David Linthicum wrote an intriguing article titled "Cloud Computing will
kill these three technologies" in which he writes obituaries for:
i) Design-Time Governance ii) Older and Smaller Clouds and iii) Tier 2
Enterprise Software Providers.
Of these predictions, the one that resonates most is design-time governance.
Design-Time Service Governance: I am particularly happy to see this
category listed on the chopping block (from David's perspective) and here is
why.
Over the last decade or so, we have seen significant run-time SOA Governance
deployments at the edge of an enterprise used for interacting with SaaS
platforms using SOAP, XML or REST. We have seen customers choose not use
glorified UDDI registries. Instead, they have focused on using the
SOA/Cloud/XML Governance Gateway as the system of truth for services produced
and consumed (import and export WSDLs).
T... (more)
Secure Cloud Computing on Ulitzer
Security in the Ether, by David Talbot
MIT Technology review recently published a great article titled: Security in
the Ether addressing security, privacy and reliability issues resulting from
cloud computing.
Some of the interesting points in this article include:
The cloud security threat is across two related dimensions:
i) cloud resident data may be lost due to equipment/software failure or
stolen by a hacker because of the shared resouce nature of cloud computing
and
ii) cloud data may be mishandled by the cloud provider because of technology... (more)
The Cloud Security Alliance (CSA) published Version 2.1 of its Guidance for
Critical Areas of Focus in Cloud Computing with a significant and
comprehensive set of recommendations that enterprises should incorporate
within their security best practices if they are to use cloud computing in a
meaningful way.
The Guidance provides broad recommendations for operational security concerns
including application security, encryption & key management, and identity &
access management. In this article, we will consider security implications of
REST- and SOAP-based communication between co... (more)
XML Security at Cloud Expo
OWASP AppSec DC 2009 had a compelling session that defined cloud taxonomies
and the security implications associated with the cloud computing.
The three taxonomies that have become part of our vernacular are:
Infrastructure as a Service (IaaS): Set of virtualized components that can be
assembled to build a application. Amazon EC2, Rackspace, Opsource, and
GoGrid are examples of IaaS where you can rent "virtual" hardware and
software as a "pay-as-you-go" services. If you need 5 Linux servers running
MySQL Database for 3 months, you'd subscribe to an Iaa... (more)
SOA Security at Cloud Expo
Here is an interesting article by Rob Barry titled: "In SOA, cloud resources
may exacerbate security and file transfers issues." It highlights significant
requirements for Federated SOA especially around large file transfer using
SOAP Attachments. The article makes the following interesting points:
With increasing cloud adoption, there is an increase of large file transfers
to external cloud providers such as Amazon S3 or Rackspace CloudFiles or to
a company's internally hosted cloud. The file size increase is driven by
the a low-hanging use case for S... (more)
Mamoon Yunus is an industry-honored CEO and visionary in Web Services-based technologies. As the founder of 
David Lucas
Cathy Lopez
Shaul Efraim
Terence Martin Breslin
Cory Marchand
David Hughes
James Carlini
John Iffert
Dan Stolts
Joe Zeto
