Be cloudy and secure...

Security


Cloud Security Authors: Elizabeth White, Yeshim Deniz, Shelly Palmer, Rick Popko, Jackie Kahle

Related Topics: XML Magazine, SOA Best Practices Digest, Security Journal, SOA & WOA Magazine, Cloud Security Journal , Microservices Journal, Secure Cloud Computing, SOA Testing, Security

Cloud Security: Blog Feed Post

Reducing the Complexity of Application Security

Integration is the Enemy of Security and so is Flexibility

Integration is the Enemy of Security and so is Flexibility - an attribute that is essential for organizations to survive. 

A corporation that cannot service its customers and suppliers, establish long sticky relationships with them and build an infrastruture that enables rapid addition of both suppliers, buyers and partners for information exchange will perish and get demolished by a nimble and flexible competitor whose infrastructure has integration capabilities for rapid information exchange.

Mike Vizard from CTOEdge talks about the business drivers that compel companies to integrate yet face security challenges that hamper integration efforts: Reducing the Complexity of Application Security

Here's a snippet from Mike's article:

"As business-to-business interactions over the Web become more pervasive, so too does the complexity associated with securing those transactions.
Unfortunately, all that complexity serves only to dissuade businesses from integrating business processes across the Web at a time when we want to encourage that behavior. So the challenge facing chief technologists is to find a way to make it simpler to integrate business processes without having to introduce complex layers of security."

Key components that help reduce (and improve) application security include:

  1. Strong SOA Governance Enforecement, Monitoring and Security through XML Gateway such as Forum Sentry.
  2. Portal and Web services Authentication and Authorization decisions through Secure Token Services such as Forum Sentry STS - Identity Broker.
  3. Application Security Testing and Simulation through products such as SOAPSonar and SOAPSimulator for Identity, Privacy, Integrity and Penetration Testing.

Read the original blog entry...

More Stories By Rizwan Mallal

Rizwan Mallal serves as the Vice President of Operations at Crosscheck Networks, Inc. As a founding member and Chief Security Architect of Forum Systems, the wholly owned subsidiary of Crosscheck Networks, Rizwan was responsible for all security related aspects of Forum's technology.

Previously, Rizwan was the Chief Architect at Phobos where he was responsible for developing the industry's first embedded SSL offloader. This product triggered Phobos's acquisition by Sonicwall (NASD: SNWL). Before joining Phobos, he was member of the core engineering group at Raptor Systems which pioneered the Firewall/VPN space. Raptor after its successful IPO was later acquired by Axent/Symantec (NASD:SYMC).

Rizwan started his career at Cambridge Technology Partners (acquired by Novell) where he was the technical lead in the client/server group.

Rizwan holds two patents in the area of XML Security. Rizwan has a BSc. in Computer Science from Albright College and MSc. in Computer Science from University of Vermont.