View stunning SlideShares in full-screen with the new iOS app!Introducing SlideShare for AndroidExplore all your favorite topics in the SlideShare appGet the SlideShare app to Save for Later — even offline
View stunning SlideShares in full-screen with the new Android app!View stunning SlideShares in full-screen with the new iOS app!
Every new technology creates new security concerns
Often used to connect critical, back-end applications
Not addressed by existing packet-level security infrastructure
Increasingly included in larger software packages and services
Complex processing model
New compliance or regulatory environments
More than one part of an organization has to be involved
Presents some opportunities for improved security
“ Implementation of Microsoft SOAP, a protocol running over HTTP precisely so it could bypass firewalls, should be withdrawn. According to the Microsoft documentation: ‘Since SOAP relies on HTTP as the transport mechanism, and most firewalls allow HTTP to pass through, you'll have no problem invoking SOAP endpoints from either side of a firewall.’" – Bruce Schneier, circa 2000
SOA Security Deployment XML protocol application Web Service #2 Web Service #1 Access Control (IM) Server UDDI Registry Service Level Monitoring & Management Server Not pictured: PKI server, log server, datacenter mgmt, etc.