Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 575 – Drexel University – Fall 2007

Published byKory McGee Modified over 5 years ago

Similar presentations

Presentation on theme: "CS 575 – Drexel University – Fall 2007"— Presentation transcript:

1 Addressing Security in SOA Based Systems Throughout the Development Lifecycle
CS 575 – Drexel University – Fall 2007 Alan Black, Daniel Moyer, Emily Reider

2 Some Aspects of Security
Authentication Authorization Integrity Confidentiality Reliability Non-repudiation Privacy Some Aspects of Security

3 Why do we need security? Firewalls are not enough
Independent security management Highly networked environments True security is about enabling functionality, not disabling it Why do we need security?

4 But what about? Complacency Cost New threats "We are not a target"
"Our vendors will handle security" "We'll just encrypt our traffic" Cost New threats But what about?

5 Security Throughout the Lifecycle
As Early As Possible Re-engineering may be difficult or impossible Maintenance Phase Encryption techniques for storage Vendors “How can you demonstrate to us that this product is secure?” Testing Security Throughout the Lifecycle

6 Conclusion Firewalls Early Design True Security - Enabling
Manage Risks Maintenance Phase – Storage Vendors Conclusion

Download ppt "CS 575 – Drexel University – Fall 2007"

Similar presentations

Driving Factors Security Risk Mgt Controls Compliance.

Driving Factors Security Risk Mgt Controls Compliance.
Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.
MyGrid Security Issues Simon Miles University of Southampton.

MyGrid Security Issues Simon Miles University of Southampton.
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.

E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Troy Hutchison Service Oriented Architecture (SOA) Security.

Troy Hutchison Service Oriented Architecture (SOA) Security.
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
E-commerce security by Asif Dalwai 886 39 5409. Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.

E-commerce security by Asif Dalwai Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
© Pearson Education Limited, 20041 Chapter 5 Database Administration and Security Transparencies.

© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.

VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.
Database  A database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model.

Database  A database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model.
Enterprise Privacy Architectures Leveraging Encryption to Keep Data Private Karim Toubba VP of Product Management Ingrian Networks.

Enterprise Privacy Architectures Leveraging Encryption to Keep Data Private Karim Toubba VP of Product Management Ingrian Networks.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

Similar presentations

Ads by Google