security management

Indigo Bits for MSDN Subscribers

security — Wed, 14 Sep 2005 10:22:40 +0000

The Avalon and Indigo Community Technology Preview is now available, but to MSDN subscribers only for now. Sells is pushing content about the bits on the Indigo section of the Longhorn developer center on MSDN.

more…

Security Management

Why Use WS-Security and WSE

security — Wed, 14 Sep 2005 10:21:40 +0000

I know you all get annoyed with high level articles, but I felt it was important to get one out there that simply went after the high level benefits of WS-Security and why you would want to use Web Services Enhancements (WSE). I compiled a slew of internal and external discussions and worked with Benjamin Mitchell to get this article written. Tell me what you think. What benefits have you gained? Are they in line with what is compiled in this article?

In my mind, the two most powerful new concepts that did not exist in previous distributed computing infrastructures in the Web Services Architecture is Policy and Message Level Security. I describe policy simply i.e. the ability to describe how you communicate with a services beyond what data to send e.g. your security requirements. As far as Message Level Security is concerned, I love:

the service oriented audit trail - the idea that intermediaries can put information in the message header stating what they have done with the message and then sign that additional information for auditing purposes
the flexibility of choosing what types of tokens you use to sign, encrypt, authenticate, and authorize with
the flexibility of choosing what parts of the message to sign and encrypt with what tokens

What strikes you about Message Level Security and policy?

more…

Security Management

Tech Ed: BPI and Connected Systems

security — Wed, 14 Sep 2005 10:17:39 +0000

Believe it or not, Tech Ed planning has begun. And I have a question for you. The Connected Systems track last year was very successful. There is a discussion on marrying the content from that track and the BPI track (Think BizTalk and Host Integration Server). What are your thoughts? What problems are you facing? How would you like to see the solutions presented? What did you like/not like about the track last year?

Let us know.

P.S. It blows me away that the one that I thought would be the last standing bachelor is getting hitched and now thinking of where he and his new partner may raise children… You know who you are. Congrats Mr C.V. Here is to your current and future happiness!

more…

Security Management

MTOM is now a Candidate Recommendation at the W3C

security — Wed, 14 Sep 2005 10:15:39 +0000

Gudge is the man! Thanks for all your hard work. Check out some of his early implementation code and samples.

MTOM (Message Transmission Optimization Mechanism) is now a Candidate Recommendation.

more…

Security Management

Are you doing WSE work? Better start dialoging with Chris Keyser

security — Wed, 14 Sep 2005 10:14:39 +0000

Chris is doing a lot of real implementation work with WSE! He just started blogging, and his content is already intense. We have him slated for a formal article on MSDN for using SCT with virtual endpoints. In the meantime, he is seeding you with knowledge today. Get into the dialog. more…

Security Management

What do you identify as?

security — Wed, 14 Sep 2005 10:13:39 +0000

Is there such as thing as a Web services developer?

What do you identify as? A SQL dev or a SQL Server dev? Information Systems dev? VB, C#, or Java? J2EE/EJB developer? MSMQ or MQSeries?

Do you identify as a distributed systems developer?

Why? I am curious to know if you would benefit in a trade show that was 100% dedicated to distributed systems development on the Microsoft platform. How do you build services for mulitple client technologies - Smart Client, Portals, Business Processes, and Services?

What primary motivations drive you to a show?

more…

Security Management

DevCon Selling out Quickly

security — Wed, 14 Sep 2005 10:12:39 +0000

We have had the registration site up for the Dev Con for a week now, and we are already more than half way full.

A shameless plug for our co-sponsors. If you are looking for formal training on XML, Web Services, or the CLR, sign up for the PluralSight Campsight event.

more…

Security Management

WS-Eventing implementation

security — Wed, 14 Sep 2005 10:09:39 +0000

There are numerous folks out there doing some really kewl stuff with the WSE 2.0 bits. Savas for instance has been doing work with Grid computing and now has an implementation of WS-Eventing coming down the pipe. What are your business needs? Have you given us your WSE 3.0 wish list?

more…

Security Management

Indigo Bits for MSDN Subscribers

security — Wed, 14 Sep 2005 10:07:38 +0000

more…

Security Management

Why Use WS-Security and WSE

security — Wed, 14 Sep 2005 10:06:38 +0000

the service oriented audit trail - the idea that intermediaries can put information in the message header stating what they have done with the message and then sign that additional information for auditing purposes
the flexibility of choosing what types of tokens you use to sign, encrypt, authenticate, and authorize with
the flexibility of choosing what parts of the message to sign and encrypt with what tokens

What strikes you about Message Level Security and policy?

more…

Security Management