Skip to Main Content
This study proposes a new operational framework of a network administrator for service oriented architecture (SOA) network security. It seeks to characterize the current state of practices in SOA network security by gathering information regarding known threats and defenses for SOA deployments. It works towards the practical implementation of SOA designs by creating training and testing scenarios for those preparing to work in this area. Finally, it frames these and other SOA security efforts with respect to a classic theoretical model of information security. The resulting synthesis includes recommendations on how best to process the XML network traffic typical of SOA applications. The proposed approach is Filtering to Inspect XML (FIX) at the network's perimeter. This framework contributes to the understanding of secure SOA designs by clarifying the responsibilities of both network managers and software engineers in orchestrating XML-based services.
Date of Conference: 7-10 Jan. 2008