Keeping developers out of security
It is the right idea to keep developers out of security, but you can do this without a separate, disconnected security layer. Besides, a separate security layer presents numerous challenges for consistent enforcement of security policy.
The right strategic answer is to integrate security for XML (Extensible Markup Language) and other access channels with the security of the underlying application platform. A practical implementation strategy will start with unified identity and proceed in stages from there.
By Randy Heffner at ZDNet.
[ Read more ]