Web Services Authentication Still a Home-Grown Affair, Says Survey

According to Evans Data Corporation, authentication remains the biggest problem for Web services security.

InformationWeek Staff, Contributor

June 16, 2005

2 Min Read

Evans Data Corporation reports in its Spring 2005 Web Services/SOA Development Survey that developers working on authentication methods for Web services are more likely to rely on their own custom-developed methods, rather than industry-standard methods like SSL or SOAP. Almost one in four developers (23%) say they have devised their own security mechanisms to protect Web services transactions, versus 22% using SSL, and 9% using SOAP headers. Additionally, the survey finds that, for a quarter of developers, authentication remains the largest problem in Web services security schemas.

Eight of ten companies (79%) say they encounter organizational headwinds when attempting to move their Web services efforts forward. About one out of five respondents (19%) also say they can't find enough IT talent versed in Web services development.

"We found that a majority of companies are not sharing their Web services with other business units across the enterprise," said Joe McKendrick, Evans Data's Web services/SOA analyst. "This is a result of not having enough IT talent with Web services skills, as well as management buy-in to the concept. Web services and SOA need skilled evangelists to help drive the adoption of the technology forward. This isn't happening yet."

Other findings from the June 2005 survey of more than 400 developers include:

  • While one of the main value propositions of Web services is sharing them across an enterprise, the survey has found that 55% of Web services are being shared with only one or no other business units within their companies. Six and a half percent are sharing Web services across more than 20 business units.

  • The majority of developers (68%) have either adopted a service-oriented architecture (SOA), or are in the process of developing an adoption plan for an SOA. But actual implementations are still few and far between.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights