• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Layer 7: Automated SOA Policy Enforcement
 

Layer 7: Automated SOA Policy Enforcement

on

  • 1,439 views

Adam Vincent presents the challenges of run-time SOA governance & the path from automated policy enforcement to governance.

Adam Vincent presents the challenges of run-time SOA governance & the path from automated policy enforcement to governance.

Statistics

Views

Total Views
1,439
Views on SlideShare
1,436
Embed Views
3

Actions

Likes
1
Downloads
1
Comments
0

1 Embed 3

http://www.slideshare.net 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Layer 7: Automated SOA Policy Enforcement Layer 7: Automated SOA Policy Enforcement Presentation Transcript

    • Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director [email_address]
    • Automated Policy Enforcement Overview
      • A service is not actually a reusable service until it has completed governance processes and is ready to meet run-time governance requirements.
        • The challenges of run-time SOA governance
        • Critical elements for a run-time governance framework
        • The path from automated policy enforcement to governance
      Automation
    • SOA Implementation Challenges
      • Delivering on the promise of SOA
        • How to implement business process
        • How to avoid “broken” integrations
      • Maintaining Security
        • Where to enforce security
        • Ensuring end to end security
      • Ensuring Compliance
        • Instrumentation of the path and ensuring integrity
        • Providing validation and alerting mechanisms
      • Automation
        • Providing the tools to manage the system
        • Fitting into existing internal processes
    • Run-Time SOA Governance: Requirements and Product Mappings
      • Requirements:
        • Identity and Trust Control Process
          • Authenticating and certifying identities
        • Policy Definition Environment
          • Tailor security (and other) policies to each service consumer and provider relationship
        • Automated Policy Provisioning and Coordination
          • Establish policies that can be distributed, verified and managed
        • Compliance Verification Framework
          • Enforce, audit, alert and report compliance to policies
      • Product Mappings:
        • Identity and Trust Control Framework
          • Directories, Single Sign-On, Federation, PKI
        • Policy Definition Environment
          • Integrated Development Environments, Identity and Access Management Systems, Web Services Policy Editors
        • Automated Policy Provisioning and Coordination
          • Registries, Repositories, Policy Management Systems
        • Compliance Verification Framework
          • Policy Application Points, Policy Enforcement Points, Management Systems, Reporting Tools, Alerting and Correlation Systems
    • With all these products what's missing? We can not support RAPID service design, delivery and change in accordance with the governance requirements in a manual fashion. Service lifecycle and governance must be automated wherever possible!
        • Identity and Trust Control Process
        • Policy Definition Environment
        • Automated Policy Provisioning and Coordination
        • Compliance Verification Framework
        • Manual Governance Processes (Design-Time Governance)
        • Technical Governance Tools (Design-Time/Run-Time Governance)
    • Corporate And Architecture Drivers: “Runtime Policy” Framework
      • Corporate Policy Drivers (Inputs)
      • Manual Governance
      • Compliance
      • Security
      • Classification Levels
      • Security
      • WS-Security
      • X509TokenProfile
      • SAMLTokenProfile
      • XML Encryption
      • XML Signatures
      Runtime Policy
      • Corporate Architectural Drivers (Inputs)
      • Flexibility and Reuse
      • Platform Independence
      • Integration with existing infrastructure
      • Security, Scalability, Availability, Performance
      • Transport
      • HTTP
      • TLS
      • JMS
      • SLA
      • Response Time
      • Availability
      • IP Range, ToD
      • Throughput Limits
      • Non-repudiation
      • Message X-Form
      • Versioning
      • Localization
      • Data Structures
      • Reliability
      • WS-RM
      • Threat Protection
      • Schema Validation
      • Virus Scanning
      • Attachments
      • Platform
      • Load Balancing
      • WS-Addressing
    • The Evolution of a Service (not automated) Run-Time Policy Enforcement QA/Test Run-Time Design QA/Test Deploy Security Monitoring Compliance Test/QA weather Deploy Run-Time Security Monitoring Compliance Deploy weather Business Service Design Policy Design Run-Time Governance Configuration WSDL Run-Time Governance Configuration White-Paper
    • Policy Enforcement Automation QA/Test Run-Time Security Monitoring Compliance Test/QA weather Deploy Run-Time Security Monitoring Compliance Deploy weather Business Service Design Policy Design WS-Policy Automation Approved!
    • Future Vision of Service Deployment Automation QA/Test Run-Time Test/QA weather Deploy Run-Time Security Monitoring Compliance Production Weather Run-Time Governance Layer USE QA/Test Deploy QA/TEST or Production
    • Summary
      • Run-Time Governance Builds On Existing Infrastructure
        • Identity, security, provisioning, management …
      • Run-Time Governance Starts With Policies
        • Must be be concise and enforceable
        • Must fit into overall business process
      • Run-Time Governance Requires Enforcement and Reporting
        • Enforcement is critical first step in implementation
        • continuous reporting on compliance is important
        • Needs to be consistent and manageable
      • SOA Governance Is a Goal, Not a Product
        • No single solution, but many products can help
        • Good choices can meet immediate and long-term needs