Guide to Secure Web Services (Draft) - Special Publication 800-95
BankInfoSecurity.com - Banking Information Security News, Regulations, & Education  

Username:
Password:
Agencies
Anti-Money Laundering
Business Continuity & Disaster Recovery
Compliance
Emerging Technology
Governance and Standards
Identity Theft
Leadership Management
Physical Security
Risk Management
Training & Education
Webinar Calendar
Vendor Directory
Content Library
Products
Events
About Us
Resources
 

Guide to Secure Web Services (Draft) - Special Publication 800-95

GuidanceNational Institute of Standards and Technology (NIST)Information Security

The advance of Web services technologies promises to have far-reaching effects on the Internet and enterprise networks. Web services based on the eXtensible Markup Language (XML), Simple Object Access Protocol (SOAP), and related open standards, and deployed in Service Oriented Architectures (SOA) allow data and applications to interact without human intervention through dynamic and ad hoc connections. Web services technology can be implemented in a wide variety of architectures, can co-exist with other technologies and software design approaches, and can be adopted in an evolutionary manner without requiring major transformations to legacy applications and databases.

The security challenges presented by the Web services approach are formidable and unavoidable. Many of the features that make Web services attractive, including greater accessibility of data, dynamic application-to-application connections, and relative autonomy (lack of human intervention) are at odds with traditional security models and controls.

> Read entire regulation (log in required - registration is free)



Terms of Service | Advertise | Archive | Site Map | Contact | Bank Information Security RSS Syndication RSS Syndication
Copyright © 2007 BankInfoSecurity.com