accelerating soa security and gov
DESCRIPTION
Why we all want SOA. Service based applications and Solutions that can be reused and integrated, giving us a more agile business.TRANSCRIPT
![Page 1: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/1.jpg)
Accelerating Security and Governance with
SOA
Aran White
Solutions Architect
![Page 2: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/2.jpg)
Layer 7 Confidential 2
Why did we all want SOA.
Service based applications and Solutions that can be reused and
integrated, giving us a more agile business.
SOAP
Services
3rd
Party
Services
RESTful
Service
Messaging
Service
Data
services UDDI
![Page 3: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/3.jpg)
Layer 7 Confidential 3
What does SOA really introduce.
SOAP Web
Service
3rd
Party
Services
RESTful
Service
Messaging
Based Service
Databases
UDDI
Developers
Portals
& widgets
Mobile Apps
SaaS
& Cloud
Corprate LDAP
![Page 4: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/4.jpg)
Layer 7 Confidential 4
Service security and agility
Service orientation is meant to provide agility
Security mechanisms and infrastructure must accommodate agility, not choke it
Service composition patterns and global security requirements require a decoupling
of security from service implementation
decoupling
Security in
application
logic
Security
as a Service,
Gateways
ag
ilit
y
Agent
solutions
Container
security
X
X
X
X
![Page 5: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/5.jpg)
Layer 7 Confidential 5
What issues does real SOA introduce.
Inbound
Registration and API management
Version control
Common interfaces
Reporting and usage
![Page 6: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/6.jpg)
Layer 7 Confidential 6
What issues does real SOA introduce.
Inbound
Threat Protection
Security
PCI
User management
Federated users
Quality of Service
Performance
![Page 7: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/7.jpg)
Layer 7 Confidential 7
What issues does real SOA introduce.
Outbound
User management
Auditing and monitoring
Security
Authorization
Reporting and usage
SLA enforcement
![Page 8: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/8.jpg)
Layer 7 Confidential 8
What we need
Developer/partner onboarding, support and resources
API metrics and reporting
API versioning, monitoring and performance
Faster time to markets
![Page 9: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/9.jpg)
Layer 7 Confidential 9
Solution should provide
Authentication, access control, integrity, confidentiality
Identity federation/trust management
Rich integration with identity infrastructure
Threat protection
Rapid security configuration
Off boarding of heavy and slow functions
Reduced development cycles.
![Page 10: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/10.jpg)
Layer 7 Confidential 10
Solution should provide
Message and Protocol transformation
- Enable existing internal services quickly and with little effort
Cloud integration and security
- Rapid integration of on premise investment with new investments in the cloud
Accelerated XML and Cryptographically processing
Cache
Crypto
Acceleration
XML
Acceleration
SOAP
To
REST SOAP
To
Non-XML REST
To
XML
![Page 11: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/11.jpg)
Layer 7 Confidential 11
Solution should provide
QoS monitoring
- Monitor usage and performance across technology
SLA enforcement
- Enforce agreements and protect back ends
Flexible deployment model
- Ability to grow and adapt with the business requirements
Ability to grow as standards grow
PCI compliance and implementation
SLA
PCI
Response
Time
Request Quota
![Page 12: Accelerating SOA Security and Gov](https://reader033.vdocuments.mx/reader033/viewer/2022060201/5599e1141a28ab44318b4727/html5/thumbnails/12.jpg)
Layer 7 Confidential 12
Solution – A Services Gateway
SOAP
Service
3rd
Party
Services
RESTful
Service
Messaging
Based Service
Database
UDDI
Developers
Portals
& widgets
Mobile Apps
SaaS
& Cloud
LDAP