Abstract :
In evolutionary terms, the information security field is more than a decade behind software development. Developers have evolved, businesses have increasingly bet their entire business models on the Web and networks, and both sides have increased their security budgets. But what has the security architecture (as it´s deployed in the field) got to show for all of this? More firewalls and more Secure Sockets Layer (SSL) connections. Why has information security failed? The problem lies with its mission-confidentiality, integrity, and availability are fine statements to make, but they don´t lead anywhere. Because information security has proven incapable of evolving, it´s time to learn from a discipline that has mastered innovation-software development. In this installment of Building Security In, we´ll learn what this field can teach us.
Keywords :
security of data; software development management; SSL connections; Secure Sockets Layer; firewalls; information security; security architecture; service-oriented security; software development; Application software; Authentication; Authorization; Computer architecture; Information security; Programming; Service oriented architecture; Technological innovation; Web services; XML; BSI; SOA security; Web services security; building security in; enterprise security;
