VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Mark O'Neill

I saw this tweet this morning and I thought "+1" (I guess I am a geek if I am thinking in Digg/Slashdot shorthand). The problem is that in Information Security, "security" is all-too-often used to mean only encryption. A line is considered "secure" if it's encrypted. But often, the real "security" requirements are much broader and include management (as in access management, identity management), business continuity defense against denial-of-service, and privacy. I think language is a big issue here. I've always found it interesting that in German, the words for "security" and "certainty" (sicherheit, literally "sureness") are the same. In French, the words for "safety" and "security" are also the same (sûreté, again literally "sureness"). So, in those languages, "security" has a broad definition, incorporating senses of dependability, management, and safety. I can s... (more)

Running the Vordel XML Gateway on Oracle VM

XML Gateways are generally available as hardware-only, software-only, or with the option of hardware or software. One of the great advantages of the software option is that it means the XML Gateway can be deployed in a virtualized environment. However, XML Gateways which are available as software but require a hardware card for performance are not good candidates for virtualization. Only if the Gateway has inherent acceleration capabilities, which are not hardware dependent, can be successfully virtualized without a loss in performance. The following table shows the three differe... (more)

Tips & Tricks: Sending a SOAP Request to a Web Service

Let's say you've created a SOAP message in the Vordel Gateway, perhaps based on an incoming REST request. And now you want to send this SOAP request to a Web Service. Here is how to do this: First add a 'Set HTTP Verb' filter to the end of your circuit, and configure this filter to set the verb to 'POST' (this is in case the incoming is a GET, which it will usually be in the case of REST, but the SOAP service expects a POST). Then follow this filter with a 'Connect to URL' filter, and configure it with the full URL of your SOAP service (eg http://server.myorg.com/soap/myservice)... (more)

API Gateway Support for HATEOAS: First Do No Harm

I often think it's ironic that while the mission of REST is to simplify Web development, REST itself is beset with seemingly complex jargon and architecture patterns. I say "seemingly complex" because, once you look into REST architecture in depth, it actually is simple. In some ways, it's almost too simple. It's easy to rack your brains about some REST pattern, but then realize: It's just how the Web works. I'm reminded of the line from Moliere about the bourgeois gentleman who spends years trying to understand how he could speak in "prose", then he exclaims "Good heavens! For m... (more)

Categorizing APIs

Quick: name some APIs! Which ones come to mind? Amazon? Twitter? Google Maps? Chances are, the APIs which came to mind are APIs which are open to any developer to use. But are these the only kinds of APIs that exist? What about Enterprise APIs? In order to answer this question, let's look at how APIs can be categorized. First of all, let's look at API Exposure. The two categories are: External : Able to be used outside the organization. Internal : Used only inside the organization Second, let's look at API Protection. It may be one of three categories: Open: Anybody can use the AP... (more)