Welcome!

VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Mark O'Neill

Shortly I'm departing for the Netherlands for three events - hope to see you at one or more of these: Thursday 27 March: I'm speaking at the API Strategy event in Amsterdam as part of the Security and Testing panel, with folks from Intel/Mashery, WS02, and Twobo.  Looking forward to some good discussion on API security and API testing. Tuesday 1 April: I'm speaking at the Cloud Security Alliance SecureCloud event, also in Amsterdam. My talk is on protecting your Cloud APIs from Denial-of-Service. Look like some great sessions there from Coca Cola, from telecoms providers including BT and Belgacom, and from many governments. Thursday 3 April: Along with Simon Redfern from the Open Bank Project and Menno Abbink from Essent, I am speaking at the API Workshop event in Utrecht. We'll be covering hand-on examples of connecting to SalesForce APIs, OAuth 2.0, and developing an ... (more)

Jill Tummler Singer of the CIA Speaks on "Cloud Safety" : +1

I saw this tweet this morning and I thought "+1" (I guess I am a geek if I am thinking in Digg/Slashdot shorthand). The problem is that in Information Security, "security" is all-too-often used to mean only encryption. A line is considered "secure" if it's encrypted. But often, the real "security" requirements are much broader and include management (as in access management, identity management), business continuity defense against denial-of-service, and privacy. I think language is a big issue here. I've always found it interesting that in German, the words for "security" and "ce... (more)

Securing Web Services

Web Services and SOAP The actual definition of a Web service is a matter of some debate because the world of Web services can extend from small closed networks to global discovery services implemented using UDDI (Universal Description, Discovery, and Integration). But at a practical implementation level it is useful to think of a Web service as any software service that can be defined using WSDL (Web Services Description Language) and which uses SOAP for communication between a requester and a listener. This communication uses SOAP as the enveloping protocol. Tools such as SOAP:... (more)

We Know Web Services Need Security, But What Type?

It's well known that Web services need security. It's also a truism that lack of security is the barrier to the adoption of Web services. Let's dig a little deeper: What is it about Web services that provoke the security concerns? What is being done to answer the challenge? By answering these questions, this article attempts to dispel some of the confusion around Web services security. First, let's take a step back and focus on what security actually is. For some, security is linked to identity - a system is "secure" if the identities of all users are known and intruders are blo... (more)

Cloud Computing in Practice

James Urquhart has assembled a very impressive list of examples of Cloud Computing in practice. Examples include: Number of applications running on Force.com: 135,000 Number of applications hosted by Ruby on Rails platform service vendor Heroku: 40,000+ Objects stored in Amazon Web Services S3: 64 billion (as of August 2009) Full details at: http://news.cnet.com/8301-19413_3-10405895-240.html ... (more)