InfoQ

Presentation

Recorded at:
Recorded at

Establishing Your Organization's Enterprise Security API

Presented by Jeff Williams on Nov 05, 2008

Community
Architecture,
Java
Topics
Design ,
Security ,
Open Source ,
Web Services
Tags
QCon ,
QCon San Francisco 2007 ,
API ,
Web services
The next QCon is in London Mar 10-12, Join us!
Summary
Every organization should define a standard way for developers to perform common security-related actions - authenticating, access control, validation, encoding, encryption, logging, error handling, and more. In this talk, Jeff discuss the process of establishing a security API for your enterprise, focusing on the most critical methods needed by web application and web service developers.

Bio
Jeff Williams is the founder and CEO of Aspect Security and serves as the volunteer Chair of the Open Web Application Security Project, a free and open source organization dedicated to finding and fighting the causes of insecure software. Jeff has been writing code for 25 years, speaks frequently on application security, and has published numerous papers on practical risk and assurance techniques.

About the conference
QCon is a conference that is organized by the community, for the community.The result is a high quality conference experience where a tremendous amount of attention and investment has gone into having the best content on the most important topics presented by the leaders in our community.QCon is designed with the technical depth and enterprise focus of interest to technical team leads, architects, and project managers.

RelatedVendorContent

Technical Debt and Design Death

Understand and Align BPM, SOA, and Lean Six Sigma: 43 page IBM Redguide

Agile Transformation Strategy

The Agile Checklist

Right Collaboration Architecture Drives Business Transformation

No comments

Watch Thread Reply

Educational Content

Brian Marick on 4 Challenges and 5 Guiding Values of Agile Software Development

Brian Marick takes us through a quick tour of the most important values and challenges to adopting Agile successfully (they aren't the typical challenges and values we hear in the community).

  •  Feb 09, 2010,
  •  

Are You a Software Architect?

The line between development and architecture is tricky. Does it exist at all? Is an ivory tower actually needed? There's a balance in the middle, but how do you move from developer to architect?

Agile – A Way of Life and Pragmatic Use of Authority

The word 'authority' sometimes produces an allergic response in hard-line agilists. Freedom and authority – both are bad if misused and both are good if used in right spirit for a noble cause.

Getting Started with Grails, Second Edition

"Getting Started with Grails" brings you up to speed on this modern web framework. Companies as varied as LinkedIn, Wired, and Taco Bell are all using Grails. Are you ready to get started as well?

  •  Feb 06, 2010,

Using ITIL V3 as a Foundation for SOA Governance

Those familiar with only ITIL V2 often scoff at the thought that ITIL could serve as a governance framework for SOA. With ITIL V3, the focus of the framework shifted towards service-orientation.

  •  Feb 05, 2010,
  •  

Adrian Colyer on AspectJ, tc Server and dm Server

SpringSource CTO Adrian Colyer discusses AspectJ, SpringSource's dm Server and tc Server products, OSGi and Scrum.

Adam Wiggins on Heroku

Heroku's Adam Wiggins talks about Rails, Background Jobs, Add-Ons, Ruby, and how Heroku manages to work around Ruby's inefficiencies using Erlang and other languages.

  •  Feb 04, 2010,
  •  

SOA as an Architectural Pattern: Best Practices in Software Architecture

For Grady Booch the foundation of a good architecture is patterns, SOA being just one of many patterns. In this Second Life presentation, Booch attempts to bring more clarity on what architecture is.

  •  Feb 04, 2010,
  •