Firewalls stall Web services

Web services will be fenced in by corporate firewalls for at least the next year, until something is done to address security...

Web services will be fenced in by corporate firewalls for at least the next year, until something is done to address security issues.

The problem lies in the nature of Web service applications which break down monolithic applications into applets and objects, increasing the number of interfaces, or joins, between the constituent parts, according to consultants.

It is these joins that offer hackers the best route for launching an attack.

Mike Lucas, technical manager of software tools at professional services specialist Compuware, said, "There is a danger that Web service platforms based on Java or Microsoft's .net will only be deployed internally while standards and new technologies emerge to ensure secure deployments. Until then, most Web services will remain behind the firewall."

Companies have grown cautious of connecting to the outside world because of the number and variety of hacking exploits that have been publicised. This has led to the growth in the use of firewalls to ring-fence the internal network from the Internet.

Analysts are starting to express fears that, having secured the internal network, companies may hold back on being pioneers in deploying Web services.

Graham Fisher, a senior analyst at Bloor Research, said, "It seems reasonable that Web services will be constrained for the time being. Web services open up the enterprise to the outside world and security will obviously be a key concern."

Lucas believes that Web services' uptake will be slow this year but advises that companies should develop their applications in Java and Visual Studio .net so that, when the time is right, they will be easier to deploy as Web services.

"When Web services take off, growth will be rapid," Lucas said.

Read more on Web software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close