SOA Security and SAML - Maturity Defined by Usage Not Time
Mon, 22 Oct 2007 21:33:38 +0000
Gerald Beuchelt ridicules my post on SOA security in his reply, Where is the problem? In particular, Gerald takes aim at my statement that SAML (and other SOA standards) is immature, stating that SAML has been around since 2001.
I agree with Gerald that, if you measure maturity by time (as he does in his reply), then SAML could be considered “mature”.
On other other hand, I am measuring “maturity” by actual usage, and the proof of security solutions is in the actual adoption, not simply years of standards activity and vendor marketing.
For example, here is a WS-Security related quote from Michael Meehan, SOA standards searched for maturity in 2005: “You can find WS-Security in all SOA products, but almost no one’s using it,” said Burton Group Inc. vice president and research director Anne Thomas Manes. “It’s amazing how few people are using it.”
The same is true for SAML and other security standards for SOA. Yes, there has been a lot of activity for a number of years, and vendors include the products in their sales portfolio, but very few people actual use it to build secure applications.
I measure IT maturity by actual usage. For example, HTTP, SSL, SNMP, IPSEC are “mature” in my opinion, they are used worldwide. SAML, and most of the other SOA-related security standards, are not.
I have a requirement of checking the current system time and performing certain actions in a shell script. example:
if the current system time is greater than 1400 hrs, then perform step 1,2,3
if the current system time is greater than 1000 hrs, then perform step 1,2
if the current system time... (2 Replies)
how can I find cpu usage memory usage swap usage and
I want to know CPU usage above X% and contiue Y times and memory usage above X % and contiue Y times
my final destination is monitor process
logical volume usage above X % and number of Logical voluage above
can I not to... (3 Replies)