Stories about: BEA

Faced with looming regulations such as the Health Insurance Portability and Accountability Act and the Sarbanes-Oxley Act, Craig Shumard, chief information security officer for healthcare provider Cigna, knew he needed better tools for role-based access control.

The number of new software security vulnerabilities identified by security experts, hackers and others during the first eight months of this year has already exceeded the total recorded for all of 2005, according to Internet Security Systems.

Ronald Reagan once famously said: "The nine most terrifying words in the English language are, 'I'm from the government and I'm here to help.'" Inside the government itself, the most terrifying words in the English language may be: "The information security office is here to facilitate your office's goals and objectives."

Clear text messages used in transferring applications via Web services can potentially slip through existing security hardware allowing malformed code to run rampant within organizations.

IBM and Microsoft are set to turn over to a standards body a key set of Web services security specifications they have been developing for establishing trust and exchanging data between partners.

Vendors are ramping up their efforts to address enterprise identity management with products designed to manage user privileges across multiple platforms, to simulate the impact of potential changes and to help developers build more secure applications.

Open source has encompassed all areas of software applications and services, so there was little doubt that authentication would, sooner or later, be part of this fast growing movement. OpenLDAP, the open source directory project, has been with us for quite some time. But there's a new movement to create an authentication protocol, to standardize how authentication data is exchanged.

Maintaining security on their networks is critical for all companies. One primary tool that every network needs is access control -- the ability to carefully define and enforce which users have what type of access to specific applications, data and devices.

Quick: Can your company track where its trucks or sales cars are at the moment? Do you know how much gas they're using, which ones may need new brakes, and how their drivers are performing on the road?