SOA Security In Action

There is a fine distinction to be made between SOA (Service oriented architecture) and .NET
SOA in particular. SOA is the field itself where .NET SOA functions as a platform to be
used by SOA developers to design service-oriented software. The closest competitor to .NET
SOA in the SOA industry would be Java/J2EE. The biggest question with .NET SOA use is
whether service orientation can be built into the platform applications as Microsoft
designers see fit.

It is certain that all SOA developers (whether they use .NET SOA or other platforms) will
need to be experienced in both the concept and the application of the SOA concepts. So .NET
SOA developers will then have to be able to understand and explain to clients why this
platform is preferable to other SOA platforms like Java/J2EE. Clients may not be IT
literate or lack adequate comprehension of the .NET SOA and its advantages, so it is up to
.NET SOA developers to teach them the difference.

Of particular importance is application of .NET SOA to enterprise systems, since Microsoft
is, after all, an enterprise services supplier and developer. Microsoft needs to train .NET
SOA specialists how to adapt their skills to serving the needs of enterprise systems so that
these become service-oriented IT systems. If Microsoft fails to do so, we may expect that
.NET SOA developers will churn out systems that cannot stand up to future demands like
re-usability, scalability, or flexibility.

At heart, the problem with .NET SOA as a platform is that Microsoft needs to address
software engineering issues rather than concentrate on marketing.

Reinvigorating Your Business with the New 2.0 Business Language SOA on the Web

With rising numbers of competitors out there, it is no wonder that all Business managers would try any means to increase their business earnings.
Any trick in the book of business will be used and at many times, innovations will be explored.
These innovations often come from sectors outside the World of Business and they often present promises that might reinvigorate any person’s business with proper care and utilization.
But it must always be remembered that these innovations are the same as the rest of the solutions; they are not miracle-giving solutions.
One of these innovations has come from the IT and this is SOA and from it came the 2.0 Business Language.
Now, the two of these can be considered partners, like in the case of Business and IT when SOA arrived.
In fact, SOA can work more efficiently if there is the 2.0 Business Language to back it up.
More and more Business managers are seeing the use of such IT programming languages in their business.
It is expected that with the onset of the use of IT, the Business managers would now be able to drive improvements in their line of business.
Now, these Business managers would no longer fear change as the success of IT is determined by changes and improvements and now that business is part and parcel with IT, there is a need to further accelerate change.
Rather than prevent it, change with use of SOA and 2.0 Business Language will create a sudden surge in the need to improve the delivery of services.
This will be better aided by the increase in business insight, which can help reduce the risk that these Business managers take.

With SOA being implemented in many businesses today, security has now become a big
issue among many organizations.  Any company putting action in SOA security will have
to be contented with a lot of API files to review–assuming that the team reviewing the
API has a lot of prior information about the file.  Unfortunately, the biggest challenge for
a team would be the understanding of the security techniques appropriate for SOA

One SOA security threat is the denial of service attack or DoS attacks.  This is a
nightmare for any company because it blocks the users from accessing resources that
should be available to them.  The objective of this attack is to make the service provider
unavailable to the requester.  There are two kinds of DoS.  The first one will deny the
service by flooding the service provider’s network with trash and the other one is through
the blocking of communication between the client and the host. Immediate action should
be taken in order for this SOA security threat to be avoided if it has not yet happened or
stopped, remedied if it has already happened and prevent it from happening again.

There are standards and best practices already available for SOA security.  There are
books readily available for study references on SOA security.  When choosing the right
book, make sure that they have a comprehensive but down-to-earth explanations and
terminologies.  Some books offer solutions for most problems and take you there through
action while some others offer complicated terminologies and solutions which may not be
used in your situation.