The service pattern is pervasive – either operation centric (aka SOAP) or resource centric (aka REST). The security challenges are the same in both worlds – authentication, authorisation and secure communication. Common scenarios are direct authentication (like passwords or client certificates) as well as brokered authentication where the identity provider is external (at least to the application). This talk walks through those common scenarios and shows the architectural and technical approaches to design and implement those services in a secure fashion.
Co-founder of thinktecture, a company that helps software architects & developers to design & implement distributed solutions.
A consultant at thinktecture and trainer for DevelopMentor, focusing on .NET security and WCF-based solutions.
Sign in to add slides, notes or videos to this session