InfoQ Homepage Security Content on InfoQ
-
GluCon: Post-it Notes (mini-Keynotes)
This presentation is a collection of four fifteen-minute mini-keynotes presented at the Glue conference in Denver, 2009. All presentations focused on aspects of "gluing together" web applications.
/presentations/glucon-mini-keynote-collection/en/smallimage/GlueCon.jpg)
-
Building Context Aware Services using Identity as Foundation
This presentation explores the issue of context automation, the forces driving it (e.g. clouds and extensible browsers) before focusing on the role of identity services as a key factor.
/presentations/identity-services-glucon-windley/en/smallimage/Phil.jpg)
-
Realistic about Risk: Software development with Real Options
This session introduces Real Options and shows how it can help in running your project. Real Options is a decision-making process that can be used to manage risk.
/presentations/software-with-real-options/en/smallimage/Olav.jpg)
-
Financial Transaction Exchange at BetFair.com
This presentation covers Betfair's efforts, e.g. Flywheel, that enables serving 50,000 low cost transactions per second. This technology has become the basis for the Tradefair financial exchange.
/presentations/matt-youill-betfair-flywheel-tradefair/en/smallimage/MY.jpg)
-
Stopping Attacks in a Web 2.0 World
Jeff Williams explains two major security holes threatening the world of Web 2.0 applications: Cross Site Request Forgery (CSRF) and Advanced Cross Site Scripting ((XSS).
/presentations/Security-Attacks-Jeff-Williams/en/smallimage/JWilliams.jpg)
-
Establishing Your Organization's Enterprise Security API
In this talk, Jeff discuss the process of establishing a security API for your enterprise, focusing on the most critical methods needed by web application and web service developers.
/presentations/org-enterprise-security-api/en/smallimage/JWilliams.jpg)
-
Advanced Threat Modeling
John Steven talks about modeling security threats as a way to secure a system while designing its architecture. John focuses on authentication, authorization and session management.
/presentations/Advanced-Threat-Modeling-John-Steven/en/smallimage/JohnSteven.jpg)
-
Secure Programming with Static Analysis
Creating secure code requires more than just good intentions. Static source code analysis can be used to uncover the kinds of errors that lead directly to vulnerabilities. Brian Chess shows you how.
/presentations/secure-programming-static-analysis/en/smallimage/chess.jpg)
-
Operational Scalability in the Next Generation Web World
Wayne Fenton, Director of Architecture at eBay Inc., talks about the ways in which software architects can design systems for much-improved efficiency and reliability from an operational perspective.
/presentations/Operational-Scalability-Wayne-Fenton/en/smallimage/WFenton.jpg)
-
Security (CAS and OpenID) with Ruby
In this talk from QCon SF 2007, Justin Gehtland explains two open solutions to distributed identity and their Rails integration components: OpenID (using ruby-openid) and CAS (using rubycas-client).
/presentations/gehtland-security-and-identity/en/smallimage/JustinGehtland.jpg)
-
Patterns for securing architectures
Security is about trade-offs. Only a few have the expertise to design good security. This talk focuses on Security Patterns, such as Role-based Access Control, Single Access Point, and Front Door.
/presentations/patterns-for-securing-architectures/en/smallimage/PeterSommerland.jpg)
-
SOA Masterclass: Definitions & Patterns
Miko Matsumura teaches SOA Foundations: Definitions, Patterns, and evolution toward SOA. An excerpt from webMethods SOA Master Class.
/presentations/soa-master-class-patterns/en/smallimage/miko.jpg)