Posted in Security on August 21st, 2002 Comments Off
Mark is contemplaiting mobile Internet and draws some conclusions about security and general usefulness of technology. Appying those two to web services, he says:
“The lessons here for Web Services are: (1) Security shouldn’t be an afterthought.(2) Equally, don’t hype a technology based on the technology alone“
Let’s spare some thoughts on the first one. From what […]
Posted in Security on August 18th, 2002 Comments Off
Over the weekend I found some time to had a look at presentations from the OMG conference I had found out about last week. In a presentation from a guy named Matt Hettinger I have found out excellent compilation of questions that go straight to the heart of many security issues in multi-organisation IT deployments.
What is […]
Posted in Security on August 15th, 2002 Comments Off
Everyone seems to be quoting Ray Ozzie’s article talking the end-end security principle. Mark O’Neill notes that end-end security concept is not panacea. He quotes one of his colleagues:
“Let’s not confuse securely designed with securely implemented…the vast bulk of the security issues have been implementation problems. Adding in a whole, complex layer of authentication, encryption and […]