Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Slides:

Advertisements

Similar presentations

Managing Service-Oriented Architectures Jim Bole VP Professional Services Infravio, Inc June 7,

Advertisements

Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.

Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)

Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,

Delivering Mission Agility Through Agile SOA Governance 13 th SOA e-Government Conference 4/12/2012 Presented by Wolf Tombe Chief Technology Officer (CTO)

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Barracuda Web Application Firewall

Achieving Success With Service Oriented Architecture Derek Ireland 17th March, 2005.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.

Independent Insight for Service Oriented Practice Communicating SOA.

© 2006 IBM Corporation IBM Software Group Relevance of Service Orientated Architecture to an Academic Infrastructure Gareth Greenwood, e-learning Evangelist,

Unified Logs and Reporting for Hybrid Centralized Management

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Realising the Potential of Service Oriented Architecture Kris Horrocks Connected Systems Division Microsoft.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

® IBM Software Group © IBM Corporation IBM Information Server Service Oriented Architecture WebSphere Information Services Director (WISD)

TIBCO Service-Oriented Architecture (SOA) Our SOA solutions help organizations migrate to an infrastructure composed of services that can be assembled,

Enterprise Governance with WSO2 Governance Registry and More Senaka Fernando Technical Lead WSO2 Inc.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+

Achieving Agility with WSO2 App Factory S. Uthaiyashankar Director, Cloud Solutions WSO2 Inc. Dimuthu Leelarathne Software Architect WSO2 Inc.

1 © Talend 2014 Service Registry / WS-Policy Registry Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

Ganesh Kirti Roger Sullivan Oracle Corporation “This presentation is for informational purposes only and may not be incorporated into a contract or agreement.”

Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

PROJECT NAME: DHS Watch List Integration (WLI) Information Sharing Environment (ISE) MANAGER: Michael Borden PHONE: (703) extension 105.

Web Services and HL7v3 in IHE profiles Vassil Peytchev Epic.

Web Services Security Kerry Champion CTO, Westbridge Technology June 8, 2004.

Review of NWS IT Consolidation Efforts For HIC Meeting July 2006 Tom Schwein Team Leader of Desktop Management Tiger Team SOD CRH.

SOA-13: Introduction to DataXtend ® Semantic Integrator (DX SI) Abstract data management from the application level using a common data model.

Pattern-based Approach to Architecture Marcus Langford-Thomas Graham Cunningham Marcus Langford-Thomas Graham Cunningham

SWIM-SUIT Information Models & Services

1 Advanced Software Architecture Muhammad Bilal Bashir PhD Scholar (Computer Science) Mohammad Ali Jinnah University.

SOA-14: Deploying your SOA Application David Cleary Principal Software Engineer.

Why Governance? SOA Governance allows to n Master complexity of IT n Support business process change.

Web Services Martin Smítka. Description The main idea behind Web Services is that back-end application comunicate with another back-end application without.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report July 1, 2008.

Infrastructure Service Approach to Handling Security in Service-Oriented Architecture Business Applications Doina Iepuras.

Deconstructing API Security

Security Patterns for Web Services 02/03/05 Nelly A. Delessy.

Technical Support to SOA Governance E-Government Conference May 1-2, 2008 John Salasin, Ph.D. DARPA

1 Web Services Policy Management Greg Pavlik Web Services Architect Oracle Corporation May 11, 2005.

Using WS-I to Build Secure Applications Anthony Nadalin Web Services Interoperability Organization (WS-I) Copyright 2008, WS-I, Inc. All rights reserved.

Best Practices in Enterprise IAM Liza Lowery Massey Montana Government IT Conference December 6, 2007.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

TechNet Architectural Design Series Part 5: Identity and Access Management Gary Williams & Colin Brown Microsoft Consulting Services.

Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

Online | classes| Corporate Training | Technical | Placements| Experts Contact US: Magnific training India USA :

© Boris Lublinsky, Michael Rosen 2008 SOA Architecture and Design Strategies Boris Lublinsky, NAVTEQ. Mike Rosen, Wilton Consulting Group Copyright is.

Copyright © 2006, Oracle. All rights reserved Oracle Web Services Manager.

Joseph JaJa, Mike Smorul, and Sangchul Song

Enterprise Service Bus (ESB) (Chapter 9)

Ebusiness Infrastructure Platform

Introduction to Web Services

PLANNING A SECURE BASELINE INSTALLATION

Introduction to SOA Part II: SOA in the enterprise

OU BATTLECARD: Oracle Identity Management Training

Presentation transcript:

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Automated Policy Enforcement Overview A service is not actually a reusable service until it has completed governance processes and is ready to meet run-time governance requirements. – The challenges of run-time SOA governance – Critical elements for a run-time governance framework – The path from automated policy enforcement to governance Automation

SOA Implementation Challenges Delivering on the promise of SOA – How to implement business process – How to avoid “broken” integrations Maintaining Security – Where to enforce security – Ensuring end to end security Ensuring Compliance – Instrumentation of the path and ensuring integrity – Providing validation and alerting mechanisms Automation – Providing the tools to manage the system – Fitting into existing internal processes

Run-Time SOA Governance: Requirements and Product Mappings Requirements: – Identity and Trust Control Process Authenticating and certifying identities – Policy Definition Environment Tailor security (and other) policies to each service consumer and provider relationship – Automated Policy Provisioning and Coordination Establish policies that can be distributed, verified and managed – Compliance Verification Framework Enforce, audit, alert and report compliance to policies Product Mappings: – Identity and Trust Control Framework Directories, Single Sign-On, Federation, PKI – Policy Definition Environment Integrated Development Environments, Identity and Access Management Systems, Web Services Policy Editors – Automated Policy Provisioning and Coordination Registries, Repositories, Policy Management Systems – Compliance Verification Framework Policy Application Points, Policy Enforcement Points, Management Systems, Reporting Tools, Alerting and Correlation Systems

With all these products what's missing? We can not support RAPID service design, delivery and change in accordance with the governance requirements in a manual fashion. Service lifecycle and governance must be automated wherever possible! Identity and Trust Control Process Policy Definition Environment Automated Policy Provisioning and Coordination Compliance Verification Framework Manual Governance Processes (Design-Time Governance) Technical Governance Tools (Design-Time/Run-Time Governance)

Corporate And Architecture Drivers: “Runtime Policy” Framework Corporate Policy Drivers (Inputs) -Manual Governance -Compliance -Security -Classification Levels Security -WS-Security -X509TokenProfile -SAMLTokenProfile -XML Encryption -XML Signatures Runtime Policy Corporate Architectural Drivers (Inputs) -Flexibility and Reuse -Platform Independence -Integration with existing infrastructure -Security, Scalability, Availability, Performance Transport -HTTP -TLS -JMS SLA -Response Time -Availability -IP Range, ToD -Throughput Limits -Non-repudiation Message X-Form -Versioning -Localization -Data Structures Reliability -WS-RM Threat Protection -Schema Validation -Virus Scanning -Attachments Platform -Load Balancing -WS-Addressing

Run-Time Policy Enforcement QA/Test Run-Time The Evolution of a Service (not automated) Design QA/Test Deploy Security Monitoring Compliance Test/QA weather Test/QA weather Deploy Run-Time Security Monitoring Compliance Deploy weather Deploy weather Business Service Design Policy Design Run-Time Governance Configuration WSD L Run-Time Governance Configuration White- Paper

QA/Test Run-Time Policy Enforcement Automation Security Monitoring Compliance Test/QA weather Test/QA weather Deploy Run-Time Security Monitoring Compliance Deploy weather Deploy weather Business Service Design Policy Design WS- Policy Automation Approved!

Future Vision of Service Deployment Automation QA/Test Run-Time Test/QA weather Test/QA weather Deploy Run-Time Security Monitoring Compliance Production Weather Production Weather Run-Time Governance Layer USE QA/Test Deploy QA/TEST or Production QA/TEST or Production

Summary Run-Time Governance Builds On Existing Infrastructure – Identity, security, provisioning, management … Run-Time Governance Starts With Policies – Must be be concise and enforceable – Must fit into overall business process Run-Time Governance Requires Enforcement and Reporting – Enforcement is critical first step in implementation – continuous reporting on compliance is important – Needs to be consistent and manageable SOA Governance Is a Goal, Not a Product – No single solution, but many products can help – Good choices can meet immediate and long-term needs