Web 2.0 en Security Architectuur INTEGRATION is the problem to the answer… 28-06-2007 <hans pronk>
WEB 1.0 security & integration
masters of integration or the ultimate mash-up
 
trends in the new 2.0 era deportalization end of the walled garden SaaS mash-ups widgets user-centric identity the rise of...
the new applications  landscape
integration & security <ul><li>control </li></ul><ul><li>complexity </li></ul><ul><li>data spills </li></ul><ul><li>new ne...
control & faith sharing <ul><li>the ford  firestone case </li></ul><ul><li>dealing with service levels / disaster recove...
“ software is hard”  complexity Donald E. Knuth
complexity <ul><li>platforms: the new paradigm: </li></ul><ul><li>Google | Amazon AWS |  Microsoft Live Core | Ning | Sale...
complexity <ul><li>API design </li></ul><ul><ul><li>architecture </li></ul></ul><ul><ul><li>scaling </li></ul></ul><ul><ul...
complexity <ul><li>(accidental) integration on the desktop </li></ul><ul><ul><li>XSS/XSRF    exploit of trust (user|web-s...
data spills <ul><li>identity management / privacy </li></ul><ul><ul><li>Identity 2.0 aka “user centric identity management...
new… newer… newest <ul><li>AJAX </li></ul><ul><li>Ruby (on Rails) / RJS / python / … </li></ul><ul><li>lighttpd / mongrell...
<ul><li>“ old” security mechanisms not enough / counterproductive </li></ul><ul><li>reduce complexity / decoupling </li></...
www.twitter.com/hnzz hnzz.jaiku.com www.hnzz.nl [email_address] [email_address]
Upcoming SlideShare
Loading in …5
×

Web2.0: Integration issues

926 views

Published on

Presentatie gegeven op het MediaPlaza seminar over Web2.0 en security

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
926
On SlideShare
0
From Embeds
0
Number of Embeds
36
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Web2.0: Integration issues

    1. 1. Web 2.0 en Security Architectuur INTEGRATION is the problem to the answer… 28-06-2007 <hans pronk>
    2. 2. WEB 1.0 security & integration
    3. 3. masters of integration or the ultimate mash-up
    4. 5. trends in the new 2.0 era deportalization end of the walled garden SaaS mash-ups widgets user-centric identity the rise of the platform writable web AJAX browser as THE ui: everywhere available user-centric social networks syndication
    5. 6. the new applications landscape
    6. 7. integration & security <ul><li>control </li></ul><ul><li>complexity </li></ul><ul><li>data spills </li></ul><ul><li>new new new </li></ul>
    7. 8. control & faith sharing <ul><li>the ford  firestone case </li></ul><ul><li>dealing with service levels / disaster recovery </li></ul><ul><li>dealing with popularity </li></ul><ul><ul><li>“ The Remora Business Model ” </li></ul></ul><ul><li>syndication / rss / “dapper” </li></ul><ul><li>old school firewalls issues </li></ul>
    8. 9. “ software is hard” complexity Donald E. Knuth
    9. 10. complexity <ul><li>platforms: the new paradigm: </li></ul><ul><li>Google | Amazon AWS | Microsoft Live Core | Ning | Salesforce | 37Signals | (insert favourite platform here) </li></ul><ul><li>complexity hiding </li></ul><ul><li>economics of scale </li></ul><ul><li>specialization </li></ul>
    10. 11. complexity <ul><li>API design </li></ul><ul><ul><li>architecture </li></ul></ul><ul><ul><li>scaling </li></ul></ul><ul><ul><li>inside versus outside </li></ul></ul><ul><li>SOAP versus REST </li></ul><ul><ul><li>“ put it to REST”? </li></ul></ul><ul><li>transport versus message security </li></ul>
    11. 12. complexity <ul><li>(accidental) integration on the desktop </li></ul><ul><ul><li>XSS/XSRF  exploit of trust (user|web-site) </li></ul></ul><ul><ul><li>JSON </li></ul></ul><ul><li>(missing) tools </li></ul><ul><ul><li>IDS for app servers </li></ul></ul>
    12. 13. data spills <ul><li>identity management / privacy </li></ul><ul><ul><li>Identity 2.0 aka “user centric identity management” (dick hard) </li></ul></ul><ul><ul><li>casual versus strict privacy </li></ul></ul><ul><li>data hygiene </li></ul><ul><li>example: RSS-feeds </li></ul>
    13. 14. new… newer… newest <ul><li>AJAX </li></ul><ul><li>Ruby (on Rails) / RJS / python / … </li></ul><ul><li>lighttpd / mongrell </li></ul><ul><li>libraries, more libraries, and even more libraries </li></ul>
    14. 15. <ul><li>“ old” security mechanisms not enough / counterproductive </li></ul><ul><li>reduce complexity / decoupling </li></ul><ul><li>old principles are still true </li></ul><ul><li>be aware and… </li></ul><ul><li>be what you are </li></ul>wrapping-up…
    15. 16. www.twitter.com/hnzz hnzz.jaiku.com www.hnzz.nl [email_address] [email_address]

    ×