Welcome!

Weblogic Authors: Yeshim Deniz, Elizabeth White, Michael Meiner, Michael Bushong, Avi Rosenthal

Blog Feed Post

Architectural Patterns for XML Gateways

What a week! I didn't get stuck anywhere - except for snowed in at home - but it was really busy. I did have the pleasure of ending the week briefing a group of really smart architects and pre-sales people on the Vordel Gateway.




















When talking about the gateway, it is easy to get into the weeds of does it support this crypto accelerator or this version of the WS-SecureConversation spec, or this version of some 3rd party I&AM product. For this particular audience I was trying to get to the essence of how customers deploy this technology. Here's my architectural taxonomy for XML Gateways.

  • Super PEP - The super/uber policy enforcement point. This is the way that XML Gateways are traditionally deployed. The idea here is that it can enforce any type of policy you can image - WS-Security, Authorization (XACML), SLA Policy, Routing Policy, XML Threat Policy... This is of course a very solid model for the gateway, and the way that most people think of it.
  • Security Services Platform - There has been a lot of talk about reusable security services for a long time. It was how we originally sold WLES/ALES/OES. The Oracle Platform Security Services - OPSS - has picked up some of that same flavor - and the concept is a good one. Let's have a set of security services that can be called from a central location. There are standard interfaces like SAML, XACML, WS-Trust, SPML etc, but how do you actually go build that into an enterprise? XML Gateway to the rescue. I think of this model as turning the gateway on its "side". Basically, the gateway has the ability to expose these WSDLs, and it has integration with all of these 3rd party I+AM vendors like Oracle/Sun, CA, Tivoli, RSA - as well as various LDAPs - that constructing these services is very straight forward. The gateway today has the ability to be an WS-Trust end-point, CRL endpoint as well as exposing an XML Encryption/Decryption and XML Signing/Validation service. Its a simple exercise to extend this model to any API - standard or otherwise. Furthermore, since the Vordel XML Gateway has very fast XML and crypto processing, the services will perform and scale.
  • Cloud Service Broker - This is like you take the XML Gateway and flip it around. Mark O'Neill talked about this convergence between XML Gateways and Cloud Services on his blog. I like the architectural symmetry. By flipping it over, you mediate access to services in the cloud. The Vordel XML Gateway is really good at protecting things like API keys - to avoid the issue of having everyone in the enterprise have unfettered access to the company's storage cloud. The distributed caching capabilities of the Gateway can help in cloud scenarios in two way. First of all, caching boosts performance - no need to go to the cloud to get that file, if the gateway has a recent cached copy. The second is that it can save firms money by optimizing calls to cloud services. In the storage example, this eliminates unnecessary GETs. In a transactional example, some provides give better rates for bulk operations, so the requests can be queued in the cache, and then sent en masse, again saving money.
These three architectures provide a simple way of summarizing the capabilities of the Vordel XML Gateway. Like any pattern, they can be used in conjunction with each other. For example, you could put the Super PEP in-front of the Security Services Platform or have the Security Services Platform call the Cloud Service Broker (off site authentication via cloud). As I continue to work with customers, and learn more about how they are using the gateway, I'll be sharing more of these patterns.

Read the original blog entry...

More Stories By Josh Bregman

Josh Bregman has over 15 years experience architecting Java and JEE based security and identity management solutions. Josh is the Chief Solutions Architect at Vordel where he leads up the North American Pre-Sales team. Prior to Vordel, Josh worked for three years at Oracle as a Consulting Solutions Architect at where he advised Oracle and its key customers on technology, architecture, and implementation best practices. Prior to joining Oracle, Josh worked at BEA Systems for 3 years as the Enterprise Security Specialist for the Americas. In this role, Josh worked with customers to develop security solutions for WebLogic Server and related BEA technologies. Before joining BEA, Josh worked at Netegrity/CA for 5 years where he designed and developed a number of Java based security products, including IdentityMinder and SiteMinder Application Server Agents for BEA WebLogic Server and IBM WebSphere.Josh has also held engineering positions at GTE/Verizon Labs and IBM Global Services. Josh received a B.A. in Mathematics from the University of Rochester. Josh and had spoken at a number of industry conferences including the RSA Security Conference, BEA World and Oracle Open World. Josh was a contributing author to Wiley's Professional Oracle WebLogic Server (2009). He is a lead contributors and architect of the OpenAz open-source project - an initiative to standardize and promote the adoption of externalized authorization. He is also the author of the Vordel XML Gateway blog at http://xmlgateway.blogspot.com.

@ThingsExpo Stories
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere delivers a more modern architectural approach to storage that doesn't require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbui...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
Digital transformation is changing the face of business. The IDC predicts that enterprises will commit to a massive new scale of digital transformation, to stake out leadership positions in the "digital transformation economy." Accordingly, attendees at the upcoming Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA, Oct 31-Nov 2, will find fresh new content in a new track called Enterprise Cloud & Digital Transformation.
Amazon is pursuing new markets and disrupting industries at an incredible pace. Almost every industry seems to be in its crosshairs. Companies and industries that once thought they were safe are now worried about being “Amazoned.”. The new watch word should be “Be afraid. Be very afraid.” In his session 21st Cloud Expo, Chris Kocher, a co-founder of Grey Heron, will address questions such as: What new areas is Amazon disrupting? How are they doing this? Where are they likely to go? What are th...
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, will discuss how given the magnitude of today's applicati...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp emp...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
SYS-CON Events announced today that SkyScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SkyScale is a world-class provider of cloud-based, ultra-fast multi-GPU hardware platforms for lease to customers desiring the fastest performance available as a service anywhere in the world. SkyScale builds, configures, and manages dedicated systems strategically located in maximum-security...
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant th...
SYS-CON Events announced today that Avere Systems, a leading provider of hybrid cloud enablement solutions, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere Systems was created by file systems experts determined to reinvent storage by changing the way enterprises thought about and bought storage resources. With decades of experience behind the company’s founders, Avere got its ...
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. ANSeeN are the measurement electronics maker for X-ray and Gamma-ray and Neutron measurement equipment such as spectrometers, pulse shape analyzer, and CdTe-FPD. For more information, visit http://anseen.com/.
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, will discuss how by using...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japanese Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ruby Development Inc. builds new services in short period of time and provides a continuous support of those services based on Ruby on Rails. For more information, please visit https://github.com/RubyDevInc.
As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere. In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats th...