tag:blogger.com,1999:blog-4285729513030543746.post4257059404069125444..comments2024-03-27T00:26:40.551-07:00Comments on Real Time View: Behind the Pit Wall ...Richard Bucklehttp://www.blogger.com/profile/17723428627971060930noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-4285729513030543746.post-59202552844744322712008-07-29T12:17:00.000-07:002008-07-29T12:17:00.000-07:00I agree that securing the service (or "adapting th...I agree that securing the service (or "adapting the power client to the power socket") is important.<BR/><BR/>However I would think that there are many cases where it is sufficient to do the "filtering/securing" on the NonStop rather than on a front-end system. <BR/><BR/>As long as you are not opening up your SOA service via the Internet and as long as you use proper access control (user name/passwords, firewalls, ...) you *are* in control of who accesses your system and that can ensure proper coupling of systems. <BR/><BR/>I also think a direct connection has benefits as it reduces complexity and increases uptime of the service.Thomas Burghttps://www.blogger.com/profile/17155758745821499754noreply@blogger.comtag:blogger.com,1999:blog-4285729513030543746.post-50776281926679104032008-07-28T14:35:00.000-07:002008-07-28T14:35:00.000-07:00Where services become externalized via the web, th...Where services become externalized via the web, then there are substantially bigger concerns. When it comes to securing web services then it is a different story – you can secure the connection, add authentication etc. but there is semantic security concerns which people don’t talk about. <BR/><BR/>Think of electricity as the ultimate service; the public utility will be able to tell you that the electricity being delivered is 110V 50H and your socket is rated 2amps. They don’t know what you’ll plug into it, a chainsaw, PC, light bulb or nothing. They don’t know how many watts you’ll use ahead of time. SOA security products give you a grounded socket – but if you connect a chainsaw and chop a body into little pieces, they wouldn’t know about it. With data security, people who authoritatively own the data are liable to ensure its legitimate usage.<BR/><BR/>Should account information get sacrificed through a service offered by the NSK, you can’t just claim ignorance like the electric company could. But fundamentally, service oriented is decoupling of the publisher of an application service from the subscriber of the application service – much like the electricity and the chainsaw. Ultimately, if you’re going to expose services, you’re better off exposing parts of it to a secondary environment which is better aligned with the subscriber of the information (and possibly controlled by the subscriber of the information).<BR/><BR/>That way, if someone plugs in a 5amp storage array to a 1 amp socket and blows the circuit, you’re not impacted, if the electricity needs to be 240V 60H instead, they have a transformer in place and the service is provided in the framework of application(s) that will consume it.Sami Akbayhttps://www.blogger.com/profile/09233367559069185413noreply@blogger.comtag:blogger.com,1999:blog-4285729513030543746.post-46802068741082536742008-07-24T14:47:00.000-07:002008-07-24T14:47:00.000-07:00Editors Remarks - Please note, the additional comm...Editors Remarks - <BR/><BR/>Please note, the additional comment from Ron Thompson was deleted as it was an (accidental) duplication for which I take responsibility.<BR/><BR/>Thanks,Richard Bucklehttps://www.blogger.com/profile/17723428627971060930noreply@blogger.comtag:blogger.com,1999:blog-4285729513030543746.post-40082022519671329872008-07-24T14:32:00.000-07:002008-07-24T14:32:00.000-07:00An industry analyst asked me just today, "SOA was ...An industry analyst asked me just today, "SOA was a hot topic a couple of years ago and has been widely accepted by industry, is it still a hot issue?". I replied that it is a very prominent topic with the HP NonStop community, we're an ultra conservative bunch!<BR/><BR/>We can all attest to the ever increasing rate of change, especially in the technology sphere. Standards such as SOAP,HTTP,SSL, and XML help to preserve your investment in Web Service from changing environments and platforms.<BR/><BR/>At NuWave Technologies we've been promoting and evangelizing SOA and Web Services within the NonStop community at every opportunity. We encourage all architects to include their NonStop applications as <B>active participants</B> in their SOA strategy.<BR/><BR/>I agree with you Richard - "It's time to step out from behind the wall..."Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4285729513030543746.post-31653784065332117662008-07-23T10:52:00.000-07:002008-07-23T10:52:00.000-07:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4285729513030543746.post-58533929064483945582008-07-23T10:50:00.000-07:002008-07-23T10:50:00.000-07:00Richard - Thanks for the update.At CAIL we believe...Richard - Thanks for the update.<BR/><BR/>At CAIL we believe SOA and SASH are important too.<BR/><BR/>However, since moving to Web Services and SOA is typically a strategic initiative with a compelling business value proposition, many people with strong technical skills appear to find it challenging to relate to evolving systems in this direction. Further, since this is all about "exposing information", it is counter intuitive in the NonStop systems environment. As you can appreciate, the proprietary nature of the NonStop platform has been a huge advantage in delivering very high systems availability as well as mitigating security and other potential disasters. However, it's also problematic in making NonStop information services more integral in enterprise IT infrastructure and being included in initiatives to address new business needs. <BR/><BR/>As we both know, utilizing Web Services and having a NonStop SOA strategy is important to help address this situation.<BR/><BR/>If you have suggestions to increase the awareness of the importance of moving NonStop systems forward in this direction, please let me know.Anonymousnoreply@blogger.com