David Syer discusses identity management, SSO, security standards –SAML, OpenID, OAuth, SCIM, JWT-, how Spring Security can fit in, and demoing IdM as a service.
John Davies examines Visa’s architecture and shows how major enterprises have architected very complex integrations incorporating Hadoop, memcached, Ruby on Rails, and many others to deliver innovative technology solutions. John explains how the platform architecture and technologies -- integrated and invented -- must be reliable and able to massively scale.
Craig Walls talks about securing the modern web and how OAuth can help with that, showing how to secure and consume resources with OAuth.
While Cloud Computing offers increased business agility and reduced cost, many are worried about security: loss of control and lack of confidentiality. Presented by Alon Hazy and Jakob Illeborg Pagter, this talk looks at the threat landscape, then examines how to secure cloud solutions today and in the future.
Rob Winch demoes some of the new features in Spring Security 3.1: multiple http elements, stateless authentication mode for RESTful services, Debug Filter, CAS support for proxy tickets, JAAS, etc.
Ben Alex along with a SpringSource team present the future of mobile applications, authorization, data, and application architecture as seen by VMware.
Graham Lee advices on how to create an user experience that properly deals with privacy and, in some respect, security issues in mobile applications.
Marc Stiegler presents popular but faulty security architectures used - Independence Day Evil Alien Architecture, the Gilded Cage, and Gone Phishin' – along with effective architectures emerging today.
Tyler Close considers that the old client-server security model is no longer viable and a new security web model is needed, presenting tools and techniques to secure the social web apps of today.
Mark Miller on how E and Caja influenced the EcmaScript 5 standard so it can be a secure language, enabling the creation of safe mashups, and how Dr. SES enables secure distributed computing.
Nicolai M. Josuttis discusses various issues encountered when implementing SOA security: heterogeneity and debugging are problematic, ESB plays an important role, and costs involved.