Welcome!

VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Mark O'Neill

I saw this tweet this morning and I thought "+1" (I guess I am a geek if I am thinking in Digg/Slashdot shorthand). The problem is that in Information Security, "security" is all-too-often used to mean only encryption. A line is considered "secure" if it's encrypted. But often, the real "security" requirements are much broader and include management (as in access management, identity management), business continuity defense against denial-of-service, and privacy. I think language is a big issue here. I've always found it interesting that in German, the words for "security" and "certainty" (sicherheit, literally "sureness") are the same. In French, the words for "safety" and "security" are also the same (sûreté, again literally "sureness"). So, in those languages, "security" has a broad definition, incorporating senses of dependability, management, and safety. I can s... (more)

Securing Web Services

Web Services and SOAP The actual definition of a Web service is a matter of some debate because the world of Web services can extend from small closed networks to global discovery services implemented using UDDI (Universal Description, Discovery, and Integration). But at a practical implementation level it is useful to think of a Web service as any software service that can be defined using WSDL (Web Services Description Language) and which uses SOAP for communication between a requester and a listener. This communication uses SOAP as the enveloping protocol. Tools such as SOAP:... (more)

We Know Web Services Need Security, But What Type?

It's well known that Web services need security. It's also a truism that lack of security is the barrier to the adoption of Web services. Let's dig a little deeper: What is it about Web services that provoke the security concerns? What is being done to answer the challenge? By answering these questions, this article attempts to dispel some of the confusion around Web services security. First, let's take a step back and focus on what security actually is. For some, security is linked to identity - a system is "secure" if the identities of all users are known and intruders are blo... (more)

Cloud Computing in Practice

James Urquhart has assembled a very impressive list of examples of Cloud Computing in practice. Examples include: Number of applications running on Force.com: 135,000 Number of applications hosted by Ruby on Rails platform service vendor Heroku: 40,000+ Objects stored in Amazon Web Services S3: 64 billion (as of August 2009) Full details at: http://news.cnet.com/8301-19413_3-10405895-240.html ... (more)

Connecting to the Cloud in Chinese: 连接到云

Cloud Computing Journal Following the translations in Japanese and Spanish, the Connecting to the Cloud series of articles, which I wrote for IBM DeveloperWorks, is now available in Chinese. The series introduces cloud platforms such as Force.com and Amazon SQS, including code samples in Java, and governance and policy, again including code samples (an Amazon policy expressed in JSON). The Gateway "onramp" model is described. Part 1: 连接到云,第 1 部分: 在应用程序中使用云 Part 2: 连接到云,第 2 部分: 实现混合云模型 Part 3: 连接到云,第 3 部分: 云治理和安全性 ... (more)