Between Cloud, Mobility and the Enterprise is the API Middle Ground

Scott Morrison

Subscribe to Scott Morrison: eMailAlertsEmail Alerts
Get Scott Morrison via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Scott Morrison

Cloud Security Journal on Ulitzer Two weeks ago, I delivered a webinar about new security models in the cloud with Anne Thomas Manes from Burton Group. Anne had one slide in particular, borrowed from her colleague Dan Blum, which I liked so much I actually re-structured my own material around it. Let me share it with you: This graphic does the finest job I have seen of clearly articulating where the boundaries of control lie under the different models of cloud computing. Cloud, after all, is really about surrendering control: we delegate management of infrastructure, applications, and data to realize the benefits of commoditization. But successful transfer of control implies trust–and trust isn’t something we bestow easily onto external providers. We will only build this trust if we change our approach to managing cloud security. Cloud’s biggest problem isn’t securi... (more)

Bridging the Enterprise and the Cloud

I’ll be speaking this Tuesday, Nov 16 at the Gartner Application Architecture, Development and Integration Summit in Los Angeles. My talk is during lunch, so if you’re at the conference and hungry, you should definitely come by and see the show. I’ll be exploring the issues architects face when integrating cloud services—including not just SaaS, but also PaaS and IaaS—with on-premise data and applications. I’ll also cover the challenges the enterprise faces when leveraging existing identity and access management systems in the cloud. I’ll even talk about the thinking behind Dar... (more)

The API Lab

Promotion is a problem faced by every API developer. Long nights of coding have given form to the stroke of genius you had six months ago in the cafe. You’ve just written the API that will serve as the front door into your application. But how do you document this so that your peers will use it—and hopefully make you rich in the process? Java had Javadoc, an innovation that managed to strike a surprisingly effective balance between ease of use and systematization (three cheers for strong typing and static binding). Web services “solved” the interface definition problem with WSDL... (more)

Platform Comes To Washington

Everyone wants his or her government to be better. We want more services, better services, and we want it delivered cheaper. Politicians come and go, policies change, new budgets are tabled, but in the end we are left with a haunting and largely unanswerable question: are things better or worse than they were before? One thing that is encouraging and has the potential to trigger disruptive change to the delivery of government services in the US is the recent publication Digital Government: Building a 21st Century Platform to Better Serve the American People. The word to note her... (more)

Propagating Security Context Across a Distributed Web Services Environment

It's a problem as old as networked computing. Consider two applications. They negotiate a level of trust. How can that trust - or security context - be transferred to a third application, one that may exist in an entirely different security domain from the first? This problem has been solved before, but is limited by proprietary solutions that resist integration. The challenge now, which is a significant one, is to solve it again, but this time for Web services - a task complicated by the need to accommodate a broad range of established security procedures and legacy technologie... (more)