In today's global economy, organizations are expanding their market opportunities by extending their reach. Mergers and acquisitions, new partnerships, and new business models - including e-business and Web services - are changing the way companies interact with their customers, and with each other. Yet these same initiatives are creating tremendous challenges for the IT groups faced with making it all work.

Today's extended enterprise model is creating complex, distributed IT infrastructures - vast networked environments that comprise hundreds of different systems and dozens of different applications across multiple-partner organizations. To meet this challenge, many organizations are turning to Enterprise Application Integration (EAI) strategies that reduce the cost and time associated with development, integration, implementation, and management of their distributed systems and applications.

This complex, heterogeneous environment doesn't just present new interoperability challenges; it also presents serious privacy and security challenges. No longer is the "back office" hermetically sealed off from the outside world. In exposing critical business functions to suppliers, customers, and employees via the Internet, institutions can expose data, applications, and systems to a variety of potential threats - both internal and external. Meanwhile, users expect that sensitive corporate and personal information will be readily available to those authorized to see it, while securely protected from access by everyone else.

To address security needs, organizations have deployed a variety of point security solutions for each application or system - a situation that increases complexity for both users and administrators. Users of multiple services or applications must remember multiple user IDs and passwords, which is not user friendly and increases security risk. On the operational side, security administrators must manage security policies for each user - for authentication, authorization, and audit - across numerous administrative interfaces. As the number of users, applications, and systems increases, this complexity becomes extremely costly to manage - and increases the chances of a breach through which a hacker or a disgruntled employee can slip in unnoticed.

How can organizations manage this complexity while enhancing security? Just as they have turned to EAI architectures to streamline integration of their distributed applications, they need a comprehensive architecture for Enterprise Application Security Integration (EASI). This framework, which leverages existing security services and applications, enables organizations to meet the critical demand for security across their entire extended enterprise, while reducing risk, cost, and complexity.

A comprehensive EASI framework enables organizations to address a range of critical business and technology requirements, including:

Products enabling seamless interoperation of third-party products for authorization, authentication, cryptography, accountability, and administration

The result is a single, virtual "business engine" that unites disparate technologies to address the four A's of enterprise security: Authentication, Authorization, Accountability, and Administration. This seamless, distributed framework can enhance end-to-end security, minimize disruption to the existing security infrastructure, and maximize ROI.

From a user's perspective, this means enjoying the simplicity and convenience of Single Sign-on (SSO) when accessing multiple services or applications. From the administrator's viewpoint, EASI enables centralized management of the entire distributed security infrastructure, with end-to-end audit and alerts. For enterprise management, EASI represents a flexible solution for security interoperation that reduces risk while preserving technology investments and accelerating time to deployment.

As organizations continue to extend their reach through innovative e-business models - and as the list of potential threats grows - there is little question that the need for distributed security will increase. By providing a flexible, standards-based integration architecture, an EASI framework can be the key to profitable, new capabilities - while closing the door to information security threats.

Published May. 1, 2002— Reads 12,651
Copyright © 2002 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

About Bret Hartman
Bret Hartman, VP of Technology Solutions at DataPower, has more than 23 years of experience in information security and secure systems development. His expertise includes Web Services security, distributed component security, policy development and management, and security modeling and analysis. Bret is a nationally recognized expert on distributed systems security; and he is a book author, regular speaker, and panelist on a variety of secure distributed system topics.