Mobile APIs for Healthcare

February 26, 2013 — soaexpressway

Next week I am participating in a webinar called Mobile Optimized Healthcare API Programs, from a technical perspective we’ll be looking at some interesting integration between Intel’s Security Gateway and Mashery. From a healthcare standpoint, the discussion looks at what new kinds of use cases are possible in this ecosystem.

For as much hype that financial services and other sectors get vis a vis security, the healthcare security problem set really is harder than the rest. At the same time, there are dramatic benefits from enabling mobile integration for healthcare, it benefits your number one asset: you. Whether its Fit Bit, Nike+, or just healthcare pros with iPads, mobile is uniquely suited to health and wellness related applications. But what is missing is APIs and integration to deliver on the use cases.

The webinar looks at the following concerns:

  • Gateway security patterns to safely repackage legacy data and services as APIs – in short enable access not attackers.
  • How to construct, share, and promote APIs to developers using API workshops and branded portals – make it easy for developers to do things right
  • How to build a mobile-optimized back end that securely exposes enterprise assets via standard internet protocols (e.g. OAuth & JSON) – what comprises the mobile DMZ? How is it similar and different than a plain, old Web DMZ?

As much as I enjoy middleware, security and protocols, what is most interesting about healthcare is the new types of use cases that bring all the technology together. I guess that is as it should be. Still as a technologist its neat to see after all these years that Web services and Secuity Gateways play a leading role in the leading edge technology deployments today.

Making a Mobile DMZ is subtly different than old school Web DMZs. Most of the principles remain the same but the implementation is different. In addition, there are new concerns to handle such as session management, token resolution and asynchronous protocols which function differently on mobile apps than web. In the webinar, we’ll do a deep dive on these topics and what it might mean for your organization

By Gunnar Peterson – this post originally appeared on the 1Raindrop blog

Posted in App Security & APIs, Events. Leave a Comment »

Enterprise Mobile Applications at Apps World

February 14, 2013 — soaexpressway

Apps World Focus on Enterprise Mobile Applications

My team attended Apps World in San Francisco last week.  The show almost could have been called “Mobile Middleware World”.  It was clear that we’re not the only ones who think 2013 will be the year of the Enterprise Mobile App.  While the conference had plenty of independent developers and consumer-oriented tools, many of the folks stopping by our booth were focused on the enterprise.  We received several questions about our solutions for enterprise mobile applications and API management.  API providers were also bridging the gap between consumer- and enterprise-grade services, with talks and demos both days from StackMob, eBay, Box, and SendGrid.

Intel is a Software Company?

We received a number of questions related to our API management products.  Once we got past the initial question of “Intel is a software company?“, it was clear that our vision for mobile middleware is well-aligned with what developers of enterprise mobile applications are seeking.  We received positive feedback on the end-to-end capability we offer:

  • Secure and robust API management on the back end
  • Best-in-class API discovery and developer onboarding through our connection to the Mashery portal
  • HTML5 and Appcelerator provide flexible app development on virtually any device.

Digital Payments and Enterprise Mobile Applications

One of the bigger trends I saw had to do with digital payment systems.  This is a rapidly-evolving area, with virtual currency moving from games into other apps, potentially expanding into enterprise mobile applications.  Other payment systems, such as digital wallets and P2P, seemed to be top-of-mind as well.  It’s clear that mobile application and API security will be critical for success, regardless of which standards win out in these areas.

Building the Enterprise Mobile Application Factory

Also in our booth, Kin Lane gave a very popular talk on Building the Enterprise Mobile Application Factory.  If you missed his talk, it is available online.  Our HTML5 development talk was also very well-received, with many participants signing up right away for our cloud-based HTML5 developer tools.

It is shaping up to be an exciting year for us in the enterprise mobile applications and API management space.  Apps world was just the beginning.  For more information, stay tuned to this blog, follow us on twitter at @IntelAPIGateway, download our whitepaper on API Patterns for Cloud & Mobile, or check out some of our mobile middleware tutorials.

Posted in App Security & APIs, Events. Leave a Comment »

Enterprise Mobile App Strategies

January 22, 2013 — soaexpressway

This Thursday, I will be presenting a webinar with Forrester covering 4 Building Blocks to Mobilize Your Enterprise App Strategy.  As we prepared for this talk, Mike and I talked about a few trends that are emerging in response to the BYOD-driven growth of enterprise apps.  First, the pervasive 3-tier hosting architecture we all know and love may not be the best fit for hybrid or native applications, but the industry doesn’t seem to have bottomed out on what to call the new model(s) that will replace 3-tier.  Second, while it would be nice to throw out all of the legacy baggage we’re carrying around with us, the reality is that we need to securely integrate new technologies with legacy services in order to provide the best possible mobile enterprise experience.  Finally, with a stable and secure set of APIs in place, developers are looking to SDKs that can streamline multi-platform development.

In Thursday’s webinar, we’ll look at how mobile middleware is enabling native applications to access data through APIs, signaling an evolution from traditional 3-tier architectures.  We’ll also talk about how REST/JSON APIs are being integrated with SOAP services and other data sources to create composite applications.  Click here to sign up for the webinar, and stay tuned for our “Mobile Middleware Buyers Guide” that takes a closer look at some of the building blocks for enterprise app mobilization.

Posted in Events. Tags: , , . Leave a Comment »

What You Need to Know about API Security

April 27, 2012 — soaexpressway

Since the growth of APIs “hockey-sticked” around 2005, the proliferation of web-based APIs has spanned every industry and vertical from e-commerce to map services to enterprise. APIs like that of Twitter, Amazon, and Netflix garner billions of API calls every day, and these represent just a few of the more visible.  With this rapid growth, on the order of 300-400 new APIs arriving each month, security is an ever-increasing concern.  Enterprise focused, SaaS based APIs are among the fastest growing segments, and in light of this, securing company assets and Data Loss Prevention are paramount.  The perimeter of enterprise networks has become amorphous as workflows increasingly leverage platforms and applications beyond the firewall.  So what does that mean for your organization’s security?

Attend our May 10th webinar featuring Intel, McAfee, and tech analyst & CTO, Dan Woods for an advanced perspective on what you should do to ensure API Security, specifically as related to Authentication, DLP, and Validation Controls.

 For more information about Intel Expressway Service Gateway — with free webinars, tutorials and expert blogs on securely exposing Web Services in the Cloud, please visit us at: www.intel.com/go/identity

Posted in Announcements, Events. Tags: , , , , , , , , . Leave a Comment »

Webinar: Applying Strong Authentication and Data Loss Prevention to Collaborative File Sharing (April 26)

April 17, 2012 — soaexpressway

Join us for what will be a very informative webinar on Applying Strong Authentication and Data Loss Prevention to Collaborative File Sharing

April 26th 2012 – Time: 10:00 AM PDT, 1:00 PM EDT

> Register Now

Employees love the convenience and utility of collaborative file sharing applications like Box. Sharing contracts, graphics/video files, or other corporate content using a cloud-based service empowers users to share information directly with external partners-outside traditional enterprise security controls.

While you want to encourage productivity, you also need a strategy that addresses how you’re going to control access to file sharing applications and inspect data before it leaves the enterprise.

In this webinar Intel, McAfee and Box join forces to discuss how your sensitive content can be protected throughout the collaboration life cycle—from access and upload to download and distribution.

You will learn:

  • Overview of typical file sharing use cases and workflows
  • Streamlining access for users
  • Tying federated authentication to corporate ID stores
  • Adding 2nd factor strong authentication for sensitive document security
  • Blocking sensitive files from upload
  • On-prem, 100% in the cloud, and hybrid SaaS access options

As a bonus, all attendees will be eligible to receive a free enterprise trial account from Box.

 

 

 

 

 

For additional information, please visit www.intel.com/go/identity

 

 

Posted in Events. Tags: , , , , , , , , , , , , , , . Leave a Comment »

March 29th Analyst Webinar – Identity and Access Management in the Cloud: Real or Mirage?

March 8, 2012 — soaexpressway

 

 

 

 

Traditional IAM solutions have not kept pace with cloud innovation and new approaches to identity and access management are gaining ground. Should you move your IAM infrastructure to the cloud? What is the role of related standards? These and more questions will be addressed in a free webinar “Identity & Access Management in the Cloud: Real or Mirage?”, hosted by Intel and industry analyst firm KuppingerCole on March 29, 2012 at 10:00 AM Pacific (1:00 PM Eastern, 7:00 PM CEST).

In this webinar KuppingerCole Sr. Analyst Dave Kearns will discuss the benefits and challenges of moving use identities to the cloud. Vikas Jain, Director of Product Management at Intel, will follow with an overview of Intel Cloud SSO, Intel’s newest identity and security solution for the cloud. Click here to register for this informative event.

Posted in Events. Tags: , , , , , , , . Leave a Comment »

RSA 2012 Interview with Andy Thurai, Chief Architect of Intel’s Application Security & Identity Products Group

March 6, 2012 — soaexpressway

Watch this interview between Tom Field and Intel Application Security & Identity Products Group, Chief Architect Andy Thurai.  Andy talks about API management and the attendant issues including security, management, auditing, metering, monitoring and monetization.

You’ll hear Andy talk about Social APIs vs other APIs, as well as how Intel is providing mobile enablement. Andy talks about a platform that is technology, security, and identity agnostic, so that when messages are sent to a hosted app or a partners app, one has the appropriate mechanism to consume those messages coming in from mobile devices. Listen to Andy talk about Intel’s latest announcement made at RSA, about Cloud SSO  — visit www.intelcloudsso.com for more information.

RSA 2012 Andy Thurai Interview

RSA 2012 Interview with Andy Thurai

Posted in Announcements, Events. Tags: , , , , . Leave a Comment »

Intel introduces IAM as-a-service for cloud apps

March 1, 2012 — soaexpressway

Intel Cloud SSO LogoAt the RSA conference 2012 this week, we’re excited to introduce a new cloud service “Intel Cloud SSO” for Enterprises to provide Identity and Access Management (IAM) for cloud applications from the cloud. The service runs on Salesforce’s Force.com platform as-a-service (PaaS), and offers secure seamless single sign-on access to 100+ SaaS applications through pre-built connectors. End users have to remember just one password to login into the service’s SSO portal, from where they can launch all the applications they are allowed to access. This single sign-on experience eliminates password sprawl, improving security and user productivity. To help Enterprise IT deal with on-boarding/off-boarding of users, the service includes role based automated provisioning/de-provisioning of user accounts into cloud apps.

Intel Cloud SSO service is the cloud version of the Intel Expressway Cloud Access 360 (Intel ECA 360) on-premise software which was released during last year’s RSA conference 2011. We’ve implemented “Freedom Licensing” for both products that allows customers to use either Intel Cloud SSO or Intel ECA 360, or both, for the same license fee, providing ultimate flexibility to our customers.

The service provides enhanced security and improved IT controls by:

  • Including One-time Password based step-up authentication when accessing secure cloud apps. The built-in One-time Password technology supports mobile soft-tokens through a downloadable mobile app.
  • Customers using Intel Ultrabook client devices to access cloud applications can leverage the service’s seamless trusted device authentication by integrating with Intel Identity Protection Technology.
  • Including policies that IT can use to restrict access to cloud apps based on various contextual elements such as: which mobile device the user is accessing from, accessing from corporate network or not, etc.
  • Customers can use their corporate identity store (such as Active Directory) and Kerberos to authenticate into service’s SSO Portal, thereby eliminating even the password required to sign in to the service’s SSO portal.

Do I need to be an IAM expert to use it?

No. When we were building Intel Cloud SSO, we laid out basic tenet for the service – keep it simple. Anybody should be able to configure and use it, and shouldn’t require special skills. Having worked with other IAM systems in the past, this wasn’t an easy goal to achieve …

How can I get access to the service?

Currently, the service is in a Beta phase. You can apply for Beta by visiting www.intelcloudsso.com.

Is it available through McAfee?

McAfee (an Intel company) already sells Intel ECA 360 software as McAfee Cloud Identity Manager under the McAfee Cloud Security Platform (read post), and plan to include this service in its portfolio later this year.

Vikas Jain is Director of Product Management at Intel Corporation responsible for Cloud Identity and Security Products. You can follow him on Twitter @VikasJainTweet

Posted in Announcements, Events. Tags: , , , , , , , , , , , , , , , . Leave a Comment »

Visit Intel at HIMSS 2012

February 17, 2012 — soaexpressway

As HIMSS 2012 approaches  (Feb 20-24 at the Venetian Sands Expo Center in Las Vegas), we’d like to give you the opportunity to sign up for complimentary Intel workshops.

You’ll have a chance to discuss critical healthcare IT challenges and opportunities with industry experts, and to encounter leading-edge solutions and practice models from security to mobile to cloud.
Simply go to the link below, where you can review abstracts and use our easy tool to select the free workshops you’d like to attend.

If you can’t make all of the sessions, make sure not to miss a review of the standardized reference architecture proposed by VisionWare* and Intel for secure, scalable master data management, using the Intel® Expressway Service Gateway and the VisionWare MultiVue* products.

The Need for Secure, Scalable State Healthcare Registries

Tuesday, February 21
9:00am – 10:00am

Read Abstract & Register

At the next session, following an overview of  Healthcare Cloud Service Brokers, the service broker enabling technologies will be demonstrated for a hands-on look at security, API management, and integration workflows.

Simplify Member-Provider Information Exchange through Healthcare Cloud Service Brokers
Tuesday, February 21
10:00am – 11:00am

Read AbstractRegister

Lastly, here’s another session that you should not miss:

The Creation of a Healthcare Insurance Exchange Using Your State Medicaid Management Information System (MMIS) As a Foundation

Wednesday, Feb. 22
5:00pm – 6:00pm

Read Abstract & Register

You can register for any of the sessions  here.

If you would like more information about Intel Expressway Service Gateway for Healthcare, please visit our site: www.intel.com/go/identity

We look forward to seeing you there!


Posted in Events. Tags: , , , , , , , , . Leave a Comment »

Webinar: Federal Cloud Security Initiatives Explained – Choosing the Right Standards and Technologies

October 5, 2011 — soaexpressway

Join us on 10/6  at 2pm Eastern Time for an exciting and informative webinar:

Federal Cloud Security Initiatives Explained – Choosing the Right Standards and Technologies

Mapping the alphabet soup of federal cloud security initiatives is a daunting task. Tim Grance from NIST and federal security expert Gunnar Peterson join forces to decompose the funded programs and standards initiatives to recommend an adoption path for cloud security. Tim begins with a grounding in NIST’s baseline cloud security architectures/guidelines. Gunnar follows with insight into how these practices have been incorporated into programs such as NSTIC, FedRamp, FICAM, Cyberscope, and DOD-PKI.  This will be followed with additional guidance on some of Intel’s solutions from Intel Application Security & Identity Products Chief Architect, Andy Thurai. A group discussion will comment on the adoption timelines, real world use cases, and applicable COTs commercial technologies. Attendees of this webinar will receive a copy of Gunnar Peterson’s Federal Cloud Security white-paper. Sponsored by Intel & McAfee.

Register here:

http://washingtontechnology.com/webcasts/2011/10/intel-mcafee-cloud-security-100611.aspx?tc=page0

 

Posted in Events. Tags: , , , , , , , , , , , , . Leave a Comment »
« Older posts
Follow

Get every new post delivered to your Inbox.

Join 137 other followers