Databases Reference
In-Depth Information
Evolution of security and management
The challenges that SOA brings to the security and monitoring space are made
clearer when we look at the evolution of computing. The original computer systems
provided a single centralized system with a single access mechanism via a terminal.
These mainframe systems provided their own security and required external parties
(users) to authenticate, at which point they were restricted in their access by the
internal security protocols of the system. In a similar fashion, monitoring was a case
of tracking the status of individual components within the central system. This made
it very easy to provide strong centralized control of who could access resources,
while also retaining a strong ability to monitor individual users as well as the
health of the system.
The move to client-server systems complicated things because now the actual
processing was spread across two machines, the server, generally a database server,
and a client, generally a personal computer. The central server was now required to
provide external access at a more granular level, potentially protecting individual
tables in the database rather than the broader brush application level that was
required in the previous generation of centralized systems. This now introduced
the problem of coordinating identity across two tiers. The client application would
generally authenticate the end user against the server, providing a pass-through level
of security. Hence the security model was more complex due to more demanding
access control requirements, but the authentication model was not greatly different.
