Welcome!

Internet of Things, Smart Cities and API Security

Mamoon Yunus

Subscribe to Mamoon Yunus: eMailAlertsEmail Alerts
Get Mamoon Yunus via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Mamoon Yunus
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down ...
Company Augments Cisco ACE XML Gateway Replacement Program to Offer Direct Trade-in Credit for Any XML Vendor Gear, No-cost Training, Migration Best Practices and More
To better understand the components offered by MS Azure, we registered for MS Azure Platform and browsed through the three components. SQL Azure turned out to be the easiest one to configure and do something useful with, so we built a mashup that utilizes MS SQL Azure as a centeral re...
The Cloud Security Alliance (CSA) published Version 2.1 of its Guidance for Critical Areas of Focus in Cloud Computing with a significant and comprehensive set of recommendations that enterprises should incorporate within their security best practices if they are to use cloud computing...
David Linthicum wrote an intriguing article titled "Cloud Computing will kill these three technologies" in which he writes obituaries for: i) design-time governance ii) older and smaller clouds iii) and Tier 2 enterprise software providers. Of these predictions, the one that resonate...
Successful enterprise SOA implementations build on a set of localized, project-level efforts with services that have clearly identified and accountable business and technology owners. Ownerships defines a SOA Domain. SOA domains may exist within corporate boundaries or may be provide...
Here is an interesting article by Rob Barry titled: "In SOA, cloud resources may exacerbate security and file transfers issues." It highlights significant requirements for Federated SOA especially around large file transfer using SOAP Attachments. The article makes the following intere...
Service virtualization is the ability to create a virtual service from one or more predefined Service files, typically defined in a Web Service Description Language (WSDL, pronounced Wizdel) file. Typically, service virtualization takes place across multiple back-end systems that expos...
We all know that technology is central in reducing health care cost, eliminating dangerous errors, and eventually providing coverage to all. I like learning from others, so while we are innovative, there is no point in repeating mistakes. A quick view of what the Dutch have be workin...
OWASP AppSec DC 2009 had a compelling session that defined cloud taxonomies and the security implications associated with the cloud computing. Set of virtualized components that can be assembled to build a application. Amazon EC2, Rackspace, Opsource, and GoGrid are examples of IaaS w...
We have all the tools for securing information in a Cloud: establishing trust through identity, data privacy through encryption, and content integrity through signatures. We are overly focused on Cloud Computing Security issues and less on reliability. This is all about to change. Foll...
MIT Technogy review recently published a great article titled: Security in the Ether addressing security, privacy and reliability issues resulting from cloud computing.  Some of the interesting points in this article include the cloud security threat is across two related dimensio...
MIT Technology review recently published a great article titled: Security in the Ether addressing security, privacy and reliability issues resulting from cloud computing.  Some of the interesting points in this article are summarized. Cloud data may be mishandled by the cloud prov...
A broad range of new security threats is facing enterprises implementing XML Web services, leaving the enterprises open to financial risks, loss of property, and tarnished reputations. The basic rules of security - authentication, authorization, and auditing - no longer provide adequat...