Organisations are embracing SOA because of its promise of improved IT management, flexibility and efficiency but security issues are still causing many to proceed at a much slower pace, or in some cases, not at all. SOA-based systems are often geographically and organisationally separated to provide services from disparate suppliers and technologies. This requires new types of security defence. As with all technological advances it is essential that the security implications of deployment are fully assessed. This is an area in which we can support our clients as there are many risks involved and in the key markets that we operate, operational failures are “not an option”.
Our Approach to Security
Our approach to security is risk-based and ensures that the security of the system is known and manageable with remedial action applied proactively. We can monitor (and control) the security of the entire system, demonstrating value for money and providing client confidence. We take further practical steps with SOA security: a repeatable methodology and practical experience with key technology partner, ORACLE.
SOA Methodology
With the principle of “Think Big, Start Small, Move Fast”, the Go-On method has been harvested from Logica’s many SOA projects across Europe. Go-On is a process modelling methodology, centred on the collaboration between business experts and modellers. It addresses traditionally complex security topics of cross-domain collaboration, for example: stake holder management, multiple system integration, end-to-end quality of service. The resulting models are delivered directly onto executable BPM tools.
SOA streamlines business operations and technology to provide the opportunity for a more coherent architecture and the confidence that the client has the best value from its security policies.
Our Partnership Approach with ORACLE
We are uniquely placed to realize maximum benefits from ORACLE products post its acquisition of Sun Microsystems, due to our in-depth knowledge of their technology, especially where knowledge of the security features of the products are concerned.
Just one aspect, let’s look at how the components in ORACLE’s Fusion SOA Suite 11g address security:
Policy Enforcement Points (PEP) are built into WebServices Manager. PEPs cannot be bypassed and are responsible for applying security rules enabling three benefits: end-to-end security, failover control and optimised performance.
Oracle Service Bus provides a scalable SOA integration platform to mediate the connections between services based on heterogeneous technology in particular, authentication. This particular aspect is critical in Multi-Level Secure solutions where a single user’s permissions must be held centrally but accessible to separate security domains within the enterprise.
The BPEL process manager can orchestrate multiple services into a single service including acting as a wrapper to simplify security management to legacy applications.
The SOA Suite rules engine allows key decisions logic to be abstracted out of individual services and managed in a single repository. Inviolate security policies are built into PEPs whilst business rules are used to manage areas of change, for example, in response to evolving government legislation or local departmental rules.
Logica
Skip to content
