Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton

 

Top-to-Bottom Protocol May Pave Way to Security, How?

Top-to-Bottom Protocol May Pave Way to Security.  Well, here's something that I also find intriguing, the lead statement that "Web services at every level could shorten lists of analogous problems requiring separate solutions."

I can buy that.  I am not so sure that security is the outcome, but this would seem to be why SOA and component-oriented integration is thought to be so promising.

And Coffee stresses something else: transparency and disclosure of what systems "do and how they do it, and the means by which I can tell them not to do those things that I don't like." Peter favors the Web Services model, around interface contracts if you like, as a common language for coordinated operation and some consistent visibility that might afford uniform configuration and control.  That's my impression, and I can see how it responds to one of my favorite questions: "Who's computer is it?"

I don't think that employing this sort of framework and plumbing guarantees the result that Peter envisions, but it certainly could sort out as people narrow in on component-approaches that serve his concerns for transparency and sovereignty.

The article is also inspired by John Shewchuk's view of communications infrastructure, and that is worth exploring deeper.  This answers the security tie-in: Shewchuk discusses the Indigo technologies for secure, reliable, transacted messaging ("based on" the Web services architecture).  That's the security that is the focus here.  We need to drag in Michael Howard's new pet question: "Against What Threats?"
posted by Dennis at 5/12/2004 05:30:24 PM