Lack of web security will limit trading partnerships

Organisations planning to deploy business-to-business web services in the next three years should limit their number of trading...

Organisations planning to deploy business-to-business web services in the next three years should limit their number of trading partners because of immature security products and standards.

The warning came last week from Gartner research director Ray Wagner, who said the main web security standard, WS-Security, was not designed to stand alone.

His comments will give added impetus to a group of IT security chiefs from FTSE 100 companies who asked for a new security framework to enable collaborative business arrangements with partners, as highlighted by Computer Weekly.

One of the group, Paul Dorey, director for digital security at BP, is approaching web services security through "radical externalisation", where groups of users are protected by their own firewalls and external security services. Dorey said this method would lead to a faster way to build secure web services.

Gartner has also warned about discord among suppliers where Microsoft and IBM are working on WS-Federation as Sun works with the Liberty Alliance.

Wagner recommended the use of simple point-to-point web services secured using SSL and digital certificates, rather than relying on W3C standards.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close