« Summer internship in the South of France? Can you code (brilliantly)?
Top 10 Tips For Hiring Web Application Pen Testers »

Security Implications of Inhouse Software

As always Dinis Cruz shares a very interesting view

“Note that moving software in-house to provide it as a service (as google will soon find out) is not something that has less security requirements than a normal ‘desktop/server packaged applications’, it has MORE security requirements since its security exploitation will affect ALL customers (i.e. in a ’software by service’ mode”

We are about to start grappling with the concepts and implications of federated authn and transparent authz in our platform design. There is lots of very interesting stuff to play with such as CardSpace and OpenID that all have significant security implications, especially when federation gets a real grid going. I have seen the technology evolve to where is a realistic and pragmatic option but I am yet to see how the business terms will work beyond open source or community type sites. Liability, culpability and brand tainting will all be serious concerns for many. Time will tell.

Explore posts in the same categories: Security 2.0, Security Blogs, Security Industry, Software Development

This entry was posted on March 6, 2007 at 8:14 pm and is filed under Security 2.0, Security Blogs, Security Industry, Software Development. You can subscribe via RSS 2.0 feed to this post's comments. You can comment below, or link to this permanent URL from your own site.

Comment: