Tuesday, May 03, 2005


Fortress Security

Back in 2002, Aidan Ward and I wrote some reports for the CBDI Forum on Web Services Security, which among other things lay siege to the Fortress Model of security. We were ahead of our time. The Fortress walls are not crumbling yet, but we are now joined by some serious allies.

Jan 2002
Web Service Security
Journal Article
July 2002
Component-Based Security for Web Services
Special Report

See also brief note on Autonomous Computing: Fiefdoms & Fortresses

Jericho Forum

Jericho Forum (part of the Open Group) is a non-profit security standards group, led by user organizations. This is leading the push towards more agile and interoperable security models.

Press Release: Executives Agree that Interoperability, Deperimeterization of Data and Horizontal Integration Are Essential (April 2004)
News Story: New boundaries and new rules (John Sterlicchi, SC Magazine, Jan 2005)
News Story: Vendors line up to see Jericho vision (Ron Condon, SC Magazine, Feb 2005)
News Story: The Future of IT Security is Fewer Walls, Not More (Dan Ilett, ZDNet, April 2005)


This essentially means tearing down the Fortress model.

Definitions: Whatis.com, Word of the Day

Security Vendors

Cryptographic IT Security See press release (April 2005), on joining the Jericho Forum.
XML Web Services Security
See weblog postings (March 2004, July 2004) by CTO Mark O'Neil


CBDI Report Agile Security for SOA

Technorati Tags:

No comments:

Post a comment