Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Software Engineers Put .NET and Enterprise Java Security to the Test  : Page 3

Software engineers from Foliage Software Systems conducted the first comprehensive comparative analysis of the security tradeoffs in the two major enterprise computing platforms. They talked with DevX earlier this week to tell us the risks and rewards of trusting your applications to enterprise Java and .NET.


advertisement
The Enterprise Security Wish List
Dovydaitis and Piliptchouk came away from their assessment with a wish list for the enterprise security that both .NET and Java offer. As in-the-trenches developers who have to answer the call whenever a Foliage client faces a security breach, they have critical requests for Microsoft and the Java vendors.

First and foremost, they want secure code. "We can't build trusted applications on buggy platforms," explains Dovydaitis. "All the features of the languages we're discussing are only as good as the people who wrote them and [their stability depends on] how rigorously verified all these features are."

Next, both platforms need to develop frameworks for more complex role-based access controls for users. The example the engineers gave was support for permissions delegation. For instance, if a doctor in a healthcare organization is the only person with access to certain data, he or she ought to be able to delegate permissions to coworkers as the organization's access relationships become more complex—without needing to rely on developers for additional coding.



Finally, .NET and Java must provide much better support for auditing and tracking transactions. Both are inadequate in their solutions. With .NET, developers can use the Windows mechanisms but they need to go outside the .NET framework to get them. Java is adding a logging package, but it is not secure.



Glen Kunene is the Senior Editor at DevX. 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date