Security
-
Software Development
WSO2 Identity Server 5.0.0 Authentication Framework
The WSO2 Identity Server 5.0.0 takes the identity management into a new direction. No more there will be federation silos…
Read More » -
Enterprise Java
Identity Anti-patterns: Federation Silos and Spaghetti Identity
A recent research done by the analyst firm Quocirca confirms that many businesses now have more external users than internal…
Read More » -
Software Development
Chained Access Delegation Pattern
Suppose a medium-scale enterprise that sells bottled water has a RESTful API (Water API) that can be used to update…
Read More » -
Core Java
Getting A List of Available Cryptographic Algorithms
How do you learn what cryptographic algorithms are available to you? The Java spec names several required ciphers, digests, etc.,…
Read More » -
Software Development
Trust instead of Threats
According to Dr. Gary McGraw’s ground breaking work on software security, up to half of security mistakes are made in…
Read More » -
Software Development
10 things you can do to as a developer to make your app secure: #10 Design Security In
There’s more to secure design and architecture besides properly implementing Authentication, Access Control and Logging strategies, and choosing (and properly…
Read More » -
Software Development
10 things you can do as a developer to make your app secure: #9 Start with Requirements
To build a secure system, you should start thinking about security from the beginning. Legal and Compliance Constraints First, make…
Read More » -
Software Development
10 things you can do as a developer to make your app secure: #8 Leverage other people’s Code (Carefully)
As you can see from the previous posts, building a secure application takes a lot of work. One short cut…
Read More » -
Software Development
10 things you can do as a developer to make your app secure: #7 Logging and Intrusion Detection
This is part 7 of a series of posts on the OWASP Top 10 Proactive Development Controls: 10 things you…
Read More »
