Blogarithms
Doug Kaye's thoughts on web services, web hosting and managed services.
|
IBM and EDS Lead Web-Hosting Market. Research firm Meta Group concluded in a recent report..."The key differentiator in the market is professional services...Challengers AT&T, Verio, and Sprint have solid hosting offerings, but are struggling to expand into high-end services, Meta said. Meanwhile, Qwest Communications and Cable and Wireless suffer from overinvesting during the boom years, and are focused on regaining financial health." [Source: InfoWorld]
Posted Saturday, May 31, 2003 4:51:32 PM 
|
|
|
Web Services Vulnerabilities. Thanksfully, OASIS appears to be proactively addressing the security vulnerabilities of web services. This goes beyond developing YAP (Yet Another Protocol) and gets into the pragmatism of a web-services world. According to the press release, OASIS announced three activities surrounding a "vulnerability description language":
- a classification scheme for Web security vulnerabilities,
- a model to provide guidance for initial threat, impact and risk ratings, and
- an XML schema to describe Web security conditions that can be used by both assessment and protection tools.
The new OASIS group is named the Web Application Security (WAS) Technical Committee.
Posted Saturday, May 31, 2003 4:23:14 PM
|
|
|
Reliable Messaging. I've been offline for nearly a week (Blackberry access only), so I'm just now catching up. One highlight so far is Phil Wainewright's weblog posting in which he lists three currently available options for web-services reliable messaging platforms: proprietary, JMS, and ebXML Message Service (ebMS). Follow the link to the article by David Longworth, and read Phil's excerpts from his email exchange with Jean-Jacques Dubray of ebPML.org.
In fact, none of the above will cut the mustard long term. Microsoft will never accept JMS, and as Phil suggests, the web-services guys just don't want to embrace anything that comes from EDI. I think we'll see reliable messaging evolve during 2004, once the web-services community (primarily through OASIS) finishes security this year.
Posted Saturday, May 31, 2003 4:10:43 PM
|
|
|
Web Services Security. My on-the-road reading last week was this book by Mark O'Neill, CTO of Vordell, and others. This is the book to date on the topic. I particularly like the blend of strategy and practice that Mark and the others have achieved. They've managed to get straight to the point: The best way to secure web services today is through XML Signature, XML Encryption, SAML, and WS-Security, and this book explains how those technologies work. I was able to learn a lot more about these topics than from the specifications or the online white papers. Five stars.
Posted Saturday, May 31, 2003 3:36:41 PM
|
|
|
|
|
|
