19.1. What security challenges face enterprise architects?In the big-picture view, there are essentially two challenges: securing each service component with safeguards to protect against misuse, and securing the final compositiona process, or composite applicationagainst attacks. The former task focuses on issues such as identity management, which includes the creation of user roles and authentication, access management, and the encryption of service messages. The latter has to do with securing the overall design of the application itselfhas care been taken to ensure that there are no weak spots in the composition of the overall process where someone might attack? Providing the former is largely the responsibility of SAP and other Independent Software Vendors (ISVs) driving security standards and providing services; the latter is the result of competent designs that followed on security-friendly patterns of development. We'll address each of these in turn. |