Category Archives: Security

Biometrics enabled Single Sign-On (SSO) using SAML

Last week, I was at Biometric Consortium Conference 2006 to present “Biometric Single Sign-On using SAML: Architecture and Design Strategies” and demonstrate one of my favorite topic of interest – Stronger authentication solution that combines “Web Access Management/SSO/Federation” using “Biometrics”.  I used my previous JAAS Module integration work between Sun Java System Access Manager 6.x (SunONE Identity Server) and BioBex… Read more »

Java Security at BU

      No Comments on Java Security at BU

This week, I had the opportunity to deliver a two-hour indepth session on Java Security Architecture at Boston University.  I tried my best to drill-down to the nitty-gitty details of security in Java runtime environment – offcourse, I picked most of the content from my book. It was a long session with a 15-min break..I am glad that I did’nt… Read more »

Security Patterns @Information Security Conf. NY

After long time, last week Chris and I joined together at Newyork for presenting a session on “Security By Default” at “Information Security Conference – 2006”.  The overall attendance in the conference was’nt great…. but we did have some participation in our session.  Chris and I did’nt forget to have fun especially the good food and drinks at couple of… Read more »

I am a CISSP now.

      No Comments on I am a CISSP now.

Couple of months ago, I went to present “Core Security Patterns” at an SI partner… I was pushed to answer a question, whether obtaining CISSP certifications worths it or not. It was embarrassing to me as I did’nt care to take this exam although my co-author passed this exam a while ago.  I rushed to register for this exam with… Read more »

Meet us at JavaRanch

      No Comments on Meet us at JavaRanch

This week, Chris and I will be participating in JavaRanch online discussion forum to share our Core Security Patterns work and answer questions from the JavaRanch developer community particularly those with SECURITY focus.  The discussion will start Tuesday, January 10th 2006 and end on Friday January 13th 2006. As a surprise, We’ll be selecting four random posters in this forum… Read more »

MSDN praises Core Security Patterns :-))

      No Comments on MSDN praises Core Security Patterns :-))

This morning, a friend of mine forwarded a note by Jimmy Nilsson (a Microsoft Patterns Guru) about “Core Security Patterns”, at http://msdn.microsoft.com/architecture/.  It is truly a pleasant surprise… Jimmy Nilsson, Microsoft solution Architect writes… I have been asked a couple of times about a book about security patterns when I have given my patterns course. I’m afraid I really can’t… Read more »

Belgium eID Authentication for Web SSO and Sun Ray Desktop Authentication.

Last 3 weeks, been so hectic…the days were faster than light,  I was pulling my-hair-out on a critical proof-of-concept that requires demonstrating Web Single Sign-on (via Sun Java System Access Manager) using PKI/Digital certificate credentials (from Belgian eID) and then enable Smartcard PKI based Desktop authentication/Session Mobility using Sun Rays. The secret sauce on this architecture is using OpenSC PAM… Read more »

Our show at RSA…

      No Comments on Our show at RSA…

We did two panel sessions at RSA Conference, SFO last week – Both were well received.  Here is the links to the slides that we used to present  “Core Security Patterns” in the sessions. RSA 2005 Panel – Building End-to-End Security for XML Web Services: Applied Techniques, Patterns and Best Practices Security Patterns and Best Practices for J2EE, Web Services… Read more »