New interesting SOA Governance video from Oracle:
SOA Management in 3 minutes:
https://blogs.oracle.com/governance/entry/soa_management_in_3_minutes
Montag, 30. Juli 2012
Dienstag, 24. Juli 2012
German article about Enterprise Architecture Management EAM
Interesting german article about Enterprise Architecture Management (EAM):
http://www.computerwoche.de/management/it-strategie/2518299/
http://www.computerwoche.de/management/it-strategie/2518299/
Donnerstag, 19. Juli 2012
Interview: How to migrate Forms to Apex
Interesting interview (in german language) how to migrate Forms to Apex:
http://www.doag.org/home/aktuelle-news/article/doagstatement-so-migieren-sie-von-forms-nach-apex.html
http://www.doag.org/home/aktuelle-news/article/doagstatement-so-migieren-sie-von-forms-nach-apex.html
Montag, 16. Juli 2012
OWSM - Part 3
Here is part 3 of OWSM
OWSM versus OEG (Oracle Enterprise Gateway) -
Which one to use depends on the tasks!
I already published some information about the Oracle Enterprise Gateway here in my blog (http://soaandit.blogspot.de/2012/05/oracle-enterprise-gateway-oeg.html). Some of the
skills and abilities of the OWSM and the OEG overlap. Therefore you habe to decide which of both tools you want to you use. That depends mostly on the location of the operation.
Use OWSM in your private Zone
If you only need security in your private company zone (green zone), you can use the OWSM. It should be applied together with other Fusion Middleware products e.g. SOA Suite.
Use OEG in your DeMilitarized Zone (DMZ)
In case you only need security in your DMZ, then apply the OEG there. It has capabilities like intrusion detection, virus checking or message throttling, which is needed in the red zone.
End-to-End-Security
If you need end-to-end security you shoud use both! Place the OWSM in your private zone for using policies, monitoring and web service security. At the same time apply the OEG in your DMZ and use its functions against attacks from the outside (XML-Firewall and -Gateway). This combination will give you maximum security and gateway capabilities both in your private zone and your DMZ.
OWSM versus OEG (Oracle Enterprise Gateway) -
Which one to use depends on the tasks!
I already published some information about the Oracle Enterprise Gateway here in my blog (http://soaandit.blogspot.de/2012/05/oracle-enterprise-gateway-oeg.html). Some of the
skills and abilities of the OWSM and the OEG overlap. Therefore you habe to decide which of both tools you want to you use. That depends mostly on the location of the operation.
Use OWSM in your private Zone
If you only need security in your private company zone (green zone), you can use the OWSM. It should be applied together with other Fusion Middleware products e.g. SOA Suite.
Use OEG in your DeMilitarized Zone (DMZ)
In case you only need security in your DMZ, then apply the OEG there. It has capabilities like intrusion detection, virus checking or message throttling, which is needed in the red zone.
End-to-End-Security
If you need end-to-end security you shoud use both! Place the OWSM in your private zone for using policies, monitoring and web service security. At the same time apply the OEG in your DMZ and use its functions against attacks from the outside (XML-Firewall and -Gateway). This combination will give you maximum security and gateway capabilities both in your private zone and your DMZ.
Donnerstag, 5. Juli 2012
EuGH-Urteil zum Weiterverkauf von Lizenzen
Interessanter Artikel zum Weiterverkauf von Lizenzen vom EuGH in der DOAG-News:
http://www.doag.org/home/aktuelle-news/article/download-software-koennen-laut-eugh-weiterverkauft-werden-doag-begruesst-das-urteil.html
http://www.doag.org/home/aktuelle-news/article/download-software-koennen-laut-eugh-weiterverkauft-werden-doag-begruesst-das-urteil.html
Donnerstag, 28. Juni 2012
OWSM - Part 2
This is part 2 of the OWSM presentation
Supported Standards
The Oracle WebServices Manager (OWSM) supports a lot of different standards concerning security, reliability, adressing and more. Some of the supported standards are:
- SOAP 1.2 (with attachements), MTOM
- WS-Policy 1.2
- WS-MEX (Metadata Exchange)
- WS-Reliable-Messaging 1.0
- WS-Security 1.1 and WS-Security-Policy 1.1
- UDDI
- JAX-WS Policy annotations
- ...
Assertions and Policy attachement
In the OWSM policies are made up of one or multiple assertions. These assertions are applied(used), when the corresponding policy was attached to the reference or service. The assertions are used for both the request and the reply.
Multiple policies can be attached or detached at design-time through JDeveloper context menu and property inspector. At run-time policies can be attached or detached through the Enterprise Manager. In this case a bulk attachment of policies to multiple services or clients is also possible.
Monitoring
OWSM collects a big amount of monitoring data and metrics for services, ports, and operations. You can also see the number of security violations (in case an authentication or an authorization failes). The monitoring data can be accessed with the Enterprise Manger in the corresponding composite (in the service or reference where the policy is attached).
Part 3 follows...
Supported Standards
The Oracle WebServices Manager (OWSM) supports a lot of different standards concerning security, reliability, adressing and more. Some of the supported standards are:
- SOAP 1.2 (with attachements), MTOM
- WS-Policy 1.2
- WS-MEX (Metadata Exchange)
- WS-Reliable-Messaging 1.0
- WS-Security 1.1 and WS-Security-Policy 1.1
- UDDI
- JAX-WS Policy annotations
- ...
Assertions and Policy attachement
In the OWSM policies are made up of one or multiple assertions. These assertions are applied(used), when the corresponding policy was attached to the reference or service. The assertions are used for both the request and the reply.
Multiple policies can be attached or detached at design-time through JDeveloper context menu and property inspector. At run-time policies can be attached or detached through the Enterprise Manager. In this case a bulk attachment of policies to multiple services or clients is also possible.
Monitoring
OWSM collects a big amount of monitoring data and metrics for services, ports, and operations. You can also see the number of security violations (in case an authentication or an authorization failes). The monitoring data can be accessed with the Enterprise Manger in the corresponding composite (in the service or reference where the policy is attached).
Part 3 follows...
Dienstag, 26. Juni 2012
OWSM - Part 1
Recently I held a presentation about Oracle WebServices Manager (OWSM). I will take the important parts of that and publish it here. I split it into several parts. This ist part 1.
Introduction to OWSM
OWSM is a solution for policy management and security of service infrastructure. The control of the policies is done through a centralized administration interface, the Enterprise Manager(EM). Servie-oriented architectures can be secured declaratively with the OWSM. It is a part of the Oracle SOA Suite – you cannot start or stop it and there is no extra development tool.
Features of OWSM
- The unified console for policy management and attachment is the Enterprise Manager
- Policy attachment at design-time happens through JDeveloper
- Built-in identity propagation for E2E security (autoamtic identity propation)
- Monitoring of the policies through Enterprise Manager
- Policy lifecycle management (versioning, activation and deactivation of policies)
- Use of OPSS-Services (OraclePlatformSecurityServices) possible
Policy Management of OWSM
- Types of policies: security-, reliability-, addressing-, management- and MTOM-policies are available
- Custom policies: You can create your own policies
- Pre-defined policies which can directly be used
- Policy advertisement in WSDL and/or WS-MEX (MetadataExchangeClient)
- possibility to generate client policies for existing web services
- Policy monitoring and auditing
- Policy impact analysis: Before making a change to a policy, the administrator uses Oracle EM to view all the web services endpoints attached to that policy and evaluate the effect of the change on attached - policies
- Policies can be exported and imported
- Policy versioning is possible
Part 2 will follow
Introduction to OWSM
OWSM is a solution for policy management and security of service infrastructure. The control of the policies is done through a centralized administration interface, the Enterprise Manager(EM). Servie-oriented architectures can be secured declaratively with the OWSM. It is a part of the Oracle SOA Suite – you cannot start or stop it and there is no extra development tool.
Features of OWSM
- The unified console for policy management and attachment is the Enterprise Manager
- Policy attachment at design-time happens through JDeveloper
- Built-in identity propagation for E2E security (autoamtic identity propation)
- Monitoring of the policies through Enterprise Manager
- Policy lifecycle management (versioning, activation and deactivation of policies)
- Use of OPSS-Services (OraclePlatformSecurityServices) possible
Policy Management of OWSM
- Types of policies: security-, reliability-, addressing-, management- and MTOM-policies are available
- Custom policies: You can create your own policies
- Pre-defined policies which can directly be used
- Policy advertisement in WSDL and/or WS-MEX (MetadataExchangeClient)
- possibility to generate client policies for existing web services
- Policy monitoring and auditing
- Policy impact analysis: Before making a change to a policy, the administrator uses Oracle EM to view all the web services endpoints attached to that policy and evaluate the effect of the change on attached - policies
- Policies can be exported and imported
- Policy versioning is possible
Part 2 will follow
Abonnieren
Posts (Atom)