WSO2 Workshop on SOA Security and Identity Management Best Practices Comes to Washington, New York and Dallas

One-Day Workshops Offer IT Professionals Real-World Best Practices for Designing and Deploying Secure SOA, REST and Cloud Implementations

Mountain View, CA – March 14, 2011 – The ability of WikiLeaks to obtain thousands of confidential documents from the US government provides an important security lesson for enterprise IT professionals. It is not enough to simply authorize users; it is also crucial to implement policy-based entitlement that limits what users can access based on their roles and relationships to the organization. That is true whether the service-oriented architecture (SOA) being secured is based on SOAP or REST, and whether it is on-premise or resides in the cloud.

WSO2 will provide enterprise architects and software developers with an overview of proven security and identity management best practices to address these demands in a dynamic one-day workshop, “SOA Security & Identity,” which is being held in three locations:

  • Washington, Tuesday, March 22– Crystal City Marriott at Reagan National Airport, Arlington, VA.
  • New York, Thursday, March 24 – Downtown Conference Center at Pace University, New York, NY.
  • Dallas, Tuesday, March 29 – DoubleTree by Hilton, Arlington, TX.

Each one-day workshop will run 8:30 a.m. – 4:30 p.m. The cost is only $70 per person to attend. To register, visit https://wso2.com/events/workshops/2011-march-usa-security-workshop

Real-world Examples Bring Key Concepts to Life

Leading the workshop will be SOA experts Asanka Abeysinghe, WSO2 director of solutions architecture and an Apache Software Foundation (ASF) committer, and Prabath Siriwardena,WSO2 software architect and senior manager. They will review the key security standards for enabling authentication and identity management; the role of governance in managing access; and proven patterns for securing SOA, REST and cloud implementations. The lively and practical sessions will include brief demonstrations using the WSO2 Carbon family of middleware products and < a href="https://wso2.com/cloud/stratos?031411sw">WSO2 Stratos cloud platform.

Workshop session topics will include:

  • Identity, Single Sign-on, SAML2, OpenID, OAuth, Information Card:This introductory session will look at how identity has evolved in the age of the Internet, review the roles and applicability of the various industry standards in use today, and examine whether companies still need both on-premise and in-the-cloud user stores.
  • Entitlement and Authorization – XACML:This session outlines how XACML can be used to define fine-grained authorization policies and the applicability of XACML-based authorization in SOAP-based Web services, as well as in RESTful services, to provide more robust security without sacrificing usability
  • How Governance Affects Your Security:This session will explore how to ensure that users only access what they need by using data services to reduce batch data transfer and create auditable, limited-access data systems employing policy-based entitlement. Attendees will also learn recommended practices for creating processes and procedures to manage entitlement policies and audit logs.
  • Best Practices for Securing Your SOA, REST and Cloud (Patterns):This final session will review best real-world security practices and patterns for both SOAP and REST. It will answer such questions as: What is the best practice for exposing internal services outside via a DMZ? How can security be enforced centrally to make sure no unauthenticated access is permitted? How can internal applications securely connect to those running on a cloud or vice versa?

About WSO2

WSO2 is the lean enterprise middleware company. It delivers the only complete open source enterprise SOA middleware stack purpose-built as an integrated platform to support today’s heterogeneous enterprise environments—internally and in the cloud. WSO2’s service and support team is led by technical experts who have proven success in deploying enterprise SOAs and contribute to the technology standards that enable them. For more information,visit https://wso2.com and the WSO2 OxygenTank developer portal at https://wso2.org, or check out WSO2 on Twitter, LinkedIn, Facebook, WSO2 Blogsand FriendFeed.

Trademarks and registered trademarks are the properties of their respective owners.