Are there (ideal) situations where business processes be conducted without security? If so, activities related to security are not part of operating core of a business. Therefore security services separate business services in the function and purpose. I don't think security services are support services (ie. HR functions) either. They belong to functions of standardization and indoctrination such as IT that is outsourced by DuPont. So we have four types of services?
Business service Technical service Support service Indoctrination service jerry --- Anne Thomas Manes <[EMAIL PROTECTED]> wrote: > Let's say for example that the government just > passed a mandate that > financial companies must now implement 2-factor > authentication for certain > types of transactions. (and it did) There is now a > business requirement to > support 2-factor authentication. Hence security is a > business service. > > Anne > > On 1/29/07, Steve Jones <[EMAIL PROTECTED]> > wrote: > > > > But is it a business service or a support > service? I don't think anyone > > would doubt that security is required, but I'd > argue that the purpose is > > never security that is just a pre-req for going > live. > > > > So I'd agree that its a service, just not that its > a business service. > > Security isn't so much the basis for trust as the > representation of trust > > once agreed, i.e. I've decided that I require a > secure connection to put > > in credit card details, therefore you must support > HTTPS if you want me to > > give you those details over the web. Its > important in SOA to realise those > > services which are support and those which are > actually business important > > in themselves. There is a huge history in IT of > rating the support (IT) > > service above the business ones so for instance > "security" becomes more > > important than actually getting the job done. > > > > Steve > > > > > > > > On 25/01/07, Michael Poulin <[EMAIL PROTECTED]> > wrote: > > > > > > Well, to my experience, security is doing A > LOT for the business ( > > > http://java. sys-con.com/read/131811.htm, > http://java. sys-con.com/read/163285.htm). > > > Besides it is a foundation for the business > trust, I had several cases where > > > business simply could not operate w/o security. > Here is an example: > > > financial report distributed among investment > experts contains some > > > information which is assumed to be seen by the > bankers of certain level of > > > responsibilities and in certain locations only. > Are you going to create > > > multiple reports or filter data based on user > access rights / entitlement? > > > Though security topic does not belong to the > forum, I believe it is a > > > legitimate SOA service and I still staying on > the position about SOA > > > services I described earlier. > > > > > > - Michael > > > > > > > > > > > > > > > *Jim Thomas <[EMAIL PROTECTED]>* wrote: > > > > > > I still disagree although I admit it's a bit of > a nit. The security > > > service has nothing to do with business at all. > The dependency flows > > > in the other direction. Supposing the security > service is used in a > > > purely scientific system then "business" seems a > misnomer. > > > > > > --- In > [email protected]<service-orientated-architecture%40yahoogroups.com>, > > > Michael > > > Poulin <[EMAIL PROTECTED]> wrote: > > > > > > > > I think that creation of 'generic' > (infrastructure - in my > > > understanding) services does not contradict > 'business-centric' > > > definition because, e.g., security service is > not about generic or > > > abstract safety but about protecting business > interests (scientific > > > results, in particular) and building business > trust; transport > > > services serve the same purpose - allowing > business to operate. Not > > > all services have to implement business services > directly but > > > those, that do not implement them, exist because > of the needs of the > > > business services, not because they are coooool. > All this is about > > > money paid by a business for its benefits. > Please, tell me if I am > > > wrong. > > > > > > > > - Michael > > > > > > > > Jim Thomas <[EMAIL PROTECTED]> > > > wrote: I would > > > rather see: > > > > > > > > "SOA is a software design paradigm..." > > > > > > > > rather than: > > > > > > > > "SOA is a business centric software design > paradigm" > > > > > > > > for two reasons. Firstly there are many > wishing to use SOA in > > > other > > > > environments such as scientific and although > they will put up with > > > > these categorizations they see them as > inaccurate. > > > > > > > > Secondly, the are also many developing generic > services ( e.g. > > > > security, transport, transaction, etc.) that > they really see as > > > being > > > > used by the business services but not business > services. > > > > > > > > Also, by removing "business centric" from that > statement I don't > > > see > > > > any cases being eliminated either. > > > > > > > > --- In > [email protected]<service-orientated-architecture%40yahoogroups.com>, > > > "Selwyn > > > > Akintola" <selwyn@> wrote: > > > > > > > > > > Back in November as part of my MSc. research > I posed the > > > > > question "What is SOA?". The objective was > to derive a > > > definition of > > > > > SOA that I could use to inform the rest of > my studied. Since > > > then I > > > > > have received approximately 50 definitions > of SOA from various > > > > > sources including from members of this > group. First off let me > > > thank > > > > > you all for the valuable and insightful > input. When I asked the > > > > > question I also committed to being my > definition of SOA back to > > > this > > > > > group. Her it goes SOA in less than 100 > words- > > > > > > > > > > "SOA is a business centric software design > paradigm > > > characterised by > > > > > the utilisation of well defined standards > and protocols to > > > create > > > > > services and compose applications from > services. SOA mandates > > > that > > > > > services are loosely coupled and communicate > through the > > > exchange of > > > > > messages thereby allowing resource sharing > and reuse. > > > > > Interoperability and platform independence > allow the > > > composition of > > > > > applications from services created using > heterogeneous > > > resources and > > > > > hosted on heterogeneous technology > platforms. SOA is a long > > > term > > > > > organization wide cross functional > collaborative activity whose > > > ROI > > > > > will be achieved by service reuse and > efficiencies gained by > > > better > > > > > alignment IT with business." > === message truncated === ____________________________________________________________________________________ Get your own web address. Have a HUGE year through Yahoo! Small Business. http://smallbusiness.yahoo.com/domains/?p=BESTDEAL
