February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« The Unique Security Challenges of SOA | Main | Scary New Class of Security Exploits »

October 15, 2007
SOA and Security

As per my blog from last Friday, The Unique Security Challenges of SOA, where I contend that, "security is the primary limiting factor inhibiting SOA's growth," I just came across Christopher Hoff's blog at Rational Security titled, Security is NOT the Primary Limiting Factor Inhibiting SOA's Growth.

And you know what, when you get down to the nuts and bolts of SOA, Hoff is right! Whereas security is definitely one of the limiting factors, would I say in even 90% of the cases it is the MOST limiting factors...No! My line is pretty much marketing copy, almost akin to someone saying, That's the coolest thing ever! Standing on the cutting edge of technology, it's easy to get sucked into using hyperbole.

But the inevitable point of my article is that security IS an issue with SOA, and whether it's the most, least, or middle issue, it is still an IMPORTANT issue, which still makes the webinar, Think Globally, Act Locally for SOA Security, relevant.

Hoff also takes me to task for saying I haven't seen much discussion in the blogosphere about SOA security when there's clearly been a few. But what I meant is I haven't seen much discussion on SOA compared to all the chatter re: spam or phishing or application security or the high-profile security breaches that keep making news.

There were also some very interesting comments after Hoff's blog. One comment in particular was: "Should security in SOA be improved? Sure. Did this ever stop any previous technology from being widely deployed? Nope. The dotcom boom was built on far weaker security architecture than what SOA has. The real problem with SOA security is that the security people need to learn more about how apps are built and the software people need to learn more about security."

I think that the reason that security came up so early in SOA's lifecycle is the changing nature of how people and corporations now view security. I'm from Detroit, and in the early days of the automobile, it was just enough to have a vehicle that would take you from A to B. Then people started noticing that when going fast enough from A to B, these autos have a tendency to flip over and burn, so people started asking: how safe is that?

And as more and more companies get up-to-speed on the info superhighway, people are starting to ask the same: how safe is that?

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2761

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map