About RDS

Books and Papers

IT Conversations






Would you like to receive a weekly digest of this weblog via email? Sign up to receive my free IT Strategy Letter.



Doug Kaye's thoughts on web services, web hosting and managed services.

Last Week's Hottest Title. Loosely Coupled was #1 among the thousands of books on Books24x7.
Posted Saturday, May 31, 2003 11:04:26 PM   

IBM and EDS Lead Web-Hosting Market. Research firm Meta Group concluded in a recent report..."The key differentiator in the market is professional services...Challengers AT&T, Verio, and Sprint have solid hosting offerings, but are struggling to expand into high-end services, Meta said. Meanwhile, Qwest Communications and Cable and Wireless suffer from overinvesting during the boom years, and are focused on regaining financial health." [Source: InfoWorld]
Posted Saturday, May 31, 2003 4:51:32 PM   

Web Services Vulnerabilities. Thanksfully, OASIS appears to be proactively addressing the security vulnerabilities of web services. This goes beyond developing YAP (Yet Another Protocol) and gets into the pragmatism of a web-services world. According to the press release, OASIS announced three activities surrounding a "vulnerability description language":

  • a classification scheme for Web security vulnerabilities,
  • a model to provide guidance for initial threat, impact and risk ratings, and
  • an XML schema to describe Web security conditions that can be used by both assessment and protection tools.
The new OASIS group is named the Web Application Security (WAS) Technical Committee.
Posted Saturday, May 31, 2003 4:23:14 PM   

Reliable Messaging. I've been offline for nearly a week (Blackberry access only), so I'm just now catching up. One highlight so far is Phil Wainewright's weblog posting in which he lists three currently available options for web-services reliable messaging platforms: proprietary, JMS, and ebXML Message Service (ebMS). Follow the link to the article by David Longworth, and read Phil's excerpts from his email exchange with Jean-Jacques Dubray of ebPML.org.

In fact, none of the above will cut the mustard long term. Microsoft will never accept JMS, and as Phil suggests, the web-services guys just don't want to embrace anything that comes from EDI. I think we'll see reliable messaging evolve during 2004, once the web-services community (primarily through OASIS) finishes security this year.
Posted Saturday, May 31, 2003 4:10:43 PM   

Web Services Security. My on-the-road reading last week was this book by Mark O'Neill, CTO of Vordell, and others. This is the book to date on the topic. I particularly like the blend of strategy and practice that Mark and the others have achieved. They've managed to get straight to the point: The best way to secure web services today is through XML Signature, XML Encryption, SAML, and WS-Security, and this book explains how those technologies work. I was able to learn a lot more about these topics than from the specifications or the online white papers. Five stars.
Posted Saturday, May 31, 2003 3:36:41 PM   



Current Weblogs

Web Hosting Strategies
Web Services Strategies
Noise (personal)
Blogarithms (all)
(more info)




Click below for single-day archives of Blogarithms weblogs.

May 2003
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
Apr   Jun

Click to see the XML version of this web page.


All content on this web site is governed by a Creative Commons License.
©2001-2003 Doug Kaye and RDS Strategies LLC (