Welcome!

XML Gateway Alchemy

Rizwan Mallal

Subscribe to Rizwan Mallal: eMailAlertsEmail Alerts
Get Rizwan Mallal via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Rizwan Mallal

It is very rare today to find a business application that has not exposed its interface via SOAP/XML. XML is the building block that enables business or consumer applications to exchange data in a standard structured format.  The exchange of XML data typically takes place through an SOAP/XML interface based on the Web Services standard or through the REST-based standard.  These flexible standards that richly describe interface functions of an application also introduce a host of XML and Web Services security vulnerabilities.  This article is a quick guide to most common XML and Web Services security vulnerabilities and the two basic security models they follow. XML and Web Services Security can be categorized into Trust and Threat Models.  The Threat Model helps identify both inbound and outbound threats and provides means of re-mediating such threats.  Trust Models... (more)

Tale of Two XML Gateways

XML Magazine on Ulitzer These days,  XML Gateways are a core infrastructure component of any enterprise SOA deployment.  XML Gateways provide the ability to integrate services securely with granular access control, data-level encryption, integrity through signatures and XML threat mitigation.  XML Gateways can be deployed as a hardware appliance or as a software gateway ( also as cloud based instances).  Both of these form factors have their advantages and disadvantages.  This article provides readers with a quick synopsis of the pros and cons of each form factor. XML Gateway Ha... (more)

Forum Systems Latest XML Gateway Targets SOA Federation

Looks like Forum Sentry, the pioneer and leader of XML Gateway and XML Firewall technology has announced its latest product that now addresses the growing need for handling not just XML/Web services traffic, but also HTML/Portal traffic. From a technology standpoint, this is not a revolutionary jump, but a gradual evolution of the XML Gateway that now handles HTTP/HTML-header information, which is by far easier than looking deeper into the XML packets. However, the business implication of this is significant since companies can now use a single platform for HTML and XML processi... (more)

IBM DataPower vs. Forum Sentry

Mark Bakker from Xebia -- a specialized international IT consultancy focusing on Enterprise Java -- published an interesting overview of IBM DataPower Security Gateway and Forum Sentry.   Mark writes: "The Forum sentry has some advantages when you compare it to the IBM Datapower XML Security Gateway XS40. The main difference is that you can do more whith only one appliance. You can replace an IBM Webseal, a virus scanner and an IBM Datapower XS40 with only one device. My advice is to take this device in considerations where you have to choose for an XML firewall/ hardware ESB." Fo... (more)

Reducing the Complexity of Application Security

Integration is the Enemy of Security and so is Flexibility - an attribute that is essential for organizations to survive.  A corporation that cannot service its customers and suppliers, establish long sticky relationships with them and build an infrastruture that enables rapid addition of both suppliers, buyers and partners for information exchange will perish and get demolished by a nimble and flexible competitor whose infrastructure has integration capabilities for rapid information exchange. Mike Vizard from CTOEdge talks about the business drivers that compel companies to inte... (more)