Traditional security isn't enough for SOA
Service oriented architecture's strengths also pose considerable security risks
Service-oriented architecture ' and the vision for its potential ' have become long-term goals for many federal agencies interested in increasing application flexibility, making integration more manageable, lowering development costs, and better aligning technology systems to business processes.
But the SOA approach turns on its head the traditional security approach used by enterprises today, according to an InfoWorld report. "The mix-and-match nature of SOA services, and the use of messaging as the orchestration mechanism for SOA's composite applications, eliminates the ability to build clear boundaries around'and security barriers for'enterprise apps," the report says. "The very thing that gives SOA its flexibility also increases its security risk."
Engineering flexible systems such as SOA can be a real security challenge, but it's not an impossible one if you take the right steps from the beginning, according to InfoWorld.Click here
to read the full InfoWorld report.