Comments on: Feeling secure with Web Services – Introduction http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/ A weblog about software engineering, Architecture, Technology an other things we like. Thu, 19 Aug 2010 21:06:48 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Goran http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/comment-page-1/#comment-1537 Goran Fri, 06 Jun 2008 07:21:56 +0000 http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/#comment-1537 Allard, I agree offcourse that a threat analysis is very specific and can differ between implementation depending on requirements. But what I ment was more just to mention it briefly (perhaps in a conclusion) since it is overlooked quite often. People yelling and screaming we need security! We need certificates! While sometimes none of those actually is needed....... :). But great articles, have read them al ;), Allard,

I agree offcourse that a threat analysis is very specific and can differ between implementation depending on requirements. But what I ment was more just to mention it briefly (perhaps in a conclusion) since it is overlooked quite often. People yelling and screaming we need security! We need certificates! While sometimes none of those actually is needed……. :) .

But great articles, have read them al ;) ,

]]> By: Allard http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/comment-page-1/#comment-1476 Allard Sun, 01 Jun 2008 15:20:22 +0000 http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/#comment-1476 Goran, a threat analysis is not something you can do once and then apply on all web services. It's like having one single figure you can use to say what the chance of theft is in a store. That would of course depend on the location of the store and type of articles sold. My goal in these articles is just to provide the information about types of securtiy available and what they actually secure. It's up to you to do a threat analysis on your own services and decide which type of security you apply. Goran,

a threat analysis is not something you can do once and then apply on all web services. It’s like having one single figure you can use to say what the chance of theft is in a store. That would of course depend on the location of the store and type of articles sold.

My goal in these articles is just to provide the information about types of securtiy available and what they actually secure. It’s up to you to do a threat analysis on your own services and decide which type of security you apply.

]]> By: Goran http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/comment-page-1/#comment-1415 Goran Mon, 26 May 2008 14:47:31 +0000 http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/#comment-1415 Always an interesting subject, looking forward to your thoughts on digital signing. Would be interesting to also see your thoughts on another topic if you could squeeze it in the conclusion: - When to implement security. (Threat analysis) :) Looking forward to your posts!!! Always an interesting subject, looking forward to your thoughts on digital signing.

Would be interesting to also see your thoughts on another topic if you could squeeze it in the conclusion:

- When to implement security. (Threat analysis) :)

Looking forward to your posts!!!

]]> By: jettro http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/comment-page-1/#comment-1345 jettro Mon, 19 May 2008 06:38:59 +0000 http://www.gridshore.nl/2008/05/17/feeling-secure-with-web-services-introduction/#comment-1345 I cannot wait to start reading the real stuff :-) I cannot wait to start reading the real stuff :-)

]]>