Pragmatic Approach, Practical Designs, Secure Implementations

Application to application security is extremly critical, but often overlooked aspect of enterprise security. Major canadian bank has decided to properly define application-to-application and system-to-system security principles, patterns and implementation guidelines to help application delivery teams to protect critical data and address compliance concerns.

Using TOGAF based approach, we were able to produce a set of repeatable security implementation patterns, which will allow to address security challenges on the services layer and also provide migration roadmap for major legacy applications. This approach does not require immediate changes in application security architecture for existing systems, but provides an ability to gradually remove security components from within the applications to enterprise level services.