|
 SOA and Security
This page is for the joint working group formed by members of The Open Group's Security Forum and SOA Working Group, to develop a Best Practice Guide to implementing effective security in SOA environments. In Sept 2007 the SOA-SEC Working Group agreed its Charter, and started work on gathering material contributed from its members, for collation into a Guide to security issues that apply to the implementation of service oriented architectures. The scope and purpose of the Guide was agreed to be limited to addressing the design and implementation of security in SOA environments, so as to provide a reference framework with a collection of patterns, best practices, and use cases, underpinned by a concisely described common framework, and targeted to add value to SOA or Security practitioners.
By July 2008 the SOA-SEC WG members had generated a SOA-Security draft which contained sound material but lacked comprehensive coverage of the subject, and balance in what had been written. Due to drop-off in member resources at that time, this project made no progress up to April 2009, when members of the SOA Working Group generated a draft SOA-Security chapter which they intended to be added to the SOA WG's 'SOA Source Book' - published in Feb 2009 and available at
http://www.opengroup.org/projects/soa-book/.
This new chapter raised significant issues concerning it's fit with the SOA Source Book, but is recognised as representing a significant contribution towards resuming development of the originally intended Best Practice SOA-Security Guide. The current aim is therefore to mobilise member supportto achieve our original goal - to publish a SOA-Security Guide.
|
Show/Hide