Blog

Updates, insights, and commentary from the OSA community. Tracking the evolution of security architecture since 2008.

23 August 2008 • Tobias

SOA Security Risks

There are several technology trends that push the development and adoption of distributed systems. Probably most discussed are "Service Oriented Architecture (SOA)" and "Software as a Service (SaaS)".

10 August 2008 • Aurelius

Summary of recent changes to the site

Below a short summary of recent changes on the Open Security Architecture website:

29 July 2008 • Spinoza

New patterns

I am pleased to say there are a few new patterns available in the library:

25 May 2008 • Spinoza

Update the control icons on patterns

Talking with Aurelius during the week, and he showed an updated version of the control labels on patterns that includes some descriptive text.

23 May 2008 • Spinoza

OpenID support

I've enabled OpenID support on the site so you can now login with your Open ID instead of having to register with us. Please let us know if you have any trouble.

21 March 2008 • Aurelius

Draft Pattern: SOA internal usage

The sequel to the "SOA: publication and location" has now been uploaded in draft state.

21 March 2008 • Aurelius

Describe your experience in your own blog statements

All registered users, now have author access rights and can write their own blog statement simply by using the "Create a blog entry" menu item in the "Community" menu.

15 March 2008 • Spinoza

New front page image

Spent a few minutes playing with a new front page image. Aurelius suggested that the tag lines should be a little more action focussed, and I was concerned the old image had too many colors and lines (it's mandatory for lots of white space in these Web 2.0 times).

11 March 2008 • Spinoza

Server module updated

Just uploaded the updated Server module to align with the role changes we made to the client. I found a few additional errors as I went through that I corrected, and hopefully these should now be quite stable.

11 March 2008

Security Requirements

During my discussion with Claudiu (whom I appreciate as great expert in the area of secure development), we came up with some further thoughts on what drives security requirements. Also we agreed that the currently posted categorization in the Security Requirements article (under Foundations->Definitions) is not orthogonal. Meaning that a requirement can ambigously belong to two categories. However we believe that it is never the less valuable to understand what are the potential sources for requirements.