Description: This presentation titled "Security Policy Management: Best Practices for Web Services and Application Security" was given by Ray Neucom at SnowFROC 2009.
A policy driven approach is fundamental to the secure deployment of web services and applications in today's environment. In a service oriented architecture, the goals established and driven by the business need to be consistent with corporate security policies and standards followed by IT operations. To achieve those goals, a unified security policy management approach should be considered to enable secure access to web services and applications. This session will discuss a standards-based (XACML, WS-SecurityPolicy) security policy management approach and the key set of requirements to enable web-services and application security. It will cover the high-level architectural requirements to enable organizations to safely externalize security from the web services and applications. The session will also discuss a case study of how a standards based, unified policy management and enforcement can address authentication, identity propagation, coarse-and fine-grained authorization security requirements and enable clients to demonstrate compliance in a loosely coupled, heterogeneous IT environment.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.