Welcome!

Microservices Expo Authors: Pat Romanski, Liz McMillan, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: Microservices Expo

Microservices Expo: Article

SOA Editorial: Blowing My Horn

The security challenge

There's a biblical story about a walled city called Jericho. In the story, the walled city was under siege, and the folks who wanted in blew their horns for seven days and then the walls all fell down.

The Open Group has an initiative based on this story, called Jericho Security, which is based on the premise of security without walls. This is at odds with most current concepts of security, and yet it appears almost vital to the concepts Web 2.0 espouses such as collaboration, open discussions, and the free flow of information.

The conventional approach to security has been and to a certain extent remains one of putting up walls around things - organizations, servers, etc. Even the concepts and terms we use have a militarist bearing - firewalls, demilitarized zones - that connotes borders and maintaining integrity.

But the old saw about generals always being ready to fight the last war may also be apropos here. We're not fighting an external enemy in many cases - a good number of costly security breaches have been internal. There are no clear battle lines, no solid borders in today's corporations, just a mesh of various individuals and ecosystems working together.

Web 2.0 and social networking have further compounded the issue. I've had numerous conversations with organizations recently regarding the adoption of social computing and other Web 2.0 technologies. One uniform response from the corporate world is that blogs are bad. Whether it's with respect to legal, regulatory, or privacy issues, invariably someone has decided that blogs are the latest incarnation of the Wild Wild West. Some big bad blogger is going to come along and say something so dreadful that it will cause massive disruption to the business and drive it into bankruptcy.

Never mind that we've all dealt with an electronic document mechanism for close to 20 years that serves as a model of how to deal with this challenge - it's called e-mail. Policy, practice, and governance have been put in place to deal with the same challenges over the years and solutions exist.

Security has become a larger challenge - not only must we address the issue of protecting data at the source, we also must be able to address legislated concerns about communications and free expression. It's become inexorably linked to social and governance issues such as HIPPA, Sarbanes-Oxley, and PCI. In this context, the concept of putting a wall around the organization becomes increasingly irrelevant. Security can't be at the edge; it has to be part of the data, an integral part. And the definition of data, which in most cases means structured data in a database, has to undergo a rapid transformation. Data is not in the database anymore; it's everywhere.

Recent data theft disclosures drive this point home. I suffered some credit card fraud recently. When I looked into the organizations I had credit with, it startled me that there were multiple incursions at different companies in which my identity may have been compromised. It frightens me that instead of possibly identifying where the breach had occurred, what I saw was a pattern of breaches throughout the industry. Yet all of these organizations have firewalls and IT security groups. Obviously that's not really helping to solve the problem. Since many of the breaches in security have occurred within the firewall, it's clear to me that security at the perimeter is not the answer to our problems. Without protection of the data, at the source, secured so that internal theft is pointless, we're all at risk.

The plus side to all this is that once data is secure in this manner, the concepts of a wall around our organizations - you know, the one IT clamps down that prevents you from visiting Facebook or using instant messaging and generally interferes with you operating as efficiently at work as you do at home - vanishes. Then, finally, the walls can come down.

More Stories By Sean Rhody

Sean Rhody is the founding-editor (1999) and editor-in-chief of SOA World Magazine. He is a respected industry expert on SOA and Web Services and a consultant with a leading consulting services company. Most recently, Sean served as the tech chair of SOA World Conference & Expo 2007 East.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Microservices Articles
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addresse...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term.