IBM distinguished engineer talks SOA security
August 12, 2008 —
(Page 1 of 2)
In a service-oriented architecture, where boundaries are exposed and services are loosely coupled, identity management, policy enforcement and some automation are required to secure information, says an IBM distinguished engineer.
Raj Nagaratnam, IBM distinguished engineer and chief architect of identity and SOA security, discussed with SD Times the crucial role that he believes identity management plays in SOA security.
Nagaratnam said that federating identity across boundaries is important in a SOA pattern. One method of doing that is to utilize an ID service that acts as an identity medication hub. Different authentication is required along the spectrum of trust, he noted.
For instance, OpenID is suitable for authentication when no critical enterprise data is exposed, whereas SAML (Security Assertion Markup Language) enterprise-level scenarios provide stronger security, he noted.
IBM renders its Tivoli Federated Identity Manger software as a Web service, so it can integrate “into the SOA flow” with a third-party enterprise service bus or mediation appliance, he said. He added that identity information in a SOA context is necessary for providing service level agreements.
“The service can be used as part of a business process to render entitlements and [business] rules,” he explained.
By extension to identity as a service, IBM realized that developers also need a consistent way to enforce policies for compliance in a loosely coupled environment. Not only should users have identities, but services must have identities as well, he explained.
As an example, a claim service may need to access a credit check service on behalf of a company’s claims department. It will have its identity taken into account and be granted access. Policies provide for that capability at enforcement points like ESBs and token services.
Tying identity to policy-driven entitlements is the next level of granularity IBM will offer, Nagaratnam said. Big Blue will be introducing a product called Tivoli Security Policy Manager later this year that will offer policy management with WS-Policy and OASIS’ eXtensible Access Control Markup Language.
Policy management is particularly useful for composite applications, where different services are composed together, he noted. Security Policy Manager will use metadata as context for managing entitlements. Policies factor in metadata about services, the service provider and the environment that is being used to access it, he explained.
Related Search Term(s): identity management, security, SOA & SaaS, Tivoli, IBM
Share this link: http://sdt.bz/32695
Most Read Latest News Blog Resources
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Zeichick’s Take: Radio moves from analog waveforms to digital packets
Streaming radio highlights the need for streaming applications to be designed to take up as little bandwidth as possible
|
|
Appcelerator Acquires Cocoafish to Add Instant Mobile Cloud Capabilities to its Industry Leading Titanium Platform
Appcelerator Offers Messaging, Social, Location and Storage Mobile Cloud Services to All Mobile App Publishers
|
|
ComponentOne Releases a Collection of 40+ UI Widgets Powered by HTML5 and jQuery
ComponentOne has announced the 2012 release of Wijmo: a kit of UI widgets for HTML5 and jQuery development
|
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Top five apps to manage your workload
Web applications offer new ways to track your “to-do” lists
|
|
Not so fast when it comes to testing in the cloud
Developers face outsourcing, virtual lab management and mobile devices as obstacles
|
|
Xceed releases UX-focused suite for Microsoft’s WPF
"Blendables" helps match user experiences to developer visions
|
Are you at risk for burnout?
Burnout is a severe problem and it can strike at any time. Here's how to tell if you are nearing the edge.
|
|
Agility, mom, and apple pie
If we're to evaluate the state-of-the-art in software development, we should start with the values espoused in the Agile Manifesto.
|
|
RIM woos developers with free tablet
How do you get more apps ported to the BlackBerry PlayBook? By giving every developer a free tablet, of course!
|
|
GitHire: Use Headhunters to Find Your Perfect Programmer
Are you a hiring manager tired of scouring the job boards? Check out this new service that will find 5 people interested in your jobs.
|
The Hidden Costs of Software Licensing
Moving beyond paper-based software licensing to more flexible, software-based licensing is a business decision. There is a growing trend tow...
|
|
Case Study: You May Need a Development Mechanic
As a contractor for a major financial player in Germany, SOBEGE, a German-based consultancy specializing in embedded IT and web services, wa...
|
|
Ensuring Software Quality at a Major International Bank
One of the world’s leading international banks has adopted AgitarOne technology for delivering generated unit tests for their Java software...
|
|
Load Testing Adobe Flex Applications
Adobe Flex applications may be different from applications you’ve worked with before. For classic HTML web applications, the server does all...
|
Related Articles
News Briefs: January 15, 2009
Cigital and Coverity partner together to improve each other's products, Scio Consulting creates services for SaaS environments and AmberPoint integrates its SOA governance and management precuts with Microsoft the Microsoft platform.
|
IBM expands WebSphere's framework support
WebSphere Application Server 7 also implements runtime provisioning and OSGI-enabled dynamic deployment to lower the number of resources consumed. New management functions for multi-component applications are included in a long list of new features.
|
Red Hat prepares complex events processing for SOA
Updates to JBoss Enterprise SOA Platform and JBoss Operations Network lay the groundwork for enhanced CEP and rules management. Beyond that, new security features have been implemented in Enterprise SOA Platform.
|