The Village at the Keystone Resort
Colorado Software Summit
Java and XML Programming Conference
October 26 – 31, 2003
Keystone Conference Center


Kelvin Lawrence – IBM Corporation

Making Web Services Secure: An Introduction

XML and SOAP need to have platform-neutral standards for security as they evolve. But what exactly is a "secure" Web service? Can there be any such thing as 100% security?

In this session we will introduce an approach to security based on seven common risks and their countermeasures. HTTPS gives good point-to-point security at the protocol level, but when the goal is end to end message security for XML messages we need to investigate a different approach.

Message-level security gets past limitations of protocol-level security. We'll survey existing and emerging standards like Kerberos, XML Signature and Encryption, SAML, XKMS and others, and look at the OASIS Web Services Security approach to unifying these and others for supporting secure Web services applications. We'll also discuss other key activities taking place in the Web Services security area.

Web Services Advanced Topics: Beyond SOAP, WSDL and UDDI

The basic technologies of SOAP, WSDL and UDDI form a powerful basis for an architectural solution for integrating application systems as well as a variety of other machine-to-machine conversations. But what about security, reliability, workflow between Web services partners? What are the emerging technologies for these and other considerations?

In this session we will survey the other emerging technologies for building enterprise Web services applications. We will briefly review the status of the more established Web services technologies, and then present the very latest announced technologies, and have a look where this is heading in the future. We will also discuss work going on at WS-I to develop profiles for Web services.

Note that we will only briefly touch on security in this session, as an entire session has been devoted to the topic of Web services and security.

Picture of Kelvin Lawrence

Kelvin Lawrence is IBM's CTO of Dynamic e-business Technologies, based in Austin, Texas. Kelvin is also an IBM Distinguished Engineer and a member of the IBM Academy of Technology. He is currently focused on the advancement and deployment of Web Services technologies. One current focus is the addition of security technologies to Web Services. Kelvin is the co-Chair of the Web Services Security Technical Committee at OASIS. Prior to this Kelvin was IBM's CTO for XML Technology. In that role Kelvin was focused on the development and deployment (in IBM products and services offerings) of XML technology (including parsers, style sheet engines and web services components).

Previously Kelvin was heavily involved in the prototyping and development of several projects based on Java™ Technology and more recently XML based technologies. Kelvin has also been heavily involved in the definition of internet standards and was the IBM representative to the World Wide Web Consortium (W3C) Scalable Vector Graphics (SVG) 1.0 working group, which defined the industry standard XML grammar for transmitting graphical documents over the internet. In the last three years Kelvin has worked extensively with XML and Java and other emerging technologies and has spent a lot of time teaching and lecturing on topics such as XML, Java programming computer graphics, user interfaces and e-business.

Kelvin has been very active in the XML community and he chaired the XML One conferences in London in 2000 and 2001 Kelvin's background and prior work focus is in the area of computer operating systems with a particular focus on graphical user interfaces and computer graphics subsystems. Kelvin has written numerous articles on a variety of related topics and has presented programming lectures all over the world and is currently co-authoring a book on SVG to be published later this year by Manning Publications.

Kelvin has filed in excess of 75 patents in areas such as computer operating systems, mobile devices, and human computer interfaces that have been filed in the United States and elsewhere. Kelvin has also been recently recognized as an IBM Master Inventor.

Kelvin has been with IBM in a variety of differing roles since 1986. He was born, raised and educated in England. He joined IBM UK in 1986 working at the Hursley Laboratory. He transferred full time to the United States in 1990. Kelvin holds an Honours degree in Computer Science from Brighton University in England.

Outside of work Kelvin enjoys spending time with his family and playing as many different sports as he can including football (the English kind), cricket (which is hard to play in Texas), golf, tennis and snooker. He also enjoys traveling (which is good because his job often has him on the road) taking photographs, watching movies (often on his laptop while traveling) and reading books.



* Return to Top *

© 1997 – 2003  Kovsky Conference Productions Inc.  All rights reserved.