SOA Governance & Security
XML and Web Services Security redefined.
More and more organizations are implementing a Service-Oriented Architecture (SOA) as a solution for complex integration issues and to make their ICT more flexible. An SOA serves to break down the dividing lines within organizations. However, this increases the need for security, for limited access, greater understanding, monitoring and reporting. Existing forms of security such as firewalls, transport (SSL) and network security (including VPNs or IPSec) are no longer sufficient. To protect business applications effectively, it is necessary to take measures at application level — measures that do justice to SOA’s basic principles.
These include questions such as:
- How can we exchange identities and other relevant information in B2B interactions?
- Who has access to which web service at what time, using which device, in what role and what capacity?
- Can we discover after the fact who used which web service and when?
- How can we prevent web service overload?
The concept of Policy Enforcement Points (PEPs) takes on these questions directly. Using configurable rules, PEPs can take over security policies so that they don’t have to be hard coded within the web services themselves. What is more, PEPs can delegate processor- and memory-intensive tasks to specific, dedicated machinery. This takes the weight off the Enterprise Service Bus (ESB) or Message Broker. This saves on license costs and improves end-user performance.
ION-IP’s solutions offer business processes the best available support and help to decrease risks and costs.
Downloads
- Article - Beveiliging frusteert SOA Concept
- Solution Brief - Federated Web Services
- Solution Brief - Indentity Based XML Firewall
- Solution Brief - SOA Policy Governance
- Solution Brief - XML Intrusion and Threat protection
We work for
 |
 |
 |
 |
 |
 |
 |
Solutions 
