SOA

SOA - News, Features, and Slideshows

News about SOA
  • A business-focused approach in SOA design, governance

    If you listen to industry discussion of service-oriented architecture (SOA), you are likely to get the impression that SOA is best thought of as a technical approach for application integration. The reality is that SOA is much more.

    Written by Randy Heffner04 Aug. 11 04:28
  • SOA security is getting better

    Although full SOA security maturity is yet to come, 30 percent of organisations now use SOA for external integration with customers and partners. For standard web services using SOAP, WS-Security has achieved critical mass as a foundational standard. On the other hand, advanced SOA security - involving federation among partners, nonrepudiation, and propagation of user identities across multiple layers of service implementations - is in its early days. To navigate the path from what's practical today to the future of advanced SOA security, establish an iterative design process for evolving your SOA security architecture that considers your current and future security requirements, emerging industry specifications, overlaps in product functionality for SOA security, and possibilities for custom security integration.
    As a baseline for designing SOA security, the simplest way to secure SOA requests and responses is to place them within a virtual private network (VPN). The most common method for external SOA security is two-way Secure Sockets Layer (SSL), which: 1) allows each of the communicating partners to authenticate the other, and 2) sets a high bar for security: Hackers cannot even connect to an SOA-based service unless they steal a certificate and key from a service consumer. Although VPNs are relatively easy to establish, VPN-based SOA security is coarse-grained and offers no ability to support advanced functions such as: propagation of user identity across multiple layers of service implementations; coordination and federation among multiple security domains; and strict nonrepudiation. Also ongoing management of certificates can be an administrative burden.

    Written by Randy Heffner25 Aug. 09 22:00
Features about SOA
  • Cloud Computing Poses Control Issues for IT

    Though most U.S. companies still list customer and other corporate information as their most valuable assets, many keep pushing this data farther from safe lockdown in the data center--and are about to give it another strong shove in that direction.

    Written by Kevin Fogarty18 May 10 04:42
  • A Tale of Two Architectures

    IT budgets generally follow a fairly strict and predetermined process throughout the fiscal year. Managers are well aware of the fierce competition between the contending interests of IT. Service-oriented architecture (SOA), with its promise of reuse and interoperability across the enterprise, is often an easy candidate for funding. That's true all the more now, as successful examples exist and executives become aware of SOA benefits. We're past the hype and into the real world.

    Written by Dan Rosanova17 Nov. 09 08:57