Welcome!

XML Gateway Alchemy

Rizwan Mallal

Subscribe to Rizwan Mallal: eMailAlertsEmail Alerts
Get Rizwan Mallal via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Rizwan Mallal

XML Gateways are becoming standard in enterprise SOA deployments with the following common themes: Identity mediation is the first step for the majority of SOA Deployments. Identities come in may shapes and sizes represented at both the protocol level (e.g., HTTP Basic Auth, SSL Mutual Auth) and message level (WS-Security tokens X.509, SAML, etc.). Even if an enterprise successfully standardizes on a single identity representation, it cannot dictate how it's trading partners should represent its identities. Thus, inditites need to be accepted in many forms and changed to a single internal representation - that is if everyone within an organization can agree to a standardized representation. Most likely, even internally, more than one identity representation exists. XML Firewalling is essential to ensure that information is checked before it makes it to the back end... (more)

Reducing the Complexity of Application Security

Integration is the Enemy of Security and so is Flexibility - an attribute that is essential for organizations to survive.  A corporation that cannot service its customers and suppliers, establish long sticky relationships with them and build an infrastruture that enables rapid addition of both suppliers, buyers and partners for information exchange will perish and get demolished by a nimble and flexible competitor whose infrastructure has integration capabilities for rapid information exchange. Mike Vizard from CTOEdge talks about the business drivers that compel companies to inte... (more)

The Differences Between an XML Gateway and a Web Application Firewall

Jason Macy, CTO   Forum Systems, Inc Introduction A common industry misconception is understanding the differences between an XML Gateway and a Web Application Firewall.   These technologies are sometimes confused as being competitive, but in fact they are complementary technologies that together provider the foundation of modern-day network perimeter security infrastructure. Key Areas of Comparison To better understand the distinctions between these product technologies, the primary areas of comparison are as follows: Topology Deployment ModesProtocols and Message Formats StandardsP... (more)

Tale of Two XML Gateways

XML Magazine on Ulitzer These days,  XML Gateways are a core infrastructure component of any enterprise SOA deployment.  XML Gateways provide the ability to integrate services securely with granular access control, data-level encryption, integrity through signatures and XML threat mitigation.  XML Gateways can be deployed as a hardware appliance or as a software gateway ( also as cloud based instances).  Both of these form factors have their advantages and disadvantages.  This article provides readers with a quick synopsis of the pros and cons of each form factor. XML Gateway Ha... (more)

XML Security Trust and Threat Models for Dummies

It is very rare today to find a business application that has not exposed its interface via SOAP/XML. XML is the building block that enables business or consumer applications to exchange data in a standard structured format.  The exchange of XML data typically takes place through an SOAP/XML interface based on the Web Services standard or through the REST-based standard.  These flexible standards that richly describe interface functions of an application also introduce a host of XML and Web Services security vulnerabilities.  This article is a quick guide to most common XML and W... (more)