Enterprise SOA Solutions Meet Three Key Demands

BEA Systems enterprise SOA solutions provide security infrastructure that leverages and extends throughout the heterogeneous environment. These enterprise SOA solutions fall into three categories.

  • Enterprise SOA Security Administration: One of the nice features of a single sign-on solution (which this is not, but one of the nice features that BEA considered worth including) is the ability to administer policies and security services and provision security services through a central enterprise console: a central place to configure the system, regardless of how distributed it is — this functionality isn't sufficient.
  • Localized security decision making: Security functionality, while distributed, must allow for security decisions to be made locally.
  • Unification: The ability to unify a disparate security framework. As IT organizations integrate their heterogeneous environments, they "discover" security solutions dispersed throughout the environment: one for each "stovepipe" -- sometimes even multiple security solutions per stovepipe. The desire is to be able to unify these security approaches so as to obtain a common view -- plugging in additional security services as necessary. Just as a SOA is can unify the business, so a security solution must also be unified.

BEA Aqualogic™ Enterprise SOA Solutions

With respect to BEA Aqualogic™ enterprise security and the notional architectural patterns that it implements, there is the application infrastructure near the top -- consisting of multiple tiers -- within the SOA. And rather than having multiple security points which have to be administered, configured and programmed separately, BEA has "abstracted" all of that centrally. This approach enables the unification of a security infrastructure that provides services such as: federated identity management, distributed application security management, and the capacity to leverage existing security implemented on the services network.

Enterprise SOA Solutions in Perspective

Key features of enterprise SOA solutions include a central, administered policy server that permits:

  • The administration and configuration of policy roles and adjudication roles
  • Provides the benefits of a single sign-on solution, without the negatives of employing a central runtime server that requires "manual" communication at runtime to provide authentication and authorization

BEA has taken the SOA framework for security and, through the use of environment bindings, provided the ability to distribute that runtime down to the local environments, and push a filtered set of policies down so that IT can simply apply security to local nodes. All the design-time decisions are made in the administration application and all the runtime decisions being made locally.

Security Standards Implemented in BEA Enterprise SOA Solutions

Another important consideration is security standards and accreditation. Apart from implementing a significant list of industry security standards, such as X509 and Web services security, BEA has also taken care to implement U.S. Federal government security practices.

Enterprise SOA Solutions for Security: In Summary

In conclusion, several points with respect to enterprise SOA solutions for security ought to be borne in mind:

  • Security infrastructure needs to be "fluid" within the environment. As the environment changes, and as needs change, IT must be able to react speedily -- employing composition tools and leveraging the existing service network elements to the fullest extent.
  • Having to build a SOA security solution from scratch without leveraging the security investments already made will fail to provide the anticipated return on investment.
  • Finally, the security infrastructure must work in conjunction with the rest of the service-oriented architecture to deliver the sought-after value to the enterprise. A stand-alone security solution that doesn't encompass the security paradigms that are necessary for messaging (e.g., the enterprise service bus), for data and for the rest of the SOA is going to fall far short of realizing the promise of SOA.

For More Information

Could your services network benefit from the latest enterprise SOA solutions? Find out more: download the free webinar, How Enterprises Can Leverage SOA to Share Information Securely

What Enterprise SOA Solutions Can Do For You

Register to watch the On-Demand Webinar, "How Enterprises Can Leverage SOA to Share Information Securely", now.

Note: The items in BOLD are required fields. You must supply a valid email address to complete the registration.


First Name
Last Name
Company
Title
Job Category
Industry
Email
Telephone
Address 1
Address 2
City
Country
State/Prov
Postal Code