There are many issues to consider when bulletproofing and securing service-oriented architectures (SOA), including today’s most commonly posed problems of security and quality. From architecture, through development, testing, deployment and operational management there are aspects of SOA and Web Service that are unique and challenging. The infrastructure we create to enable SOA should be considered by participants in the SOA development process from architects (“Where can I offload supporting services?”) to developers (“Who is taking care of policy implementation for me including privacy and security?”) through operations and security staff (“What policy settings are implemented in the infrastructure that allow me to make adjustments without involving the development folks?”)
Ignoring security and quality in the development cycle exposes corporations to a multitude of risks that will further hinder them throughout the services lifecycle. Several keys exist in the SOA and Web services lifecycle, but it boils down to a list of five keys to avoid security, reliability and compliance issues.
