Traditional security isn't enough for SOA

Service oriented architecture's strengths also pose considerable security risks

Service-oriented architecture ' and the vision for its potential ' have become long-term goals for many federal agencies interested in increasing application flexibility, making integration more manageable, lowering development costs, and better aligning technology systems to business processes.

But the SOA approach turns on its head the traditional security approach used by enterprises today, according to an InfoWorld report. "The mix-and-match nature of SOA services, and the use of messaging as the orchestration mechanism for SOA's composite applications, eliminates the ability to build clear boundaries around'and security barriers for'enterprise apps," the report says. "The very thing that gives SOA its flexibility also increases its security risk."

Engineering flexible systems such as SOA can be a real security challenge, but it's not an impossible one if you take the right steps from the beginning, according to InfoWorld.

Click here to read the full InfoWorld report.

inside gcn

  • russian email hack (Bakhtiar Zein/Shutterstock.com)

    Mueller indictment details hacks on state election systems

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group