Slide 31
Reactivity Proprietary & Confidential
Web Service security dilemma
Svc
Svc
Svc
Svc
Svc
Svc
Svc
Svc
Svc
Svc
Svc
Svc
Database
Integration
User
Interface
Security
Layer
Business Logic
CIO’s and IT Directors do not believe application programmers can verifiably implement enterprise security policies
Use of toolkits does not scale to even modest deployments
Tools do not exist to define, verify or modify security policy
Transactions must be monitored and audited
Security policy management must be federated
DSG will provide the security integration components for application-specific Web Services security, but there is a much larger opportunity – Enterprise Security Management.

Web Services is now the dominant application integration approach (The Burton Group, Feb. 12, 2003)
}Core standards are stable, vendor support broad, enterprise initial production deployments increasing
}High ROI on Web Services from fewer proprietary systems to support and interface with, higher speed data flow between systems and partners, and reusing functionality across applications.
}Security models that rely on application programmers do not scale...opening new opportunities for security management
Architecture dictates that every developer to integrate sophisticated security APIs and policy such as WS-ME
Policy must be implemented across all services and platforms with varied/disparate security levels
Integration with future component may break security model and one misstep can expose entire network across business partners
Multiple platforms and versions