Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Computing
Conference & Expo
November 2-4, 2009 NYC
Register Today and SAVE !..

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
In many cases, the end of the year gives you time to step back and take stock of the last 12 months. This is when many of us take a hard look at what worked and what did not, complete performance reviews, and formulate plans for the coming year. For me, it is all of those things plus a time when I u...
SYS-CON.TV
SOA Editorial: Blowing My Horn
The security challenge

There's a biblical story about a walled city called Jericho. In the story, the walled city was under siege, and the folks who wanted in blew their horns for seven days and then the walls all fell down.

The Open Group has an initiative based on this story, called Jericho Security, which is based on the premise of security without walls. This is at odds with most current concepts of security, and yet it appears almost vital to the concepts Web 2.0 espouses such as collaboration, open discussions, and the free flow of information.

The conventional approach to security has been and to a certain extent remains one of putting up walls around things - organizations, servers, etc. Even the concepts and terms we use have a militarist bearing - firewalls, demilitarized zones - that connotes borders and maintaining integrity.

But the old saw about generals always being ready to fight the last war may also be apropos here. We're not fighting an external enemy in many cases - a good number of costly security breaches have been internal. There are no clear battle lines, no solid borders in today's corporations, just a mesh of various individuals and ecosystems working together.

Web 2.0 and social networking have further compounded the issue. I've had numerous conversations with organizations recently regarding the adoption of social computing and other Web 2.0 technologies. One uniform response from the corporate world is that blogs are bad. Whether it's with respect to legal, regulatory, or privacy issues, invariably someone has decided that blogs are the latest incarnation of the Wild Wild West. Some big bad blogger is going to come along and say something so dreadful that it will cause massive disruption to the business and drive it into bankruptcy.

Never mind that we've all dealt with an electronic document mechanism for close to 20 years that serves as a model of how to deal with this challenge - it's called e-mail. Policy, practice, and governance have been put in place to deal with the same challenges over the years and solutions exist.

Security has become a larger challenge - not only must we address the issue of protecting data at the source, we also must be able to address legislated concerns about communications and free expression. It's become inexorably linked to social and governance issues such as HIPPA, Sarbanes-Oxley, and PCI. In this context, the concept of putting a wall around the organization becomes increasingly irrelevant. Security can't be at the edge; it has to be part of the data, an integral part. And the definition of data, which in most cases means structured data in a database, has to undergo a rapid transformation. Data is not in the database anymore; it's everywhere.

Recent data theft disclosures drive this point home. I suffered some credit card fraud recently. When I looked into the organizations I had credit with, it startled me that there were multiple incursions at different companies in which my identity may have been compromised. It frightens me that instead of possibly identifying where the breach had occurred, what I saw was a pattern of breaches throughout the industry. Yet all of these organizations have firewalls and IT security groups. Obviously that's not really helping to solve the problem. Since many of the breaches in security have occurred within the firewall, it's clear to me that security at the perimeter is not the answer to our problems. Without protection of the data, at the source, secured so that internal theft is pointless, we're all at risk.

The plus side to all this is that once data is secure in this manner, the concepts of a wall around our organizations - you know, the one IT clamps down that prevents you from visiting Facebook or using instant messaging and generally interferes with you operating as efficiently at work as you do at home - vanishes. Then, finally, the walls can come down.

About Sean Rhody
Sean Rhody is the founding-editor (1999) and editor-in-chief of SOA World Magazine. He is a respected industry expert on SOA and Web Services and a consultant with a leading consulting services company. Most recently, Sean served as the tech chair of SOA World Conference & Expo 2007 East.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

SOA World Latest Stories
"Outscale was founded in 2010, is based in France, is a strategic partner to Dassault Systémes and has done quite a bit of work with divisions of Dassault," explained Jackie Funk, Digital Marketing exec at Outscale, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, ...
"We focus on SAP workloads because they are among the most powerful but somewhat challenging workloads out there to take into public cloud," explained Swen Conrad, CEO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New Yor...
"DivvyCloud as a company set out to help customers automate solutions to the most common cloud problems," noted Jeremy Snyder, VP of Business Development at DivvyCloud, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I think DevOps is now a rambunctious teenager – it’s starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, he...
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in thi...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021


SYS-CON Featured Whitepapers
ADS BY GOOGLE