Blake Dournaee, Product Manager, Intel SOA Products

Blake is currently the product manager responsible for Intel SOA products. As a product manager at Sarvega, he was deeply involved in the development of their flagship XML security, routing and acceleration appliance products. Blake was a specialist in applied cryptography applications at RSA Security and was a frequent speaker at many RSA conferences throughout the US and Europe.

Blake is an established author who wrote the first book on XML Security and co-authored SOA Demystified from Intel press.

Presentation: "Architecting the Ultimate Control Point- Advanced Cyber Threat Mitigation"

Track: Solutions Track: Performance and Scalability

Time: Thursday 16:50 - 17:50

Location: City Room

Abstract:

Today’s architects and developers need to learn a new set of skills that enable projection of enterprise security policy beyond the network edge. These skills must combat external threats and include mastery of token exchange, service virtualization, and policy enforcement. In this session, Intel security expert Blake Dournaee describes each of these disciplines and how they can be applied using a security control point called a Service Gateway that spans .Net and/or Java based platforms on-premise or in the cloud. After outlining the basics, Blake constructs a sample Web Services threat model to show how access control and SAML can mitigate spoofing and elevation of privilege attacks. Then to deal with injection and snooping threats, Blake outlines content validation and encryption controls that must be applied. The end result demonstrates how to decouple security logic from application servers to create, manage and enforce security policies using a Service Gateway.

Topics covered:

REST to SOAP mediation to put a secure RESTful façade on a SOAP service
Security policy construction
Building connectors to popular Cloud or SaaS platforms
Firewalling and content attack prevention
SAML Token Service validation and Digital Encryption