What follows is a transcript of my podcast with Adam Vincent, the Federal Technical Director of Layer 7 Technologies. Adam has extensive experience building secure service oriented architecture as well as sharing information across security boundaries, and in this podcast we discuss the challenges of SOA security, the similarity between SOA and Web 2.0, Layer 7's solution, SOA governance, and finally, the SOA security challenges of the upcoming U.S. Presidential election.
Also, don't forget next month's ebizQ roundtable on SOA security. Learn more right here!
Could you give me a quick overview of SOA security?
Sure. So SOA security is very similar to what we've seen in typical application security. The big difference in SOA vs. 'what we're used to' is that SOA is somewhat of a concept vs. a technologies so the concept itself allows for more interoperable information sharing and it's often seen as being an enabler of more business-to-business communications and so with that comes the complexity of crossing organizational, departmental and community boundaries so not only do you have to deal with integrity, confidentiality, and non-repudiation like you do with any other application but now you have the challenge of trying to federate and govern those security policies between different organizational partners.
