Web services are past the initial marketing hype. Early Web services were
part of experimental one-off projects within a single enterprise department.
Now, larger Web services deployments are moving outside of the enterprise
firewall to better leverage existing business partnerships and value chains.
Larger Web services projects come with a price, however. They are more
complicated to implement and more costly to manage. They require careful
deployment planning throughout the enterprise based on well-established
business processes.
The emerging proliferation of Web services networks presents challenges in
terms of security and management. Enterprise deployments of Web services can
only be successful if business and information technology (IT) managers are
convinced they... (more)
One of the challenges IT organizations face is how to propagate identities in
complex business processes that are commonly found in Service Oriented
Architectures (SOAs). Identities, which are passed from one service
invocation to the next in a business process, give the process a user
context. Identities can be used to determine access rights to SOA services
and for audit and compliance... (more)
Last month (WSJ, Vol. 4, issue 2), we looked at how Web services should not
depend on specific security environments and rules but should be managed as
part of all of an enterprise's corporate data assets such as Web
applications, ERP systems, and in-house applications.
We recommended that Web services security be integrated with the overall
enterprise security infrastructure at the very ... (more)
This article focuses on the value of Web services security. It is important
to understand what Web services are and their challenges, particularly
related to security. Traditionally, companies have relied on conventional,
transport-level security but this approach has its limitations. The market
now offers complementary XML-based solutions designed to secure documents
used in Web service... (more)