IBM®
Skip to main content
    Country/region [select]      Terms of use
 
 
    
     Home      Products      Services & industry solutions      Support & downloads      My IBM     
developerWorks  >  Blogs  >   developerWorks

author Policy, WS-Policy, SOA Policy

I have been working in Web Services, SOA and security in SWG for the past several years. I previously worked in Lotus on java security. I am currently the lead architect for SOA Policy in AIM under Jerry Cuomo. I have worked in security and policy for many years within IBM and am a co-author of the WS* specifications for security and policy.



Tuesday March 25, 2008

Diving in to the blogosphere

The difficult thing about blogging, is knowing when and where to dive in. So, I'm going to start with a little career background and then try to pick up a thread or two in future entries. I saw the potential benefit of Web Services and I was involved in many of the standards as early as 2000 to make sure it aligned with IBM long term business strategy, it is very heart warming to see how it is being adopted today in SOA. Having worked on security in operating systems (UNIX at Bell Labs) and distributed computing (DCE at HP) I started in Lotus working on Java client security. I went to work in Emerging Technologies under Rod Smith initially participating in some of the early browser security investigations, working with Tony Nadalin and Larry Koved. With colleagues in Raleigh, I began prototyping the "publish, find, bind" pattern for services and it led to the UDDI Universal Business Registry, and on into the UDDI speicifcations. Throughout, I was on point for working with research folks in the security area, and worked closely with Hiroshi Maruyama and Michiahru Kudoh in XML security which led me to be involved with Web Services. Hiroshi, Tony and I began discussions with colleagues at Microsoft, when we realized that we each had thought about adding security to SOAP messaging models but in a slightly different way. The result was the Web Services Security Roadmap and a set of specifications; WS-Security, WS-Policy, WS-Federation, WS-Trust, WS-Secure Conversation. After working toward reference implementations and beginning the standardization process for the various proposed specifications in the W3C and OASIS, I went into the Enterprise Integration Services group under Ed Kahan. There I had the experience of working with customers on the early days of SOA which was enlightening. While in the field I started collecting security patterns and worked with a team of security folks and Jonathan Adams on trying to integrate security into the E-business patterns. Unfortunately, this never saw the light of day and I hope to add to the blog about some of this going forward. With the acquisition of Data Power, I thought it would be exciting to see many of these initiatives come together in an appliance form. Now I'm trying to build a community around SOA policy, using the new work in DP, Tivoli and WS-RR as an illustration of pragmatic SOA policy. I'll use this blog to explore policy topics and I'm hoping that my colleagues will join in because policy is really the representation of a set of shared requirements. It should be fun.

Categories : [   Policy  |  SOA  |  Security  |  Services  |  WS-Policy  |  WS-Security  |  Web  ]

Mar 25 2008, 01:45:01 PM EDT Permalink

Previous month
  March 2008
 Next month
S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     
Today

RSS for

RSS for

Favorites

Categories
IMPACT (1)
Policy (2)
SOA (2)
Security (1)
Services (1)
WS-Policy (1)
WS-Security (1)
Web (1)

Recent Entries
Diving in to the blogosphere

Blogs I read

Special offers
Save on Rational testing software
Download trial versions of popular IBM software
Register for the DB2 Information Management Technical Conference

More offers

 
    About IBM      Privacy      Contact