Securing SOA and traditional infrastructures

Want to implement SAML-SSO access management for traditional and J2EE applications?

DOWNLOAD THE WHITE PAPER

"Securing SOA and Traditional Infrastructures"

To receive a copy of the white paper by email, fill in the fields marked with an asterisk below.

By the way, you appear to have disactivated JavaScript (this may be a result of very restrictive browser security settings). If you turn it on, you will probably find this site easier to use.

* Yes  No
* Yes  No
* Yes  No
* Yes  No
 * Yes No
 


Also available

Abstract

White paper thumbnail

An SOA can be secured by implementing a set of mechanisms within the NAP (Network Application Platform) to secure exchanges between the Service Providers and Service Consumers.

These mechanisms are part of a group of Services that can be referred to as technical basic services.

The basic services include service addressing, message management, SOA monitoring, identity and access management. The technical basic services dedicated to identity and access management must enable any Service Provider or Consumer to verify the identity of the user associated to a transaction (even if this user is a server), and to check that the user actually has the right to carry out the on-going transaction.

Generally, these basic identity and access management-related technical services work with "Service Providers" and "Service Consumers" at two levels:

  • During initial user authentication, checking the validity of the information provided by the user is the responsibility of the technical basic services. With this mechanism, end-users can take advantage of single sign-on
  • During a "Service Consumer/Service Provider" request, the technical basic services must enable the "Service Provider" to check the identity of the user and to control the user's rights

User identity and user rights management operations are carried out on the NAP by the technical basic services themselves.