Security for REST web services

By
John
on March 2, 2006 2:38 PM | | TrackBacks (0)

Mark O'Neill summarizes a talk he did at the recent RSA conference, on security for REST web services. He talks about "true" REST vs. how it is typically used:

... when people talk about a "REST style" Web Service, they usually mean a Web Service that presents a HTTP GET interface. This is very different from the original intent of REST, where GETs are only supposed to be used for fetching information, not for changing server state.

He then makes the point that security is easier to implement when only POSTs are using for changing server state.

The full set of slides from his talk (linked to from Mark's post) is worth a look.

Categories:

Tags:

0 TrackBacks

Listed below are links to blogs that reference this entry: Security for REST web services.

TrackBack URL for this entry: http://johnkeyes.com/cgi-bin/mt/mt-tb.cgi/464

Search

About this Entry

This page contains a single entry by John published on March 2, 2006 2:38 PM.

Yahoo PHP Developer Center was the previous entry in this blog.

Using REST with Ajax is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Categories

Monthly Archives

Pages

Powered by Movable Type 4.1