• United States



Technologies your CIO is Watching

Dec 01, 20064 mins
CSO and CISOData and Information SecurityIdentity Management Solutions

Security implications of a few of the most common new technologies


What it is: Asynchronous JavaScript and XML, along with several other technologies that form a new way to build webpages in which content loads dynamically into the page. It’s Web 2.0 stuff, and the thing that makes applications like Google Earth seem so slick.

Why now: High-horsepower PCs can render dynamic, graphics-rich content, and Ajax makes such content pretty and highly usable.

How it could make your life miserable: According to one presentation on the technology, its “abstraction layer makes development easy and security hard.”

Useful link:

Service-Oriented Architecture

What it is: The latest attempt at flexible, modular and reusable software development. In practice, SOA boils down to a set of protocols (you’ll have to read up on UDDI, SOAP, WSDL and so on) defining how services interact. New applications can be created by connecting various existing services.

Why now: SOA is arguably the hottest trend in IT and a darling with CIOs.

How it could make your life miserable: You’ll need to focus on maintaining adequate data protection as data moves from one service component to the next. This is nontrivial when the application portfolio made up of these components is likely to change rapidly (which is a key point of SOA, after all).

Useful link:


What it is: “Worldwide Interoperability for Microwave Access,” or the combination of two standard technologies, IEEE 802.16 and ETSI HiperMAN. It’s broadband wireless; Wi-Fi on steroids.

Why now: Worldwide demand for wireless access on manifold devices is mushrooming; natural evolution of wireless access.

How it could make your life miserable: Think of all the security headaches broad­band access creates; now extend them from home PCs to tens of millions of phones, BlackBerrys, TVs and combination devices. Then imagine a bad guy with an antenna.

Useful link:


What it is: In general, virtualization refers to logical distribution of resources across multiple physical resources depending on where resources are needed. For example, an application that lives on one busy server can run using available memory and CPU time on several other servers. Virtualization comprises grid computing, hot backup, storage arrays, server consolidation and other like applications.

Why now: Efficiency! Companies want to use idle, available power instead of buying ever more machines (that would also waste 95 percent of their power).

How it could make your life miserable: It can make your life better when deployed well for things like data recovery (by making virtualized data backups) and controlling desktop use through highly structured virtualized applications. Of course, in practice, it also means resources being used all over by everyone, putting a premium on resource management and security.

Useful link:

Windows Vista

What it is: The next version of Microsoft’s operating system, which you’ll probably find on new PCs and servers you buy later in 2007.

Why now: The run-up to a major Microsoft product release is not unlike the run-up to a major motion picture release: loud and in your face regardless of your current interest. Plus, this is when it’s ready to ship, after some delays.

How it could make your life miserable: Even with improvements in coding techniques and a focus on security features integrated into the OS, a release with this many millions of lines of code is bound to have flaws. PC and server upgrades are always security adventures, and some have even reported that Vista’s security improvements create a morass of Warning dialog boxes that could translate into calls to security and the help desk.

Useful link:

Note: Computerworld is a sister publication to CSO.