One of the core patterns for a Gateway is "Service Virtualization". Service
Virtualization means that an organization can expose virtual services in
front of its infrastructure. These virtual services can take the form of
lightweight REST APIs or heavyweight SOAP Web Services. The Service
Virtualization pattern enables you to do neat things, like expose a REST
service in front of a SOAP service, and convert REST to SOAP dynamically at
the Gateway. You can also use the Gateway to deploy a virtual service in
front of a database, or a message queue, or an ESB.
But how does it work? The answer comes down to how the virtual service is
advertised to the client. Remember that service interfaces are generally
advertised using WSDL (and as of WSDL 2.0, this applies to REST API
interfaces as well as SOAP). WSDL includes the address of the service
provider host. When the Gatew... (more)
SOA in the Cloud on Ulitzer
Token translation using SAML is now quite an established way to allow
applications in one security domain to communicate with applications in
another security domain, on behalf of a user whole identity does not have to
also flow with the data. For more info go to Vordel's government page and
then click on "Secure Cross-Domain".
Can a similar architecture be used for SOA-to-Cloud and "inter-cloud"
scenarios? The answer is "yes - watch this space...."
This week's Time Magazine has a piece by Gaelle Faure entitled "How to Manage
Your Online Life When You're Dead" which describes what happens to online
profiles, Webmail, and social networking data when someone dies. Consider
Deathswitch, which is based in Houston, has a different system for releasing
the funeral instructions, love notes and "unspeakable secrets" it suggests
you store with your passwords and account info. The company will regularly
send you e‑mail prompts to verify that you're still alive, at a frequency
of your choosing. (Once a day? Once a year?... (more)
All Around the World - API Workshops for OAuth, Mobile, REST
Here at Axway, we regularly run API Workshops worldwide which bring together
API practitioners in discussion, debate, and exposure to technologies such as
OAuth 2.0, API developer portal design, and identity.
And when we say "worldwide", we mean worldwide.
To illustrate this, my colleague Philipp Schöne has created an interactive
map on CartoDB of the API Workshops over the past year, with photos of each.
All that's missing is a backing track of Daft Punk's "Around the World" :)
Each API Workshop has been eventful in its ow... (more)
Cloud Security on Ulitzer
Hat-tip to Gunnar for this link to Hoff's post on "Cloud Providers and
Security “Edge” Services – Where’s The Beef?"
So here’s the rub, if MSSP’s/ISP’s/ASP’s-cum-Cloud operators want to
woo mature enterprise customers to use their services, they are leaving money
on the table and not fulfilling customer needs by failing to roll out
complimentary security capabilities which lessen the compliance and security
burdens of their prospective customers.
While many provide commoditized solutions such as anti-spam and anti-virus
capabilities, more complex (but pr... (more)