SOA and Security
This page is now superseded by the 'Securing the Cloud & SOA' sub-group of the Cloud Computing Working Group. Following the meeting in Rome (April 2010) it was agreed that the requirements and considerations for securing Cloud Computing are very similar to those for securiing SOA. This project was therefore merged with the Securing the Cloud & SOA sub-group.
Members can access the merged project Web page at
https://www.opengroup.org/projects/sec-cloud-soa/protected/
Non-members can view the Cloud Computing WG Web page at
http://www.opengroup.org/cloudcomputing/
Origins of this SOA and Security WG project
In Sept 2007 the SOA-SEC Working Group agreed its Charter, and started work on gathering material contributed from its members, for collation into a Guide to security issues that apply to the implementation of service oriented architectures. The scope and purpose of the Guide was agreed to be limited to addressing the design and implementation of security in SOA environments, so as to provide a reference framework with a collection of patterns, best practices, and use cases, underpinned by a concisely described common framework, and targeted to add value to SOA or Security practitioners.
By July 2008 the SOA-SEC WG members had generated a SOA-Security draft which contained sound material but lacked comprehensive coverage of the subject, and balance in what had been written. In April 2009, members of the SOA Working Group generated a draft SOA-Security chapter which they intended to be added to the SOA WG's 'SOA Source Book' - published in Feb 2009 and available at
http://www.opengroup.org/projects/soa-book/.
This new chapter raised significant issues concerning it's fit with the SOA Source Book, was recognised as representing a significant contribution towards resuming development of the originally intended Best Practice SOA-Security Guide.
Subsequent developments led to merging this project into the 'Securing the Cloud & SOA' sub-group of the Cloud Computing Working Group.
|