InfoQ Homepage Security Content on InfoQ
-
/articles/intel-botnets-malware-security/en/smallimage/imagesmall.gif)
The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware
Botnets are the latest scourge to hit the Internet and this article defines a botnet (a collection of distributed computers or systems that has been taken over by rogue software), examines the botnet life cycle, and presents several promising anti-botnet defense strategies including canary detectors, white lists, and malware traces.
-
The First Few Milliseconds of an HTTPS Connection
What exactly happens when an HTTPS connection is established? This article analyzes the data exchanged between the browser and the server, down to the byte, in order to set up a secured connection.
-
/articles/Virtual-Panel-Cloud-Computing/en/smallimage/image_cloud.jpg)
Virtual Panel on Cloud Computing
In this virtual panel, InfoQ wants to find out from leading cloud experts what are the benefits brought by cloud computing as well as the constraints in using them, what is better to use, a public or a private cloud, is the cloud interoperability needed, what is the difference between providing infrastructure or a platform, and how can a client enforce regulatory compliance.
-
/articles/intel-services-economics/en/smallimage/imagesmall.gif)
The Economics of Service Orientation
This article explores the structural economic changes brought up by service orientation. Most IT organizations today are under enormous financial pressure trying to keep rising costs and flat budgets in synch. The restructuring brought about by the concept of services and reuse at the service level promises long lasting relief from the cost treadmill.
-
/articles/intro-virtual-service-grids/en/smallimage/smallimage.gif)
Introduction to Virtual Service Oriented Grids
This article discusses the combination of three ideas, virtualization, service-orientation, and grid computing into a single concept and computing platform concept, "virtual service-oriented grids." In addition to history and definitions, the article addresses an approach, with an example, to analyzing and implementing this technology.
-
/articles/virtual-service-grids-intel/en/smallimage/smallimage.png)
The Emergence of Virtual Service Oriented Grids
This article introduces and discusses three technologies, virtualization, service orientation, and grid computing, and then shows how they are combining to create new design and deployment options - "Virtual Service Oriented Grids." The business case for using this emergent model is also discussed.
-
/articles/Dressel-Gogolowicz-wss-security/en/smallimage/ColumnLevelSecurity-TitleImage100x100.png)
Column Level Security in SharePoint
In this article Grzegorz Gogolowicz and Matthew Dressel demonstrate how to extend Windows SharePoint Services 3.0 to support column level permissions. This allows developers to secure columns in lists and document libraries.
-
/articles/poulin-governance/en/smallimage/governess.jpg)
SOA Governance: An Enterprise View
SOA architect Michael Poulin explains the necessity for SOA governance to ensure an SOA initiative's success, and explains the role the OASIS SOA Reference Model and the accompanying SOA Reference Architecture assign to SOA Governance. Michael observes SOA governance specifics from the enterprise perspective and illustrates them with several examples of SOA Governance policies.
-
/articles/consumer-driven-contracts/en/smallimage/image_customer_demands(1).jpg)
Service-Oriented Development with Consumer-Driven Contracts
In this article, Ian Robinson discusses how "consumer-driven contracts", in the form of "stories for services" and unit tests exchanged between service development streams, can strengthen the service-oriented development lifecycle. In contrast to contracts defined from the POV of the provider, consumer-driven contracts result from combining the demands of all known service consumers.
-
/articles/virtualization-security/en/smallimage/lock.jpg)
Virtualization and Security
While virtualization provides many benefits, security can not be a forgotten concept in its application. This new article takes a look at how virtualized servers effect data center security.
-
/articles/grails-acegi-integration/en/smallimage/image_grails_padlock.jpg)
Securing a Grails Application with Acegi Security
This article discusses the integration of the grails-acegi plugin with a sample Grails application. As part of this integration, there are three major components which will be used – Groovy, Grails and Acegi Security.
-
/articles/service-firewall/en/smallimage/soapatterns.png)
Service Firewall Pattern
How can you protect a service against detect malicious incoming messages and prevent information disclosure on outgoing messages? In this sample chapter from Arnon Rotem-Gal-Oz' in-progress book SOA Patterns, Arnon explains how to use a Service Firewall to intercept incoming and outgoing messages and inspect them in a dedicated software component or hardware.