Mike Vizard from CTOEdge talks about the business drivers that compel companies to integrate yet face security challenges that hamper integration efforts: Reducing the Complexity of Application Security
Here's a snippet from Mike's article:
"As business-to-business interactions over the Web become more pervasive, so too does the complexity associated with securing those transactions.
Unfortunately, all that complexity serves only to dissuade businesses from integrating business processes across the Web at a time when we want to encourage that behavior. So the challenge facing chief technologists is to find a way to make it simpler to integrate business processes without having to introduce complex layers of security."Key components that help reduce (and improve) application security include:
- Strong SOA Governance Enforecement, Monitoring and Security through XML Gateway such as Forum Sentry.
- Portal and Web services Authentication and Authorization decisions through Secure Token Services such as Forum Sentry STS - Identity Broker.
- Application Security Testing and Simulation through products such as SOAPSonar and SOAPSimulator for Identity, Privacy, Integrity and Penetration Testing.