Irrespective of how a project is managed, when an application is released and rolled-out, there can be a nagging question as to whether the application is performing efficiently. In any project, time pressures can force corners to be cut and short-cuts to be taken. At the end of day, if the features are operational and available, things must be ok – mustn’t they ?

In projects based on agile principles, code refactoring can be included, whereby the underlying code of an application’s functionality is reviewed and updated where necessary to make improvements to how an application operates. A proper and regular code review process helps to ensure that technical debt doesn’t build up in an application.

Whether you’re moving an existing application to the cloud or starting afresh on the cloud with a brand new application, CAP is an important topic to consider when (re)designing the architecture of your app. CAP stands for Consistency, Availability and Partitioning, three characteristics that are key when designing a distributed application. These three characterictics have an important bearing on the capability of your application to scale up or down with no negative impact which is a basic requirement for cloud based applications.
To sum up, CAP is an important part of any systems architecture – be it on the cloud, hosted or on-premises and the overall objective is to find and design the appropriate balance between the three requirements for your application.

There has been a lot of online talk about Oauth and OpenID, what they contribute to website / applications security, how they differ and/or are similar. I would like to show how they can jointly contribute to increased security for a website or application. To put a context on this blog, I refer to a previous blog that I wrote on Building in security to websites and apps, where I discussed a selection of OWASP principles of confidentiality, integrity and availability.
Within the scope of OWASP’s availability principle, authorisation and authentication are important and are closely related. OpenID is every much in the authentication area, while Oauth is in the authorisation space.

When a business wants to provide a service via their website or web application, they want to ensure that their users experience a good service without compromising on security. By building in a focus on security from the start when building a website or application, it is possible to ensure a quality and secure user experience. This blog post is about an approach to securing your website/web app, drawing from OWASP principles.