Patterns for securing web services and web APIs

A session at Software Architect 2011

Wednesday 19th October, 2011

2:00pm to 3:30pm (GMT)

The service pattern is pervasive – either operation centric (aka SOAP) or resource centric (aka REST). The security challenges are the same in both worlds – authentication, authorisation and secure communication. Common scenarios are direct authentication (like passwords or client certificates) as well as brokered authentication where the identity provider is external (at least to the application). This talk walks through those common scenarios and shows the architectural and technical approaches to design and implement those services in a secure fashion.

About the speakers

This person is speaking at this event.
Christian Weyer

Co-founder of thinktecture, a company that helps software architects & developers to design & implement distributed solutions.

This person is speaking at this event.
Dominick Baier

A consultant at thinktecture and trainer for DevelopMentor, focusing on .NET security and WCF-based solutions.

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 2:00pm3:30pm GMT

Date Wed 19th October 2011

Short URL


Official event site


View the schedule



Books by speaker

  • A Guide to Claims-Based Identity and Access Control: Authentication and Authorization for Services and the Web (Microsoft patterns & practices)
  • Developing More-Secure Microsoft® ASP.NET 2.0 Applications (Pro Developer)

See something wrong?

Report an issue with this session