Presentation is loading. Please wait.

Presentation is loading. Please wait.

Infrastructure Service Approach to Handling Security in Service-Oriented Architecture Business Applications Doina Iepuras.

Published byLinda Small Modified over 9 years ago

Similar presentations

Presentation on theme: "Infrastructure Service Approach to Handling Security in Service-Oriented Architecture Business Applications Doina Iepuras."— Presentation transcript:

1 Infrastructure Service Approach to Handling Security in Service-Oriented Architecture Business Applications Doina Iepuras

2 SOA Security Authentication – validating the identity of the message originator Authorization – controlling the use of the services Privacy – no unwanted intercepts while transmitting a message Integrity – confidence that message has not been modified

3 SOA Security Levels Transport Layer Security –Point-to-point security –Encryption for data in motion Cons Not granular enough Reduced auditing capabilities

4 SOA Security Levels Message Level Security – End-to-end security – WS-Security - integrity via cryptographic mechanisms – WS-Policy – framework describing rules and policies Cons Implementation for each message

5 Application Managed Security

6 Application Proxy Common interface that can receive and respond to web service calls Reduce the load on the enterprise’s infrastructure Caches and manages authentication and authorization requests

7 Gateway Security Pattern Handles different transport layers Performs enhanced message transformations Coarse-grained authorization of the request message and its origins Validation of the request format

8 Enterprise Service Bus Supports integration and flexible reuse of heterogeneous business components –Routing messages between services –Conversions of transport protocols –Transforming requests from one message format to another

9 Security as a Service Access control decisions should be made each time a message reaches a transition point Allows early detection of unauthorized requests Eliminates unnecessary security processing at the application layer Issue: a lot of redundancy

10 Security as a Service Implement security as a set of services Application relies on services to acquire a security decision What if security is already implemented within the application? –The decisions should still be made via a service which gets the decision from the application implementation

11 Security as a Service Security Decision Service - segregates the security decision functionality Security Enforcement Service – applies security decisions to a request

12 Security as a Service within the ESB ESB enables the security as a service model Services are implemented as mediations which provide reusable functionality –Service for Encryption/decryption –Service for Validating digital signatures –Service for Authenticating the requestor

13 ESB Model

14 Validation of request format Transport and end-to-end security for service implementations Enables layered security approach by separating enforcement and decision services Single point of control for identity mapping Can be implemented gradually

15 Q&A

Download ppt "Infrastructure Service Approach to Handling Security in Service-Oriented Architecture Business Applications Doina Iepuras."

Similar presentations

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

0 McLean, VA August 8, 2006 SOA, Semantics and Security.
GT 4 Security Goals & Plans Sam Meder

GT 4 Security Goals & Plans Sam Meder
Defining a Pragmatic and Practical SOA Focused Enterprise Architecture

Defining a Pragmatic and Practical SOA Focused Enterprise Architecture
Service Oriented Architecture Terry Woods Session 50.

Service Oriented Architecture Terry Woods Session 50.
A Successful RHIO Implementation

A Successful RHIO Implementation
Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.

Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.

SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
Service Oriented Architecture SEARCH Membership Group Meeting Cleveland, Ohio July 24, 2008 Scott Came Director of Systems and Technology SEARCH.

Service Oriented Architecture SEARCH Membership Group Meeting Cleveland, Ohio July 24, 2008 Scott Came Director of Systems and Technology SEARCH.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Need for SOA database for storing SOA data Divya Gade Rejitha Rajasekhar.

Need for SOA database for storing SOA data Divya Gade Rejitha Rajasekhar.
CERN – European Organization for Nuclear Research IT Department – Administrative Information Services Service Oriented Architecture definition and main.

CERN – European Organization for Nuclear Research IT Department – Administrative Information Services Service Oriented Architecture definition and main.
Service Oriented Architecture Concepts March 27, 2006 Chris Armstrong

Service Oriented Architecture Concepts March 27, 2006 Chris Armstrong
Enterprise development reference architecture (EDRA) -Deepti Seelamsetti.

Enterprise development reference architecture (EDRA) -Deepti Seelamsetti.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Federal Student Aid Technical Architecture Initiatives Sandy England

Federal Student Aid Technical Architecture Initiatives Sandy England
Adding More Value to Your ERP System Using Service-Oriented Architecture (SOA) Copyright © 2001 iWay Software 1 Information Builders.

Adding More Value to Your ERP System Using Service-Oriented Architecture (SOA) Copyright © 2001 iWay Software 1 Information Builders.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.

6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
Troy Hutchison Service Oriented Architecture (SOA) Security.

Troy Hutchison Service Oriented Architecture (SOA) Security.
CPR Overview 28-April-2011. Agenda Introduction Requirements Data Model Services Model Service Providers Implementation Contact Information.

CPR Overview 28-April Agenda Introduction Requirements Data Model Services Model Service Providers Implementation Contact Information.
Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

Similar presentations

Ads by Google