O'Reilly logo

SOA in Practice by Nicolai M. Josuttis

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 14. SOA and Security

WHEN INTEGRATING DISTRIBUTED SYSTEMS, SOONER OR LATER SECURITY COMES INTO PLAY. PROBLEMS can arise because many people have access to the system landscape, while not all of these people are allowed to see and manipulate all the data.

This chapter gives a brief overview of security aspects for SOA.[12]

Security Requirements

When talking about security in distributed systems many different aspects come into play, and as usual, there are many different ways to categorize them. Generally speaking, the following categories are key:

Authentication

Authentication has to do with verifying an identity. An identity may be a user, a physical device, or a foreign service requestor. Regarding SOA, this means finding out who is calling the service.

Authorization

Authorization has to do with determining what an identity is allowed to do. Regarding SOA, this means checking whether the caller is allowed to call the service and/or see the result.

Confidentiality

Whether data remains confidential while in transit or in storage is another key aspect of security. Regarding services, this means ensuring that no one besides the service caller can see service data while it is being transferred between the provider and the consumer.

Integrity

The key here is guaranteeing that data can’t get manipulated or counterfeited, such that either the data is simply wrong or, even worse, authentication and authorization credentials are faked so that someone can get access to data she is not supposed ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required