soatruth.blogspot.com
Truth in SOA: Truth Denied?
http://soatruth.blogspot.com/2010/05/truth-denied.html
A colleague forwarded me this link. From Lustratus Research. Incredibly, the analyst makes the following claim:. I say “appliances” in inverted commas because Intel’s product is wonderfully described as a software “appliance”. Surely the award for the most spin in a product category goes to Intel.". I was a bit taken aback by this. I hope the analyst was being provocative on purpose. I wrote the following reply (which was subsequently deleted), as a clarification:. 8220;Appliance” here does not nec...
soatruth.blogspot.com
Truth in SOA: Oops... Missed One: From XML Gateways to Service Gateways
http://soatruth.blogspot.com/2010/07/oops-missed-one-from-xml-gateways-to.html
Oops Missed One: From XML Gateways to Service Gateways. I recently noticed this great article. On XML appliances published in March 2010. The thing is, I didn't see any mention of Intel(R) SOA Expressway. Which is the modern incarnation of the hardware XML gateway brought to market by Sarvega as early as 2000. At Intel, we call this product a service gateway. So, what is the difference between a traditional XML gateway and a service gateway? Let's summarize a few points as follows:. Support a high perfor...
soatruth.blogspot.com
Truth in SOA: January 2009
http://soatruth.blogspot.com/2009_01_01_archive.html
Intel Product Presentation Video at SOA World 2008. Has just put up a link. Presentation on Enterprise SOA and governance that was given at SOA World 2008. And uses standard servers rather than custom chips for XML message acceleration. Posted by Blake Dournaee on 10:10 AM. IBM DataPower: Denial Of Service Vulernability. A friend of mine forwarded me this DoS attack. Against the IBM DataPower XS40 SOA Security Appliance using only the standard OpenSSL command line client. I think this is where it makes s...
soatruth.blogspot.com
Truth in SOA: Separation of Concerns: Why Service Gateways are even better than they appear
http://soatruth.blogspot.com/2010/06/separation-of-concerns-why-service.html
Separation of Concerns: Why Service Gateways are even better than they appear. I've spent the last two weeks traveling around to two interesting conferences. One was Microsoft TechEd, where I gave an interactive session on Intel(R) SOA Expressway. And the other was JBoss World, where I got a chance to expose the product to a number of JBoss developers and system administrators. Does this sound backwards? Check the code. Are we accepting signed requests? Check the code. Are we protecting against SQL i...
soatruth.blogspot.com
Truth in SOA: December 2009
http://soatruth.blogspot.com/2009_12_01_archive.html
Really Understanding the SSL/TLS Vulnerability (Part 1). This is a two part blog post. In the first part I will try to explain the vulnerability so we can get a better handle on it, and in the second part we'll examine possible countermeasures and mitigation strategies. Marsh Ray's original research on the subject. Vulnerability in SSL/TLS protocol. From www.h-online.com. Another Protocol Bites the Dust. By Ben Laurie of Google. MITM attack on delayed TLS-client auth through renegotiation. 1) . Execute...
soatruth.blogspot.com
Truth in SOA: August 2009
http://soatruth.blogspot.com/2009_08_01_archive.html
Stating the obvious on XML Attacks. It looks like everything old is new again with XML Attacks. I came across this article. In the Washington Post. They use the term "XML fuzzing" to describe really just 50% of the XML threat equation - something I have always called coercive parsing, which is the manipulation of the XML document. This, however, is only half of the battle. XML threats can also be. Posted by Blake Dournaee on 8:20 AM. Subscribe to: Posts (Atom). Intel Software Network Blogs. I have been w...
soatruth.blogspot.com
Truth in SOA: Intel and Oracle at Oracle Open World 2009
http://soatruth.blogspot.com/2009/10/intel-and-oracle-at-oracle-open-world.html
Intel and Oracle at Oracle Open World 2009. I just wanted to send out a little note that I'll be at Oracle Open World next week at Moscone Center in San Francisco on October 12th, 13th and 14th. You can visit the Intel software. Website for more information on Intel(R) SOA Expressway and Oracle's website. For more information Oracle(R) SOA Suite. Posted by Blake Dournaee on 6:13 PM. Blake, really sorry we missed you at the conference. Your XML Security book is a godsend! December 3, 2009 at 6:59 PM.
soatruth.blogspot.com
Truth in SOA: July 2010
http://soatruth.blogspot.com/2010_07_01_archive.html
Oops Missed One: From XML Gateways to Service Gateways. I recently noticed this great article. On XML appliances published in March 2010. The thing is, I didn't see any mention of Intel(R) SOA Expressway. Which is the modern incarnation of the hardware XML gateway brought to market by Sarvega as early as 2000. At Intel, we call this product a service gateway. So, what is the difference between a traditional XML gateway and a service gateway? Let's summarize a few points as follows:. Support a high perfor...
soatruth.blogspot.com
Truth in SOA: May 2010
http://soatruth.blogspot.com/2010_05_01_archive.html
Active Directory Federation Services v2.0 - A Good Start. It looks like Microsoft has released. Their long-awaited Active Directory Federation Services v2.0 ('ADFS v2.0') component for Active Directory. Simultaneously with this release, Microsoft is pushing the concept of "claims based identity" as the new thought "superstructure" that according to Microsoft, is a seminal event in the history of thought for identity management. The claims-based model embraces and subsumes the capabilities. I must say this.
SOCIAL ENGAGEMENT