SOA Symposium: SOA, Software + Services and Cloud Computing

I am presenting a discussion on SOA, S+S and Cloud computing later today at SOA Symposium. I have included the abstract for the talk and the slides that will be used in the presentation for anyone interested. Organizations evaluating Software + Services and Cloud Computing offerings must first have a well thought-out SOA strategy in order…

0

SOA Symposium: Understanding SOA Security Patterns

I presented a discussion on SOA Security Patterns at the SOA Symposium today in Rotterdam. The abstract fro the talk is included below and the PPT is attached for anyone interested. Service-oriented solutions are distributed applications and therefore rely on many of the established security controls, practices, and technologies. However, there are distinct characteristics that…

0

Microsoft Azure cloud OS announced at PDC2008

I am here at the PDC in Los Angeles having just watched Ray Ozzie and Bob Muglia finally present the next generation of Microsoft’s Cloud Services / Software plus Services strategy with the release of our new operating system for the cloud “Azure”! Windows Azure was designed from the ground up for the needs of…

1

Sample declarative access control policy

In my previous post I mentioned that we have now released a parser for SecPAL that allows policies to be written in a human readable simplified English grammar. I thought it might be worth including an example – based on the scenario that was used in the GridToday post on Access Control in Grid Computing…

0

Parser for SecPAL simplified English grammar now available!

One of the great strengths of SecPAL is its unique support for multiple representations of a security policy; XML for interoperability; and a simplified English grammar for human readbility. The SecPAL v1.1 Research Release (available from http://research.microsoft.com/projects/secpal) allows SecPAL assertions to be created using the rich and flexible.NET object model or deserialized from (or serialized…

6

A Java implementation of SecPAL?

Panos, from the University of Newcastle just dropped me a note to say that he is making progress with his Java based SecPAL implementation – which is very exciting. I noticed that he has moved away from XSB and has decided instead to create his own custom datalog implementation – which is very cool -…

0

The IEEE Computer Security Foundations Conference

The 20th IEEE Computer Security Foundations conference is underway in Venice at the moment, and our friends from Microsoft Research in Cambridge (Moritz Y. Becker, Cedric Fournet and Andrew D. Gordon) presented the first paper of the conference – based on their formal design for SecPAL. The paper “Design and Semantics of a Decentralized Authorization Language”…

0

Access Control Requirements for Grid Computing Environments

One question I hear a lot is “How does SecPAL compare with [InsertRandomSecurityTechnologyAcronymHere]?”. Well the good news is that Marty Humphrey, Sang-Min Park, Jun Feng, Norm Beekwilder and Glenn Wasson from the Department of Computer Science at the University of Virginia have been studying just this question using real requirements from their grid network as the…

5

SecPAL Query Editor Now Available

A couple of people have remarked to us that they like the flexibility that SecPAL provides, but feel that it is difficult for people to get to grips with the API’s when they first start evaluating SecPAL. For this reason Lonnie Wall (a consultant from RDA Corp) has just released some sample C# source code…

4

Writing SecPAL Assertions In F# - Contd

In my earlier post I showed how SecPAL could be used to grant access to a particular user based on a token issued by an STS that we explicitly established a trust relationship with using the SecPAL “canSay” predicate. Now I am going to show you something that I think is really cool – and something…

0