ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

What defines SOA security?

user-image
تم إضافة السؤال من قبل dana tutunji , Architect , Helou Trading Co
تاريخ النشر: 2013/07/04
Mehmet Akyüz
من قبل Mehmet Akyüz , Senior Architect , Software AG Australia

Hi Dana, There are several aspects to SOA Security: - Traditional IT security, basically information and system security: Systems exposing SOA services must be properly secured (located behind DMZ, Reverse HTTP Gateways, solid authentication and authorization etc.) - Vulnerabilities brought to the table by SOA: SOA is based on the idea of business and IT capabilities exposed as services.
That means a fraudulent app or person who has access to the service also has access to the information provided by the back end systems.
I.e.
services can be exploited as back doors to back end systems.
This is essentially critical with services exposed to extranet/intranet.
To avert such situations, there are some standards for service encryption, access and secure messaging (E.g.
WS-Security, OAuth, SAML, WS-Trust).
Also, it is common practice to have a SOA gateway which acts as a central watchdog for services exposed to internal & external consumers.
Hope that helps, Mehmet.

الاستاذ محمودحمدى ثابت
من قبل الاستاذ محمودحمدى ثابت , مشرف امن بالشركه الفرنسيه , الشركه الفرنسيه لانشاء المشروعات العملاقه والضخمه

انا مشرف امن بالشركه الفرنسيه

المزيد من الأسئلة المماثلة