Be the first to like this
This presentation examines architectural patterns for SOA security according the externalization of the cross-cutting concerns of authorization and authentication as well as the integration of identity federation. Conceptual building blocks for SOA security are sketched and assessed with respect to classical security means. Web services-based SOA systems are considered in particular. The analysis considers the native security functionality of common Web service stacks (e.g. Apache Axis, Microsoft WCF, Sun JAX-WS RI/WSIT).