 | |||
|
|
||
| |||
| |||
| |||
|
||||||||||||||||||||
| |
|
Home > SOA News > Double Your Pleasure, Double Your Fun |
| |
|
|
|
|
| SOA News: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||||||||||||||||||||||||
Security Strategies Double down all you who uttered "security is an enabler" with a straight face, it's time to see if you were bluffing. Do it now, for we are the lucky ones -- we win with Web Services, not once but twice. Not only can we make use of a Web Services infrastructure to further security, but we are the critical piece of that Web Services infrastructure. Say it with me, "There is no way Web Services can be deployed successfully without enhanced security." The need for security in this new world of Web Services is obvious. Information and applications can come from multiple sources and be served to multiple destinations; data can be repackaged on the fly; never before has information been so ephemeral. It's enough to make "old school" security pros shudder. Whereas this environment may seem full of complexity, security has never been simpler. No longer saddled with the burden of native operating systems, databases, and even applications, security can finally take on its own "infrastructure," which provides a common service of authentication in multiple forms, confidentiality and integrity of information, and verification or proof of receipt. And what shall we make of Web Services for ourselves? We already have a head start in the OASIS -- SAML initiative begun by Securant, Netegrity, and others to share user account and profile information across sites, platforms, and companies. Verisign leads the way with its XML standards for key management (XKMS) and business partner trust assertions (XTASS). THE HURWITZ TAKE: You may have guessed by now that the big winners in all this will be the never-say-dead public key infrastructure (PKI) vendors and their supporting cast with digital signatures and encryption at the heart of our "new world order." Finally, the promise of PKI will be realized. Even more exciting are the opportunities for other security vendors to step on each other's toes and jockey for position in the Web Services world. Consider some of the possibilities:
So, while the paranoid pundits tremble and the left-behind Luddites say Web Services is just too insecure, we at Hurwitz Group say to all security professionals, "Step up or be gone forever. Take this opportunity to demonstrate the true value of security. Be the first to dive in and express your support for the radical new business model that is Web Services. Design and define your security architecture in a way that anticipates and leverages the uses of Web Services." It can't happen without us.
Copyright 2002 Hurwitz Group Inc. This article is excerpted from TrendWatch, a weekly publication of Hurwitz Group Inc. - an analyst, research, and consulting firm. To register for a free email subscription, click here.
For More Information:
|
|
|
|
|||||||||||||||||||||||
| ||||||||||||||||||||||||||
|
|
About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS |
|
|
||
|
|||||||
Authentication requirements go through the roof with the need to authenticate sources in the form of people and devices.
