When it comes to application security, Secure coding is the first line of defense….and it is very critical to follow the best practice patterns and avoid pitfalls to secure the application from known risks and vulnerabities. The Java Security team has just released the updated – “Secure Coding Guidelines for the Java Programming Language, Version 3.0“ . Certainly it included a newer set of fundamentals and enhanced set of secure coding guidelines.
A must have URL for your quick reference…if you are a security conscious developer !
Time flies..it is amazing to know, yesterday marked the 15th anniversary of Design Patterns: Elements of Reusable Object-Oriented Software by Gang of Four (Erich Gamma, Richard Helm, Ralph Johnson and John Vlissides), a seminal work in object-oriented software design and development that changed the way how we think and solve software implementation problems. In simpler terms., Design patterns is all about adopting to proven solutions evolved from prior experiences and the known bestpractices/pitfalls without ending up reinvent the wheel ! In my experience, using design patterns helped understanding the architecture and design the software right at the first attempt and resulting reusable code artifacts – easier to reuse with subsequent design and development process.
When Chris and I started our security patterns work… unthinkably..the GoF patterns and its core principles has always been our primary source of guidance for evolving the Security Patterns catalog. With 14+ years passed by, the Design patterns book has never gone out off my sight and always remained in my reaching distance… when so many other books collecting dust in my shelf ! Now, my shameless promotion… about celebrating the 15th anniversary of Design Patterns - Prentice Hall/Addison Wesley is bringing out a series of interviews (featuring GoF and others), articles and takes this opportuntity to further influencing the relevance of Design patterns books with 30% off on the cover price.. Here you go:
Couple of days ago, I presented “Patterns-driven Security Design” at an event hosted by “New England Java User Group” at Sun Burlington campus.The participants were outstanding, I had quite a lot of good questions…. and by the time I left the building it was 10:00 PM.
It was quite inspiring event as this is first time I presented the complete set of security patterns to a lively audience – who interacted as I flipped thru’ my slides.
I put the slides up here for your on-demand viewing pleasure… Enjoy.
Unfortunately, We had less time for Q & A sessions and we did’nt have short answers to those real long questions on WS-* standards..especially its roadmap and God knows when some of them will be ratified as real standards. We certainly don’t blame OASIS for that process !!