Understanding SOA Security Design and Implementation
(Back to docs.huihoo.com)
Abstract
Securing access to information is important to any business. Security becomes even more critical for implementations structured according to service-oriented architecture (SOA) principles, due to loose coupling of services and applications, and their possible operations across trust boundaries. To enable a business so that its processes and applications are flexible, you must start by expecting changes ñ both to process and application logic, as well as to the policies associated with them. Merely securing the perimeter is not sufficient for a flexible on demand business.In this IBM Redbook, security is factored into the SOA life cycle reflecting the fact that security is a business requirement, and not just a technology attribute. We discuss a SOA security model that captures the essence of security services and securing services. These approaches to SOA security are discussed in the context of some scenarios, and observed patterns. We also discuss a reference model to address the requirements, patterns of deployment, and usage, and an approach to an integrated security management for SOA.
This IBM Redbook is a valuable resource to senior security officers, architects, and security administrators.
Table of Contents
• Part 1. Business context and foundation• Chapter 1. Business context
• Chapter 2. Architecture and technology foundation
• Part 2. IBM SOA Foundation scenarios
• Chapter 3. IBM SOA Foundation Service Creation scenario
• Chapter 4. IBM SOA Foundation Service Connectivity scenario
• Chapter 5. IBM SOA Foundation Service Aggregation scenario
• Part 3. Securing the Service Creation scenario
• Chapter 6. Business scenario
• Chapter 7. Solution design
• Chapter 8. Technical implementation
• Appendix A. Introduction to service-oriented architecture
• Appendix B. IBM SOA Foundation
• Appendix C. Security standards and technology
• Appendix D. Additional material
Files
• Local Download PDF
• Remote Download PDF
• View as HTML