At first glance, there seems to be nothing special about SOA security. After all, it (as with other architectural scenarios) involves the same basic topics as authentication, authorization, identity, trust, confidentiality, integrity, and policy management.
Even so, the SOA architecture is more difficult to control safely-enough to make security analysts tired of dogs.
1. Security can not violate SOA design principlesSOA services can be taken, loosely coupled, discoverable, and synergistic.
Security is not a hindrance to SOA's 9 design principles.
2. Legacy Security ModelSOA is often used to encapsulate legacy systems. SOA is a good way to open up data and processes that are trapped in legacy systems. The problem is-legacy systems tend to never consider openness and flexibility when designing.
This also leads to a number of headaches in SOA security issues. Legacy systems often have a dedicated, hard-coded security model-which is completely incompatible with the SOA approach. It is dangerous and costly to re-encapsulate legacy systems in a new security model.
3. Open serviceTraditional applications are often heavily reliant on firewalls for security. And SOA does not have such luxuries.
SOA services tend to span the boundaries of organizations and networks. In many scenarios, SOA may be exposed to partners and customers.
4. High-value targetsCompared to a classic old school application, hackers steal a SOA with a much higher degree of proficiency.
SOA services have the ability to achieve high levels of functionality-through multiple data sources, multiple triggering events, multitasking, and multi-process collaboration.
5. Easy to findThe standardization and discovery of SOA services is a dream come true for hackers. SOA Service design follows easy positioning and invocation.
6. Open to CustomersLegacy systems often have point-to-point interfaces that are hard-coded through predetermined connection points.
SOA services are separated from the consumer of the service. Security tasks such as authentication must be dynamic and flexible.
SOURCE Link: Why Security professionals Hate SOA, Release date: February 16, 2011.
About the author
Anna Mar is a chief architect with more than 18 years of experience in the financial sector and currently works for a telecommunications company in Tokyo.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
