Kelvin Lawrence IBM
Making Web Services Secure: An Introduction
XML and SOAP need to have platform-neutral standards
for security as they evolve. But what exactly is a "secure" Web service? Can
there be any such thing as 100% security?
In this session we will introduce an approach to
security based on seven common risks and their countermeasures. HTTPS gives
good point-to-point security at the protocol level, but when the goal is end to
end message security for XML messages we need to investigate a different
Message-level security gets past limitations of
protocol-level security. We'll survey existing and emerging standards like
Kerberos, XML Signature and Encryption, SAML, XKMS and others, and look at the
OASIS Web Services Security approach to unifying these and others for
supporting secure Web services applications. We'll also discuss other key
activities taking place in the Web Services security area.
Web Services Advanced Topics: Beyond SOAP, WSDL and
The basic technologies of SOAP, WSDL and UDDI form a
powerful basis for an architectural solution for integrating application
systems as well as a variety of other machine-to-machine conversations. But
what about security, reliability, workflow between Web services partners? What
are the emerging technologies for these and other considerations?
In this session we will survey the other emerging
technologies for building enterprise Web services applications. We will briefly
review the status of the more established Web services technologies, and then
present the very latest announced technologies, and have a look where this is
heading in the future. We will also discuss work going on at WS-I to develop
profiles for Web services.
Note that we will only briefly touch on security in
this session, as an entire session has been devoted to the topic of Web
services and security.
Kelvin Lawrence is IBM's
CTO of Dynamic e-business Technologies, based in Austin, Texas. Kelvin is also
an IBM Distinguished Engineer and a member of the IBM Academy of Technology. He
is currently focused on the advancement and deployment of Web Services
technologies. One current focus is the addition of security technologies to Web
Services. Kelvin is the co-Chair of the Web Services Security Technical
Committee at OASIS. Prior to this Kelvin was IBM's CTO for XML Technology. In
that role Kelvin was focused on the development and deployment (in IBM products
and services offerings) of XML technology (including parsers, style sheet
engines and web services components).
Previously Kelvin was heavily involved in the
prototyping and development of several projects based on Java Technology
and more recently XML based technologies. Kelvin has also been heavily involved
in the definition of internet standards and was the IBM representative to the
World Wide Web Consortium (W3C) Scalable Vector Graphics (SVG) 1.0 working
group, which defined the industry standard XML grammar for transmitting
graphical documents over the internet. In the last three years Kelvin has
worked extensively with XML and Java and other emerging technologies and has
spent a lot of time teaching and lecturing on topics such as XML, Java
programming computer graphics, user interfaces and e-business.
Kelvin has been very active in the XML
community and he chaired the XML One conferences in London in 2000 and 2001
Kelvin's background and prior work focus is in the area of computer operating
systems with a particular focus on graphical user interfaces and computer
graphics subsystems. Kelvin has written numerous articles on a variety of
related topics and has presented programming lectures all over the world and is
currently co-authoring a book on SVG to be published later this year by Manning
Kelvin has filed in excess of 75 patents in
areas such as computer operating systems, mobile devices, and human computer
interfaces that have been filed in the United States and elsewhere. Kelvin has
also been recently recognized as an IBM Master Inventor.
Kelvin has been with IBM in a variety of
differing roles since 1986. He was born, raised and educated in England. He
joined IBM UK in 1986 working at the Hursley Laboratory. He transferred full
time to the United States in 1990. Kelvin holds an Honours degree in Computer
Science from Brighton University in England.
Outside of work Kelvin enjoys spending time
with his family and playing as many different sports as he can including
football (the English kind), cricket (which is hard to play in Texas), golf,
tennis and snooker. He also enjoys traveling (which is good because his job
often has him on the road) taking photographs, watching movies (often on his
laptop while traveling) and reading books.