InfoQ

Presentation

   Good News: We have re-worked our video infrastructure to provide more reliable service. Please email bugs at infoq.com with any problems.

Recorded at:
Recorded at

Patterns for securing architectures

Posted by Peter Sommerlad on Apr 30, 2008 01:45 AM

Community
Architecture
Topics
Security,
Design
Tags
Patterns,
Qcon London 2007,
Design Patterns,
QCon
Summary
Security is all about trade-offs you make with your always limited resources, often a problem when designing a system or an after-thought. Only a few have the expertise to design good security and most development teams have no security expert. This talk focuses on Security Patterns for designing security in architectures, such as Role-based Access Control, Single Access Point, and Front Door.

Bio
Peter Sommerlad is professor for software engineering and head of Institute for Software at HSR Hochschule für Technik, Rapperswil. Peter is co-author of the books Pattern-oriented Software Architecture Vol.1 and Security Patterns. His research interests are refactoring for non-Java languages and a goal of making software simpler by decremental development: Refactoring software to 10% its size.

About the conference
QCon is a conference that is organized by the community, for the community.The result is a high quality conference experience where a tremendous amount of attention and investment has gone into having the best content on the most important topics presented by the leaders in our community.QCon is designed with the technical depth and enterprise focus of interest to technical team leads, architects, and project managers.

No comments

Reply

Exclusive Content

Getting Started with Grails

Jason Rudolph discusses Java/Grails integration, Grails plugins, creating a Grails sample application, Grails app structure, data querying and persistence, validation, controllers and tag libraries.

Creating Product Owner Success

The Scrum Product Owner role is powerful, valuable and challenging to implement. It brings healthier relationships between customers and developers, and competitive advantage - if you do it right.

Book Excerpt and Interview: Effective Java, Second Edition

Effective Java, Second Edition by Joshua Bloch is an updated version of the classic first edition, which won a 2001 Jolt Award. InfoQ asked Bloch questions about the areas that the new edition covers.

Tapestry for Nonbelievers

A new article by I. Drobiazko and R. Zubairov introduces v. 5 of the Apache Tapestry component-oriented web framework. The tutorial shows how to create a component and covers IoC in Tapestry and Ajax.

Pete Lacey on REST and Web Services

In this interview, Burton Group consultant Pete Lacey talks to Stefan Tilkov about his disillusionment with SOAP, his opinion on REST, and addresses some of the perceived shortcomings REST vs. WS-*.

Business Natural Languages Development in Ruby

Jay Fields presents his concept of Business Natural Languages - a type of Domain Specific Languages geared towards being readable by domain experts.

Distributed Version Control Systems: A Not-So-Quick Guide Through

Adoption and interest for Distributed Version Control Systems is constantly rising. We will introduce the concept of DVCS and have a look at 3 actors in the area: git, Mercurial and Bazaar.

Segundo Velasquez and Agile as Seen Through the Customer's Eyes

Deborah Hartmann interviewed Segundo Velasquez about his experience as customer with an Agile team during the initial phase of software design of a product.