Enterprise SOA with
SecureSpan and JavaCaps
  Francois Lascelles, P. Eng.
  Technical Director, Europe
  http://www.layer7...
Why an XML appliance?


        Message level aware intermediary
        between services and requesters




             ...
Policy Enforcement Point Model

    PEP validates policy compliance, applies security decorations,
    transformations, re...
Delegating Security


                      XML Gateway
                      enforces security for
                      ...
Delegating SLA


                 Members of group foo
                 can consume X times
                 service A or ...
Business Logic Delegation


•Distribution of responsibilities between applications and infrastructure has shifted
•Moving ...
SecureSpan Solution Advantages, Differentiators




  Sophisticated policy language enables complex governance requirement...
Layer 7 SecureSpan XML VPN


                     XML VPN proxy
                     component
Application or ESB




    ...
SecureSpan and JavaCaps ESOA Foundation
SecureSpan and JavaCaps complement themselves to provide the foundation of your
En...
Zone bridging
SecureSpan Gateway used          DMZ
as an edge device bridging
secured zones

• Routing
• Transport mapping...
ESB Co-Processor Pattern

     Delegation to specialized co processor:

     - Content validation
     - XML digital signa...
STS Pattern

 SecureSpan used as an STS integrating with SUN Access Manager issuing security
 tokens and SAML statements f...
Thank you



For SUN+Layer 7 info, visit
http://www.sun.com/layer7
October 2008
Upcoming SlideShare
Loading in …5
×

Layer 7: Enterprise SOA With SecureSpan & Javacaps

771 views
648 views

Published on

SecureSpan and JavaCaps complement themselves to provide the foundation of your Enterprise SOA.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
771
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Layer 7: Enterprise SOA With SecureSpan & Javacaps

  1. 1. Enterprise SOA with SecureSpan and JavaCaps Francois Lascelles, P. Eng. Technical Director, Europe http://www.layer7tech.com October 2008
  2. 2. Why an XML appliance? Message level aware intermediary between services and requesters Web Services October 2008
  3. 3. Policy Enforcement Point Model PEP validates policy compliance, applies security decorations, transformations, records statistics, intercepts problematic messages before they reach your services. Delegate common or expensive XML related tasks from your services to your infrastructure Web Services October 2008
  4. 4. Delegating Security XML Gateway enforces security for incoming traffic on behalf of protected services. XML Gateway secures outgoing traffic on behalf of protected services. protected services October 2008
  5. 5. Delegating SLA Members of group foo can consume X times service A or service B Service B Service A Client side SLA coordinated across services October 2008
  6. 6. Business Logic Delegation •Distribution of responsibilities between applications and infrastructure has shifted •Moving business logic to infrastructure enables more loosely coupled systems •Centralization of policies enables governance •Authentication •Authorization •SLA •Validation •Encryption •Transformation October 2008
  7. 7. SecureSpan Solution Advantages, Differentiators Sophisticated policy language enables complex governance requirements Available as hardware appliance and as software Quick deployment, ease of use Extensible through java APIs Instant policy application (no service downtime) Standards based Industry leadership October 2008
  8. 8. Layer 7 SecureSpan XML VPN XML VPN proxy component Application or ESB Services XML VPN downloads WS- Policy document applicable to service being invoked and decorates outgoing messages on behalf of requester. October 2008
  9. 9. SecureSpan and JavaCaps ESOA Foundation SecureSpan and JavaCaps complement themselves to provide the foundation of your Enterprise SOA Use each products’ strengths, rely on standards based integration mechanisms. ex: Use SecureSpan for: •Zone/Transport bridging •XML intensive processing •Centralized policy enforcement Use jCaps for: •Adapters •Service composition •Messaging infrastructure October 2008
  10. 10. Zone bridging SecureSpan Gateway used DMZ as an edge device bridging secured zones • Routing • Transport mapping • Synchronous to asynchronous handling • Access control • Managing trust relationships • Threat protection • Throttling • Outgoing security decorations jCaps October 2008
  11. 11. ESB Co-Processor Pattern Delegation to specialized co processor: - Content validation - XML digital signature - XML encryption - SLA - XML transformation ESB SecureSpan used as a service endpoint October 2008
  12. 12. STS Pattern SecureSpan used as an STS integrating with SUN Access Manager issuing security tokens and SAML statements for JavaCaps requesting process ESB Access Manager Decoupled identity management and token issuing October 2008
  13. 13. Thank you For SUN+Layer 7 info, visit http://www.sun.com/layer7 October 2008

×