Many large companies now rely on Web Services and Service-Oriented Architectures to integrate applications, both within the enterprise and with trading partners. Traditional layer 4 firewalls do not offer the kind of HTTP payload inspection required to protect a Web Service, and Java-based SOA implementations are too inefficient to provide security on high-volume SOAP traffic. Cisco addresses these problems with a dedicated hardware appliance, the ACE XML Gateway.
In this talk I will describe how Cisco customers are using the ACE XML Gateway to provide centralized authentication, authorization, and threat protection to their Service-Oriented Architectures (SOA). Key features include SOAP-to-Message Bus protocol mediation, tamper-evident logging, and high-performance implementation of web services security specifications (SAML, WS-Security, XML Signature). I'll also discuss our forthcoming Web Application Firewall and how it will protect against browser-related attacks such as cross-site scripting.
William Walker practices and advocates agile programming and object-oriented architecture in the XML Engineering group at Cisco Systems. Prior to that he worked at Reactivity, Xerox Palo Alto Research Center (PARC), and Apple Advanced Technology Group (ATG). In 1994, he earned a Ph.D in Computer Science from the University of Illinois at Urbana-Champaign. His dissertation was entitled "An object-oriented framework for musical improvisation."