The Hogg Blog

Envisaging the Future by Reflecting on the Past

Browse by Tags

Tagged Content List
  • Blog Post: RSA Conference 2006

    RSA Conference 2006 - Summary Sorry for the late post, but I flew straight from RSA in San Jose to Sydney Australia for the patterns & practices summit. I wanted to include a brief summary of the sessions that I was interested in… Keynote: Bill Gates Anyway, the conference opened with...
  • Blog Post: Web service security - Threats and Countermeasures - Part 4 : Message Protection – Sign and Encrypt and Encrypt Signature!

    Threats Network eavesdropping leads to disclosure of confidential information even though the SOAP message body is encrypted Vulnerabilities Many web service security platforms support signing and encrypting SOAP messages (see Threat 1 - Message Protection), however, what isn't always...
  • Blog Post: Web Service Security UsernameToken Primer

    Challenge A subject that I still see a lot of misunderstanding around is how best to use the UsernameToken when using a user id and password as the basis of authentication for a Web service. Recommendations First and foremost ensure you are protecting password information in the database...
Page 1 of 1 (3 items)