SOA Security

Anyone seeking to implement SOA Security is forced to dig through a maze of inter-dependent specifications and API docs that assume a lot of prior security knowledge on the part of readers. Getting started on a project is proving to be a huge challenge to practitioners. SOA Security seeks to change that. It provides a bottom-up understanding of security techniques appropriate for use in SOA without assuming any prior familiarity with security topics.

Unlike most other books about SOA that merely describe the standards, this book helps readers learn through action, by walking them through sample code that illustrates how real life problems can be solved using the techniques and best practices described in the standards. It simplifies things: where standards usually discuss many possible variations of each security technique, this book focuses on the 20% of variations that are used 80% of the time. This keeps the material covered useful for all readers except the most advanced.

• Why SOA Security is different from ordinary computer security, with real life examples from popular domains such as finance, logistics, and Government
• How things work with open source tools and code examples as well as proprietary tools.
• How to implement and architect security in enterprises that use SOA. Covers WS-Security, XML Encryption, XML Signatures, and SAML.

Dr. Ramarao (Rama) Kanneganti is Chief Technology Officer (CTO) at HCL EAI Services. Rama has a Ph.D. in programming languages from Rice University, and worked at Bell Labs in databases and large programming systems. Currently, he advises enterprise clients in formulating and evaluating SOA strategies. Rama works out of Grosse Pointe Woods (near Detroit), Michigan.

Prasad A. Chodavarapu is General Manager (Technology) at HCL EAI Services, Bangalore, India. Prasad leads service teams designing and deploying integration solutions at enterprises world-wide. Prasad’s current focus is on the use of application-oriented networking technologies to implement and secure SOA.