Architecting SOA Securely

When:  Feburary 19, 2009 (12:00 noon)
Where: Terminal City Club (837 West Hastings St.)
Cost: $35 non-members, $25 ISSA members, and $20 students
RSVP: (space is limited)


Speaker: K. Scott Morrison (Layer 7 Technologies)

SOA is not just a methodology for integrating systems and data; it is also a means of integrating diverse legacy security models. It is therefore critical to give security a commanding role in any SOA project. Identity, confidentiality, integrity, audit, key management, and reliability are all critical aspects of SOA that you must consider upfront for the architecture to succeed. This talk is about recognizing that SOA is an opportunity to make distributed computing more secure from the beginning. We will discuss how existing security models can be integrated and adapted, preserving costly investments. You will learn how to apply security design patterns, such as defense-in-depth, to build partitioned zones of trust within a SOA. An examination of how identity federation works in SOA will suggest how you can construct SOAs to accommodate complex and evolving organizational relationships. Finally, we will evaluate the impact of new standards and emerging infrastructure in the modern, secure SOA

Speaker Bio:

K. Scott Morrison is the VP of Engineering and Chief Architect at Layer 7 Technologies, where he is leading a team to develop the next generation of security infrastructure for Web services. An architect and developer of highly scalable, enterprise systems for over 15 years, he has extensive experience across industry sectors as diverse as health, travel and transportation, and financial services. Scott has also been a Director of Architecture and Technology at Infowave Software, a maker of wireless security and acceleration software for mobile devices, and held senior architect positions with IBM. Before shifting to the private sector, he spent a number of years at the world-renowned medical research program of the University of British Columbia, studying neurodegenerative disorders using medical imaging technology. Scott is a dynamic and highly sought-after speaker. He has published over 50 book chapters, magazine articles, and papers in medical, physics, and engineering journals. He is the recent co-author of Java Web Services Unleashed and Professional JMS. Scott is an editor of the WS-I Basic Security Profile, as well as a co-author of the WS-Federation specification. His current interests are in Web services security, secure mobile computing, grid systems, and enterprise system architectures.

On-site registration and networking begins at noon, and lunch will be served at approximately 12:15. The presentation will run from 1:00pm to 2:00pm, to be followed by an open discussion forum. Members and non-members of the ISSA are welcome but space is limited. Cost for the event is $35.00 for non-members, $25.00 for ISSA members and $20.00 for students payable in advance at our web site using PaypalŪ, or at the door in cash or by cheque payable to “ISSA Vancouver”. RSVP to to guarantee your seat. Please note that we require 72 hours notice of any cancellations, or you will be invoiced for the event since we are required to finalize the food orders.

Please note that the TCC has a business-casual dress code, and contact us in advance if you have special dietary requirements or would like wheel chair accessible parking so that we can make the necessary arrangements on your behalf.

James Crooks: (604) 806-7027.