Accelerating SOA Security and Gov


Published on

Why we all want SOA. Service based applications and Solutions that can be reused and
integrated, giving us a more agile business.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Accelerating SOA Security and Gov

  1. 1. Accelerating Security and Governance withSOAAran WhiteSolutions Architect
  2. 2. Why did we all want SOA. Service based applications and Solutions that can be reused and integrated, giving us a more agile business. RESTful Messaging SOAP Service Service Services 3rd Party Data Services UDDI services Layer 7 Confidential 2
  3. 3. What does SOA really introduce. Developers Messaging Based Service Portals & widgets RESTful Service 3rd Party Services Mobile Apps UDDI SOAP Web SaaS & Cloud Service Databases Corprate LDAP Layer 7 Confidential 3
  4. 4. Service security and agility Service orientation is meant to provide agility Security mechanisms and infrastructure must accommodate agility, not choke it Service composition patterns and global security requirements require a decoupling of security from service implementation X Security as a Service, Gateways Container X Agent agility security solutions X Security in application logic X decoupling Layer 7 Confidential 4
  5. 5. What issues does real SOA introduce. Inbound  Registration and API management  Version control  Common interfaces  Reporting and usage Layer 7 Confidential 5
  6. 6. What issues does real SOA introduce. Inbound  Threat Protection  Security  PCI  User management  Federated users  Quality of Service  Performance Layer 7 Confidential 6
  7. 7. What issues does real SOA introduce. Outbound  User management  Auditing and monitoring  Security  Authorization  Reporting and usage  SLA enforcement Layer 7 Confidential 7
  8. 8. What we need Developer/partner onboarding, support and resources API metrics and reporting API versioning, monitoring and performance Faster time to markets Layer 7 Confidential 8
  9. 9. Solution should provide Authentication, access control, integrity, confidentiality Identity federation/trust management Rich integration with identity infrastructure Threat protection Rapid security configuration Off boarding of heavy and slow functions Reduced development cycles. Layer 7 Confidential 9
  10. 10. Solution should provide Message and Protocol transformation - Enable existing internal services quickly and with little effort Cloud integration and security - Rapid integration of on premise investment with new investments in the cloud Accelerated XML and Cryptographically processing SOAP XML To Acceleration REST SOAP Cache To REST Non-XML Crypto To Acceleration XML Layer 7 Confidential 10
  11. 11. Solution should provide QoS monitoring - Monitor usage and performance across technology SLA enforcement - Enforce agreements and protect back ends Flexible deployment model - Ability to grow and adapt with the business requirements Ability to grow as standards grow PCI compliance and implementation Response Time SLA Request Quota PCI Layer 7 Confidential 11
  12. 12. Solution – A Services Gateway Messaging RESTful Based Service Developers Service Portals 3rd Party & widgets Services Mobile Apps SOAP Service SaaS & Cloud Database LDAP UDDI Layer 7 Confidential 12
  13. 13. for more information