SOA Security White Paper - California Enterprise Architecture Program
SOA Security White Paper - California Enterprise Architecture Program
Exchange of information over the Internet is vital but may have security implications. Security issues over the Internet are important, because it is an insecure and untrustworthy public network infrastructure, prone to attacks by intruders.
The information available over the Internet does not always have the same level of business confidentiality. In the public sector, much information is intended to be accessed and viewed by anyone. However, there are a number of business transactions that require knowing who the party is including the party’s access privileges.
Organizations usually secure company resources available on the network and online services by defining business roles, access rights, and system policies. That's where firewalls play a role in the security process. A network level firewall sits at the doorstep of a private network as a guard and typically provides the following security services:
• monitors all incoming traffic;
• checks the identity of requesters trying to access specific company resources;
• authenticates user identities, which can be the network addresses of service requesters or security tokens;
• checks security and business policies to filter access requests and verifies whether the service requester has the right to access the intended resource; and
• provides for encrypted messages so that confidential information can be sent across the Internet.
Page 1 California Enterprise Architecture Program SOA White Paper ...
____________________________________________
____________________________________________
>> Back to Main Page
Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Comments