|
|
|
New Technologies Help Improve SOA Security
By: Darryl K. Taft
2008-05-14
Article Rating:  / 23
There are 1 user comments on this Network Security & Hardware story.
New Technologies Help Improve SOA Security (
Page 1 of 2 ) SOA security gets a boost from patterns and creative use of security specifications.BALTIMORESOA security gets more complex in the world of hosted services, cloud computing and software as a service. But approaches and specifications like Enterprise Integration Security Patterns, Web Services-Policy and Web Services-Security help alleviate some of the complexity.
In a keynote at the Web Services Security & SOA Conference and Expo here, Eric Newcomer, chief technology officer at Iona Technologies, said SOA is often deployed in heterogeneous environments where services abstract business logic from the underlying technology.
However, security federation is required to overcome the complexity and challenges of emerging heterogeneous systems in order to bridge domains and apply single sign-on opportunities, he said.
Moreover, the WS-Policy specification can be used as a bridge, "but care must be taken in publishing" services under this specification, Newcomer said.
WS-Policy provides a framework for describing the capabilities and requirements of a Web service. It can be used by Web service providers to configure and set requirements, and by Web service consumers to select alternatives that satisfy a producer's requirements.
However, there are some "gaps" in the WS-Policy specification, Newcomer said. For instance, some security policiessuch as the specification of key materialare not defined in the specification. And WS-Policy applications tend to be oriented toward SOAP (Simple Object Access Protocol) and HTTP as opposed to other types of protocols, he said. "Esoteric bindings and protocols require proprietary extensions," he said.
Which is better, SOAP or REST? Click here to read more.
Hal Lockhart, an engineer who works in the office of the CTO at Oracle's BEA and is active in various OASIS groups, observed, "My attitude toward WS-Policy is it's probably good enough to go out and use and get some field experience and see what works and what doesn't."
However, he said, "WS-Security provides you with a lot of options and flexibilitymore possibilities to protect data and also use it for complex e-commerce scenarios to handle more complexity..."
Newcomer said Iona has some customers that "have been doing SOA for eight years now, starting with CORBA and now doing Web services."
The company now has more than 1,000 Web services and is beginning to look at opportunities in hosted services, SAAS (software as a service) and cloud computing, and the security requirements involved. "Our business is helping companies with heterogeneous computing environments," Newcomer said.
But several questions arise when it comes to securing such environments, such as how to best supply security for multiple middleware types in an application technology mixture where services exist at the endpoints.
|
|
�������x}r㶲s\@♵M=RJdؖ�I*�%B�cdHʶ~b:?qt�M�Ze2{<56I�
h4��Aȹ�=!�1(ٟ9#ޙ'w>{�(ˑ�ԫ��Q]}�wW7]̉]ύ�P/�a��l$R{'wx�;`KQ{Q
�eɔiP�لި/3}B}�F�7�\�3�m��gb�^�Q�$ЁyG`azNtob셨�!)*Bd+B(?c
c�?C=z'C�p�_Ca5w0vJ]K_�n�CVl�fesV�V^���s9Fȹ�3�Z$nPr&NWw#2�5AR
ZB[�;4�EOeCc7`wX�S.PVj̴9g�u[g�c=ױ}ǣ��.&�$fF�=l~0k��Q�M�+�.lZJP'C;)X�۱2˭�]6֯gU�^v9s8$sz3
�wZEؘ*�
=�q7tJa��H��9��vL=:-�yÙÌ6mަ扯 "w<0MߑRMRs?#1?_4RW�;'$'MD[�9�0o-Yn_H.MT,,� Q2o�FU
x��%�4Ȍc�P5��49�];L~}M#Zf5Mn�"d�>h�,.]=w�� a4[=RFp �\� ��a�CXذ�6�,%̛�hJ@d$e��$�=hI,E]!fd}N�}�%I���F'ݨ �p;p|g��͇z1s�a
�>�0���sF}j�I
�t"�v|hsc�мy��na23fB?�Jy7t(
u�4/f��{@`\@Z�8`�88ʬ��E�8��sB�7}��`@JwiC���1�QB�\jCx;�k1
�%@�H ���I#r���*��B1,`@n!� P
ЋR1�Jl�Ri !sg�RTD=7 KŔ>*%�qRPٜ�*,%5M�GѺńHVFND��l�P��PW)J|�z[.z8
9�r!�
xU��i!3'Xe�ofД
/�k|*~��(�tzS\O�Όŕ$����Њ'Nѫ6Uc�pilٔo-V,J?Ս͋0z1(�+úTZ�jp �H#oh��m^xS֧6R(k��ͅ5ò�=R@Q"rCx�EZR�����Ws���(
TM.R?62ai;aՒhx�K[�@� �ʸA�nH� ~g�&�ʥ�ë�;q\�cO�zu@nzcg@>ؠ�s棄ZXpܩ8hQ�*}a�3*4&0Sӹbp=q�tX0d}9[��8[%�n//�+�i{u]ؕ.R\�|zn� �>0p$'jL?�plZ/R7&ğy;ڈy��SQ_.)�UQH~�2��;2.eX PX6mJ�r�'j�Y�$tEi.ڴ�0y�(pE�6a �dh*O|qNx8�CX�E�N�4b��6��>��\PX�t>� r��+b$[����T�:$f��߂äh�:,G$��=4nj}3ʫ�2�y��gz,RT�j%Ɔ86*GERfE`s�ϏyK�=�"1t�}�81о< __�p˻S~~6�Fi�Y8�A�T}f6݁
/�r/�4�|tqZE�L�YvQ�'ЌȐ0v��ʌ5TJb��c�0]((*H3�sazt��ݛyh
dEM\CNHlW��19L4qW;��'�R�L�uf�}ɲI�Pё�I�eA:�ݐ��,n`wY�0�>AC5"耰��#L`f0%�)
=m6QJs�8-"vV�;ﻗԴ)�R+b::>J�Я�צ瞏�+ӥ����,ć#�
4k
{.�*Z+kiyFW܇v1"�����ር5T��ӝ
Mt�8&�곕�jJ
~vsVUy�9k�Z%�f+FLY5=:YCܐ,,km�
{~L>\TS(.>MP�*jII�z,`weU1n=m0V�VhW`Zd&s�\
%\{s��iPo)Qr�3[Y.)Ӕ�Wϰ�:3�Rb��
kȣ^h#e[��,�C�(1@ A�D@";n�߱?%
?�S-2GSq-�Ϛd�~�y0�{tZme_:m^t?�� ��~m?<u!� {ߏ��j}J�xY�ԹluHJG��5�ή�/[RyG�Q^��ٷf�� �K R#bv}ɶ3jZ3隗a
O�區��
�wsѼ>\tOk~Rw.R1~Jy0#F<]��(d�
srn^� 6b�7�`[&I9D=Sk�!F;&W쐶C վt[kN,WZXKR!�m&۪1�>Cɢ<��mFp6[Sx~WX*��5�̀?|CCJΎ/�(G��@�R`OH5['#Zystb;-38Ǟw}�hh��!�i�:Ua2^�XJI�!)W$f'e�3jt(�6�F_��ٿ�z½�~i�
T
�t6~O�+0waAd^kF+9mԓZO{~@H
y��?9/g�S�IBعQ�e(n2�~x �A\~j_��i�Ԏ(%T�\
'���l->;8��cl9a�(��.p�$�Zde^#ݒ2p�9GK2)!M�p�)|Lh�'IZV�6X(��4%!4TNԌObCYA*='�һj^np�P�pR.�PsqsXd<�s��GÙ馍]LV\vyo_{�
+�#A�I��#QG
�Uy�Յ_>���TdwD��/'Ny�Z7�N{m,d�1]foc_n; i�cP!Z�SϏ%ɘ&B�AWU-u+lko(j�Y9sJeOVr{d�,�'^�d1�Pdƛq
+��m3{G{�}!F.u01s�dx%?_gpKw�
�zKk}D*]s25Q#�v%ދSq{e�j�ГG�
�mזB�}ȿ
LĴh�g2덫{L�sL:�~d_>\j[@c鼱��2��>
ACؖrbL��d<$J��;�o�mܭn � B�;BJ��<$N=Ǟ-���!e_�Ц ŵcZ:��
?qVԱ�Q*_��2$;l�ߖ��ŗc3�Ocp5U�)�&%ŗ`.oTz˭M ��ܻ'Vx�e86[b[05| �^K�ֈi]a52�љF]U��L4��ձU XZwÓRCDX�5S:�'oz[ҙ4铎=tt�f�/�G>�ԧ3ӆUeqd]^!w�EUU)59F1:�v�Z7Y�@�eFI�NS� ?U!*!-px"�ځ�Vz��{1 c}ҭ9%gKipO4�Н~[/�>H8ԇW�} ��ŦA|]R�;�ˢ�D,1w}�!�`h/a(a�Ҁܒ��$7 ����dB}$Kvw2$g@^ d)uC:?�Nh�6�Γ1�a�~odV7f]
� �*XȨ@ˮ�c2@1|bhGc�J�%B�
p�O,3:�vT;ɂ9�wA
;ntb%,xDdJH^<��=xrY[ȟ7 O%8;�=R*jmM؆ͧJZ=*JrQ)�6GpcNn>/`�&��a(lJ
?�X? ��{&�qϓs�P�cxQ)ˠޕ)^ws<6z|p���ò/� twI�gPZ��qix(�9hĀk_oĿ�6^�~t �֛7�^~O�k>P��@mOs8�0�w'AnKU\K�%6R�Z/G[NV@e6B��Jg0��fbY3wpQŨWB�%|� 0(-^I�Ũ%־,_P�?ytIC˅@}�HTn)#�=
Kd۟ٝld&ޙYyFS*Vx�v
ʶR~Y��lǢ b>ҍ*x)ujKs�z�p`),�USj�#r'�. J��K,�L�l^}&zB<��|�ت����6ұ5R�tAXE �%W=1> r�(IJu�`�2�z;8�����W�3~3~3~30zZQoE[nl�l30pp9-�3;Vp�K1T<$�8#�Ă?C
x[۹1ڗ_�E <�+'�ݒ^
m�MB}gby ��1{q"A�fʦ1� D�A$�0$a�Ce%z{��(%�^YENN.8�8�8`E6eEa&<&ʓW/A�lY�3̆e�)sbwmyR$51$/WԢ�bQD��/�:$� �k�9�%¡S (c��%<��Qwuc�[ċG1�c|�NhDf*]��6\gM�F2:[v�|_c'�>�>IzdapI��/�jK:-
k$wM7�7�عW:Eml��H\�~��#i1>�PoB_�e��%�ջPXdL_GG�@��$�)t�bs^!L�G��JN��$�u1ݏzew�[f�4\:�w\t�n-Q)R.n��o0lW�fhg*y�$!�"4�_�IJT4Zr,��:���,b�Z'-�nF� �TՇB!9͑;v���
JF���{䦯f�[֟r+ׄ�T| _|�`�'ޚ'�`�10n���l�B!٩LfDRso�A۶{{�Ʒ�`�W2;>�O�0,]�{̹+!fxk,Y^.Ypyf��b�~��2oH�@84�QY#6D��kIHg�c;w�pv8c[�@Qb���
�7�
z.1��;>e�Νc�o�Hj3#M{]ڋK۪]�=�t} "2�:`Ӳ�$y�oc&ݴ],hMVHm!�90h�ǘCй��B�Cn�~G��,�C�ӏ"yv�h���/�UZ+Hҙ�;d
G���@ǵx�/�HC
g�aN&WʃOĻ/
2ä="LS}�զ��0a��"�:n6M]��wHz@~�RJ~/`\�t;8~/�'�&ФC>ybq?Lq)?G(q��[Tʧ[@9r���W.�_.4=Z1*(l5�X�:˘*juڷ���#,%v��w�{@R]ְhc!�N4�#nIA��w7iG?�S9E=я>�/V8΅c��,9,7i>�$Ʈ$��%5zH�JH�0۶CX�^qU3"�h�4cu\]S[Ήݭ��R,%E�9��E NE�7&��Xx�U!X8�"/2dБ1=���^P_7`;LV��\sj4�1��^f�R6&ƘsjxVQjzvz?f�.I^:-vi=^^@F�]1a%TA9-0Q�5=�]F�\U
B�(-~0{�1
]hu|WYU15ъXU�0y�j�DZGaW�(z0Մw|�W\AO[jsŵ�Bfnu&��CKoY##.4Ĩ
�pB�Km�$�"u'��3�#x��6٦i�K�pʭG-4��<�^�`u�*emnhk��3uqݗ'V5U*�c[VTi�xPn�*93\�>=0_zҧ%Ekɽn=/=�y��rmݳ�*t�
�Pу%�3gt�LxxX �B�k�B�ay
�pr�|jq_o�j&1zq2wr�k q���XC
@W�ݹHu+nl@B�
ęvxyюUݺ5n�t)6AP�;{1~bϋ:Z碷'�+E�KxfZ-j%V㬤{4K,2;��f� u[M�@ئ��\:2u|G,%_ۄ�J�zVN8�LX�.�TQ6���O_ň�\>fD+9m�._!Ƙ��O(|Doq$
� Ĉ[ bV&wܠf~z�*ڟ'2t/xq�B
�=Jl~C#hM,�|U:��l|%w҅nZ,E��f!BKI^P>�� :{ᛂrP�Z-E+�Gǻ/�t�X0+b=#-#k��< w�{30,�!ԓG�Ľ)Ӏ�!gTVIo��H"]�Y#�`�xM�(F윓M{ha��3Gym"���#�yh;fQ�?�=4S� C�_좼"�
2��xHt>v.Wם~qjz0�a\_[e(�L',C rzټh3=eNq(g�}\H�E�<�^;OK6E�Geqy�^
�ۋ'a?)e;̋ QW~0`b_��)oZ^OVk!??Ցt.1]r��RO-:
�nzf�h9��PC=W\ᑥ �@AC2?C�<�>v_d� d�^d�s�EF/>/2�">G/3 ?e�d_@EF:e^�\f%euwAt3O�K7C\�}\e�(
sA?=/=/}~��ڜ�c�}}OYпO���HJ�ɠ�&��Ku1�Az3ϚWpz~="9H/��R**_�~J%iFz
3YY�zvAeX^e\52ௗe}dlҹ:鶒
q�ʕ({�^S_xڞ馵Qq뭤M��n@+G{2Th�
k[
yH��GU4<, X12fmO>^w�Ҿl�gmў�d鋠,MDB�'pXc(+"B7�4�\9Kq`�B]SK4hgO�WnTј�؉&3�
P7�#D�:ɹT.jZQo\)Uʹ俓kD2����z@0a@
jJ]N�-JT�L��3DA�G���]{ۆJ��ZCO�3CX*ḇ}kt%��.�|c�ztbԶQ�U,��Yi^Rdp��YT�97I5�@1�L�o�9X�j-/#R�^W!K\.͙�xPZjt3R����+�D��P:䣿�t؝40X9+h�w L�t[V
ݡR�'M |<^2�u�[�o�t�_=x#��v�.LeUzyv;;28��,^bٴdQfmS�#͢��vQ0H�k'l�ybb)ub�rށ29�9$ǚ�뽻D}f�I��\#u{̲��T{aw�9�.�]C?y%
��5�w��-�Z�DNY
�nܸ|3X�#8��ŰkH{{LRg�AL
@qf5h_׃4Qr�
f$ǖ1x_06:�)+xl�ӕ�QbWbN˩�r
�fWBr�O\�{�saߖ�?fGӳ֎mb"uMݍ:Sם//U`�;_2}v�c1x�Y��|1�C�8$´���Zy&�x
D了mv����K=cM{P캀�;o�w4=�8B8L%i'PǁpO`�z�F�:!31Q)֒�_�Ogwcǁ;MZK9[۲"/�H&�]�a��)+KpK+yGhRݠ_[=$�sDc݅� ۠(b/,%���* >��
,��ARh6�N�~Ou+J'x�?��j7;5m� e]ƌaiѶ��Z
�Q�O~j^O(Ck
�66X�}B�҄g;Oulם8G�
d�d!yִ�-�QLVFׁݞV���Xo}
8�O.�h|�ḿ XuC(Dђ�P�-�9@+7A{.LJ��B ={Qg`��wDl�.��*OYE
hWa+e76KLPOl3
&���
: "9BU(];<#Vs��/>yGׂ=��Fa|ht-+F��!giW��e�JpCֶ)�tnO�˰��ANx3NE�s^��rX�ٻ"q:#vKѺ
v�7"�!a�^nѡn-/ـ9�@����3=*Nuf�94lBd�JE"î,:u` {黶w{�7Ȱ+]y�c�Q1V)?Hl}}CX�,ٰ���qWO�xH>%7mAb�;�ŕc�)>�-��]8S�<�Z��.VN-F���75w�SF�\��<��A�C1Xq]� @c݄6:��.�@W6��54�b>�Y{&���W[OP��Q�y6:|�� ,�ݐbZ��"�NDrI)�9=O9N*LH6c?t�ft���@í]�^g"a?<#�/ahɑ�>sχA�Ă+<"e�})Ix�)/ρ.�ȟ$#}E.4�8b�@T,z핋f?Pv/isTO3t[?��?{��?;K:ˌ�Xi*.㉓oڝ5'u��>͓�gݏ-)h!/-(j�"ON`��!XfչɜK�RUk$5XffLN$ƇZھ �wm&l2)v}m-c6�]-�{�
�{+��
|
Network Security & Hardware 
