards in the way APIs are secured and managed and the nature in which APIs communicate between organizations at the B2B enterprise gateway level.
Technology professionals have always fought an unrelenting war not dissimilar to feud between the Hatfields and McCoys – a continuous conflict with no winners. In the world of IT, this is a battle over security and performance fought by security professionals and network administrators. These two factions have always had to barter and maintain an uneasy truce in organizations in order to survive.
Commitment is a graphical business novel about managing project risks with “Real Options”, a way of thinking to improve your decision making. InfoQ attended the book launch on May 14 in Amersfoort, The Netherlands and spoke with the authors about decision making, risks and technical debt.
In this article, Rohit Sethi discusses the opaque nature of security verification tools and processes and the potential for false negatives not covered by techniques like automated dynamic testing. 1
This article defines a Data Encryption Infrastructure (DEI) which encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise.
While a majority of security specialists are managing identity through SSO nobody has answered the question if identity propagation in SOA and Clouds is feasible from a business perspective. 4
This opinion piece discusses limitations in the SCIM data model specification as perceived by the author. He provides three specific suggestions which were also posted to the SCIM mailing list. 4
In this article, authors discuss the security in software development life cycle and how to defend against web application vulnerabilities using white-box analysis and black-box testing techniques. 1
Orlando Scott-Cowley discusses security in the cloud and the need for industry standards to lower the barriers to entry while ensuring that customer data is safe.
In this article, authors discuss a distributed architecture based on principles from security management and software engineering to address cloud computing’s security challenges.
Managing security requirements from early phases of software development is critical. In this article, author Rohit Sethi discusses how to map security requirements to user stories in Agile projects. 2
In this IEEE roundtable discussion article, the panelists discuss current authentication approaches, how to authenticate users on mobile devices and the future direction of authentication. 1