ZDNetAsia : Printer Friendly - SOA raises security worries

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Asia.
--------------------------------------------------------------

SOA raises security worries

By Gemma Simpson
Wednesday, January 10 2007 10:39 AM
URL: http://www.zdnetasia.com/news/security/0,39044215,61980273,00.htm

Service-orientated architecture (SOA) technologies could open up a security-based can of worms as they begin to move beyond the walls of individual businesses, according to one analyst house.

Companies are happily trialing the technology internally but problems could crop up as there has been little discussion of the impact the new architecture will have when unleashed on the wider IT environment, according to the analysts.

The analyst house warned there is concern SOA might open up new gaps within IT systems, and that simply restricting access to authorized personnel via standard access-control mechanisms becomes impracticable in a service-oriented environment.

While the analyst house said SOA has "significant potential" to boost the value organizations derive from their IT investments, early adopters have also encountered problems around security, service performance, reliability and data management.

Mike Thompson, Butler Group business process management practice director told silicon.com the "major security concern" for companies implementing SOAs is how to protect their data as it is transmitted over a "completely loosely coupled" system.

Thompson said companies could be put off transferring data to the outside world via SOA in two to three years' time as the architecture would no longer be enclosed within an internal system, making it difficult to implement security measures.

Thompson added: "But any system is inherently insecure the moment you open it up to the outside world."

Despite this, companies are busy trialing SOA with more than one-sixth (17 per cent) of tech chiefs engaged in trials and more than one-third (36 per cent) weighing up whether to move to the new architecture, according to a Butler Group survey.

A lack of in-house expertise on SOAs was also named as one of the major barriers to the adoption of new architecture by the Butler Group.

A recent survey found nine out of 10 city bosses had not heard of the latest industry three-letter acronym.

A separate survey conducted last year by Springboard Research revealed that only 21 percent of CIOs in Australia, China, India and Singapore, were aware of the concept behind SOA.

Gemma Simpson of Silicon.com reported from London.