Hi!

The security principle of minimizing your attack surface (Writing Secure 
Code, 2nd Ed.) is all about minimizing open sockets, rpc endpoints, 
named pipes etc. that facilitate network communication between 
applications. Web services and Service Oriented Architecture on the 
other hand are all about exposing functionality to offer interoperability.
    Have any of you had discussions on the seemingly obvious conflict 
between these things? I would be very happy to hear your conclusions and 
opinions!

    Regards, John

____________________________
John Wilander, PhD student
Computer and Information Sc.
Linkoping University, Sweden
http://www.ida.liu.se/~johwi
_______________________________________________
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php

Reply via email to