|By Sean Rhody||
|March 18, 2005 12:00 AM EST||
Recently, Paris Hilton's cell phone was hacked, and all her contact information was released on the Internet. Although I wasn't important enough to rate a listing, many other celebrities were apparently flooded with phone calls after their private numbers became oh-so-public. While the incident didn't involve Web services, it certainly did involve security, or rather a failure of security. And once again, security itself is the focus of this month's issue.
Security has been a topic of this magazine almost since its inception - and we tend to get proposals regarding security on a year-round basis. Initially, when the number of Web services specifications could be counted on one hand, security was a huge concern, and a serious impediment for enterprise adoption of Web services (and rightfully so when the only security provided was SSL).
Over the past several years however, that situation has been remedied by a large number of standards, most of which have been implemented in some fashion. These include WS-Security and things like digital signatures. If you dig into the security area you will find there is actually a large number of things you can do to protect your Web service. Some are targeted at the message and some at authentication; some even look at the content by validating that the message is a valid request.
Part of the initial resistance to Web services revolved around the need for security, and that did make sense. Now however, when we have a plethora of standards for combating the deficiencies of the original specifications, it's possible to put the general concern that Web services cannot be secured to rest.
Companies can now concentrate on Web services and security from an opportunistic standpoint. Whereas previously IT professionals had to fight the battle of "Web services aren't secure," they can now point to the standards and tools and say, "How secure do you want them to be?"
The nice thing about the various Web services standards is twofold; they are layered, and you can choose whether or not to use many of them. The layered approach makes it easier to design and build Web services. Later, someone can decide how to secure those services, or how to deploy them, or manage them. Not having to decide at design time how to implement the various strategies (or even whether to implement them) is a key advantage in Web services usage. Naturally, it's not a new concept - the application server people use it all the time with their deployment descriptors.
Regardless of where the idea came from, the separation of layers is a very useful thing. Web services security needs to run the gamut from absolutely none necessary to absolutely paranoid, with most services falling in between. That's because Web services are an edge technology, and sometimes the edge must be protected, but sometimes you want to expose it.
There are some well-known Web services such as Google and Amazon, which need little in the way of security. It isn't important to the use of these services to establish identity, so applying SAML would be a needless overhead, and would likely reduce the number of users, rather than increase them. Many services are like this - more or less wide open because the information transferred is of value only to the user. The fact that I search for "books by Sean Rhody" is interesting only to Amazon, who processes the request, and to myself. Well, and to my legions of fans of course. The point though is that my identity is irrelevant and securing the service is fairly unimportant because what is transferred has value only between Amazon and me.
On the other hand, if I were transferring money between my checking account and my savings account, I would want very strong security. I'm not rich, but I want what money I have to stay mine. I also don't want anyone else knowing how much money I do have - I get enough solicitations as it is despite the Do Not Call act.
We now have the tools to secure Web services as needed, without choking the services that can be designed without the need for heavy-duty security. And that's comforting, especially when we see other services being hacked and phone numbers being distributed on the Internet. Oh, and Paris - why haven't you called back?
Health care systems across the globe are under enormous strain, as facilities reach capacity and costs continue to rise. M2M and the Internet of Things have the potential to transform the industry through connected health solutions that can make care more efficient while reducing costs. In fact, Vodafone's annual M2M Barometer Report forecasts M2M applications rising to 57 percent in health care and life sciences by 2016. Lively is one of Vodafone's health care partners, whose solutions enable older adults to live independent lives while staying connected to loved ones. M2M will continue to gr...
Apr. 26, 2015 03:00 PM EDT Reads: 1,535
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Apr. 26, 2015 03:00 PM EDT Reads: 2,515
SYS-CON Events announced today that Ciqada will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Ciqada™ makes it easy to connect your products to the Internet. By integrating key components - hardware, servers, dashboards, and mobile apps - into an easy-to-use, configurable system, your products can quickly and securely join the internet of things. With remote monitoring, control, and alert messaging capability, you will meet your customers' needs of tomorrow - today! Ciqada. Let your products take flight. For more inform...
Apr. 26, 2015 03:00 PM EDT Reads: 1,934
SYS-CON Events announced today that GENBAND, a leading developer of real time communications software solutions, has been named “Silver Sponsor” of SYS-CON's WebRTC Summit, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. The GENBAND team will be on hand to demonstrate their newest product, Kandy. Kandy is a communications Platform-as-a-Service (PaaS) that enables companies to seamlessly integrate more human communications into their Web and mobile applications - creating more engaging experiences for their customers and boosting collaboration and productiv...
Apr. 26, 2015 02:00 PM EDT Reads: 2,752
Dave will share his insights on how Internet of Things for Enterprises are transforming and making more productive and efficient operations and maintenance (O&M) procedures in the cleantech industry and beyond. Speaker Bio: Dave Landa is chief operating officer of Cybozu Corp (kintone US). Based in the San Francisco Bay Area, Dave has been on the forefront of the Cloud revolution driving strategic business development on the executive teams of multiple leading Software as a Services (SaaS) application providers dating back to 2004. Cybozu's kintone.com is a leading global BYOA (Build Your O...
Apr. 26, 2015 02:00 PM EDT Reads: 1,579
The best mobile applications are augmented by dedicated servers, the Internet and Cloud services. Mobile developers should focus on one thing: writing the next socially disruptive viral app. Thanks to the cloud, they can focus on the overall solution, not the underlying plumbing. From iOS to Android and Windows, developers can leverage cloud services to create a common cross-platform backend to persist user settings, app data, broadcast notifications, run jobs, etc. This session provides a high level technical overview of many cloud services available to mobile app developers, includi...
Apr. 26, 2015 02:00 PM EDT Reads: 1,429
SYS-CON Events announced today that BroadSoft, the leading global provider of Unified Communications and Collaboration (UCC) services to operators worldwide, has been named “Gold Sponsor” of SYS-CON's WebRTC Summit, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BroadSoft is the leading provider of software and services that enable mobile, fixed-line and cable service providers to offer Unified Communications over their Internet Protocol networks. The Company’s core communications platform enables the delivery of a range of enterprise and consumer calling...
Apr. 26, 2015 01:30 PM EDT Reads: 2,562
While not quite mainstream yet, WebRTC is starting to gain ground with Carriers, Enterprises and Independent Software Vendors (ISV’s) alike. WebRTC makes it easy for developers to add audio and video communications into their applications by using Web browsers as their platform. But like any market, every customer engagement has unique requirements, as well as constraints. And of course, one size does not fit all. In her session at WebRTC Summit, Dr. Natasha Tamaskar, Vice President, Head of Cloud and Mobile Strategy at GENBAND, will explore what is needed to take a real time communications ...
Apr. 26, 2015 01:00 PM EDT Reads: 1,801
What exactly is a cognitive application? In her session at 16th Cloud Expo, Ashley Hathaway, Product Manager at IBM Watson, will look at the services being offered by the IBM Watson Developer Cloud and what that means for developers and Big Data. She'll explore how IBM Watson and its partnerships will continue to grow and help define what it means to be a cognitive service, as well as take a look at the offerings on Bluemix. She will also check out how Watson and the Alchemy API team up to offer disruptive APIs to developers.
Apr. 26, 2015 12:00 PM EDT Reads: 1,869
The IoT Bootcamp is coming to Cloud Expo | @ThingsExpo on June 9-10 at the Javits Center in New York. Instructor. Registration is now available at http://iotbootcamp.sys-con.com/ Instructor Janakiram MSV previously taught the famously successful Multi-Cloud Bootcamp at Cloud Expo | @ThingsExpo in November in Santa Clara. Now he is expanding the focus to Janakiram is the founder and CTO of Get Cloud Ready Consulting, a niche Cloud Migration and Cloud Operations firm that recently got acquired by Aditi Technologies. He is a Microsoft Regional Director for Hyderabad, India, and one of the f...
Apr. 26, 2015 12:00 PM EDT Reads: 1,678
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
Apr. 26, 2015 12:00 PM EDT Reads: 2,329
WebRTC is an up-and-coming standard that enables real-time voice and video to be directly embedded into browsers making the browser a primary user interface for communications and collaboration. WebRTC runs in a number of browsers today and is currently supported in over a billion installed browsers globally, across a range of platform OS and devices. Today, organizations that choose to deploy WebRTC applications and use a host machine that supports audio through USB or Bluetooth can use Plantronics products to connect and transit or receive the audio associated with the WebRTC session.
Apr. 26, 2015 12:00 PM EDT Reads: 1,913
As enterprises move to all-IP networks and cloud-based applications, communications service providers (CSPs) – facing increased competition from over-the-top providers delivering content via the Internet and independently of CSPs – must be able to offer seamless cloud-based communication and collaboration solutions that can scale for small, midsize, and large enterprises, as well as public sector organizations, in order to keep and grow market share. The latest version of Oracle Communications Unified Communications Suite gives CSPs the capability to do just that. In addition, its integration ...
Apr. 26, 2015 11:30 AM EDT Reads: 4,429
Wearable technology was dominant at this year’s International Consumer Electronics Show (CES) , and MWC was no exception to this trend. New versions of favorites, such as the Samsung Gear (three new products were released: the Gear 2, the Gear 2 Neo and the Gear Fit), shared the limelight with new wearables like Pebble Time Steel (the new premium version of the company’s previously released smartwatch) and the LG Watch Urbane. The most dramatic difference at MWC was an emphasis on presenting wearables as fashion accessories and moving away from the original clunky technology associated with t...
Apr. 26, 2015 11:00 AM EDT Reads: 2,117
SYS-CON Events announced today that Litmus Automation will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Litmus Automation’s vision is to provide a solution for companies that are in a rush to embrace the disruptive Internet of Things technology and leverage it for real business challenges. Litmus Automation simplifies the complexity of connected devices applications with Loop, a secure and scalable cloud platform.
Apr. 26, 2015 11:00 AM EDT Reads: 1,758
In 2015, 4.9 billion connected "things" will be in use. By 2020, Gartner forecasts this amount to be 25 billion, a 410 percent increase in just five years. How will businesses handle this rapid growth of data? Hadoop will continue to improve its technology to meet business demands, by enabling businesses to access/analyze data in real time, when and where they need it. Cloudera's Chief Technologist, Eli Collins, will discuss how Big Data is keeping up with today's data demands and how in the future, data and analytics will be pervasive, embedded into every workflow, application and infra...
Apr. 26, 2015 11:00 AM EDT Reads: 1,478
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, will provide some practical insights on what, how and why when implementing "software-defined" in the datacenter.
Apr. 26, 2015 11:00 AM EDT Reads: 1,633
SYS-CON Media announced today that @ThingsExpo Blog launched with 7,788 original stories. @ThingsExpo Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @ThingsExpo Blog can be bookmarked. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago.
Apr. 26, 2015 11:00 AM EDT Reads: 2,573
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on Twitter at @MicroservicesE
Apr. 26, 2015 11:00 AM EDT Reads: 2,117
SYS-CON Events announced today that robomq.io will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. robomq.io is an interoperable and composable platform that connects any device to any application. It helps systems integrators and the solution providers build new and innovative products and service for industries requiring monitoring or intelligence from devices and sensors.
Apr. 26, 2015 11:00 AM EDT Reads: 2,105