Your SlideShare is downloading. ×
0
SOA Security and
Governance with
Sun and Layer 7



Javier Cañadillas
Sun Enterprise Software
The foundation for a
 Services Oriented
   Architecture



     Sun Proprietary/Confidential: Internal Use Only
• Sun Java CAPS is the foundation for
building a SOA platform.
• Services can be developed inside
Sun containers or other ...
The path of the SOA
 security Samurai



     Sun Proprietary/Confidential: Internal Use Only
Security inside the Web Service                                     Security in the SSG Bridge

• Low service re-use.     ...
Policy and Application
   Decision Points




      Sun Proprietary/Confidential: Internal Use Only
SSG Bridge (Application
Decision Point)
• Policy Enforcement point
• Makes the SOAP message
  policy-compliant by
  redeco...
SOA platform security and
  governance scenario




        Sun Proprietary/Confidential: Internal Use Only
Sun Proprietary/Confidential: Internal Use Only
Synchronous design,
   asynchronous
    deployment



     Sun Proprietary/Confidential: Internal Use Only
• Services were designed
                               without security or
                               geographical di...
SOA platform security and
  governance scenario
  (over JMS and HTTP)



        Sun Proprietary/Confidential: Internal Us...
Sun Proprietary/Confidential: Internal Use Only
Thanks!
javier.canadillas@sun.com
Upcoming SlideShare
Loading in...5
×

SOA Security and Governance with Sun and Layer 7

229

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
229
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "SOA Security and Governance with Sun and Layer 7"

  1. 1. SOA Security and Governance with Sun and Layer 7 Javier Cañadillas Sun Enterprise Software
  2. 2. The foundation for a Services Oriented Architecture Sun Proprietary/Confidential: Internal Use Only
  3. 3. • Sun Java CAPS is the foundation for building a SOA platform. • Services can be developed inside Sun containers or other vendor containers, disparate networks or even non secured networks. • Focus at this stage is on business logic process design. • SOA Security and Governance have to be built on top of this very first layer and taking into account existing standards and technologies. Sun Proprietary/Confidential: Internal Use Only
  4. 4. The path of the SOA security Samurai Sun Proprietary/Confidential: Internal Use Only
  5. 5. Security inside the Web Service Security in the SSG Bridge • Low service re-use. • Truly loosely-coupled services • Complex and heavy • Service, container, and development. technology independent. • Technology dependent. • Real standards implementation • Re-engineering is required to • Business design independent implement new standards. from Security and Governance. Security inside the container • Vendor-centric and dependent. • Bonding between service and container. • “Legacy” standards. • Not loosely-coupled. Sun Proprietary/Confidential: Internal Use Only
  6. 6. Policy and Application Decision Points Sun Proprietary/Confidential: Internal Use Only
  7. 7. SSG Bridge (Application Decision Point) • Policy Enforcement point • Makes the SOAP message policy-compliant by redecorating it. • Shows a single end-point for all deployed services (added security). • Communicates with gateway through an independent secure channel. SSG Gateway (Policy Decision Point) • Defines policy for each service. • Becomes part of the governance framework. • Shows a single end-point for all deployed services (added security). • Undecorates the SOAP message for final delivery. Sun Proprietary/Confidential: Internal Use Only
  8. 8. SOA platform security and governance scenario Sun Proprietary/Confidential: Internal Use Only
  9. 9. Sun Proprietary/Confidential: Internal Use Only
  10. 10. Synchronous design, asynchronous deployment Sun Proprietary/Confidential: Internal Use Only
  11. 11. • Services were designed without security or geographical dispersion. • Layer 7 Gateway, Bridge and Sun MQ enable secure and asyncronous services communication. Sun Proprietary/Confidential: Internal Use Only
  12. 12. SOA platform security and governance scenario (over JMS and HTTP) Sun Proprietary/Confidential: Internal Use Only
  13. 13. Sun Proprietary/Confidential: Internal Use Only
  14. 14. Thanks! javier.canadillas@sun.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×