A side effect of application security infrastructures
When writing my upcoming report on the architecture of application security infrastructures I thought also about potential business values of this type of service layer which sits between applications and the security infrastructure (in fact the term "application security infrastructure" is somewhat misleading because its more about a service layer which sits on top of the infrastructure - and the service layer is core, not the infrastructure). When thinking about the business values it became clear to me that there is a clear link to what I have written in "The ERP for IT" about the chance to use service orientation for making IT sort of a business unit.
Application Security Infrastructures can support IT to become more business-oriented and more economic. How? Very easy: These infrastructures expose defined services (security services, mainly identity services) to applications and network infrastructure components (for example "identity storage services" as interface to directories). The usage of these services can be measured. The costs of the underlying infrastructure can be measured as well and is related to specific services. So, in effect, you have the cost per use per service.
With that information you can for example predict the costs of new applications much more precise than before. You can assign the costs of the infrastructure much more precise than before to the consumers of the services. You can offer more efficient services for lower costs. And so on... IT can act like a business unit or, more familiar, like an "internal outsourcer".
That is, from my point of view, one of the biggest advantages amongst the pretty long list of business values an application security infrastructure can deliver. For sure that isn't unique to application security infrastructures, but applies to any move towards service orientation.