SOA creates a fundamental change in the application behavior, usage and access as well as the operational management of the application infrastructure.
When applications are re-purposed and re-used, they may be extended to a new set of users, groups of people not originally envisioned in previous instances, and thereby creating security holes and risks.
To effectively, secure the SOA-based applications, IT needs to:
A) Federate Identity and Access Control across Services – IBM Tivoli Federated Identity Manager (TFIM) enables an efficient and effective way to manage and provision users’ identities across the SOA environment. TFIM ensures that each user has access to the applications, data and information based on their security credentials and access-level regardless of which application they are accessing.
In addition, IBM TFIM helps reduce costs of Identity Management by streamlining and federating the identity management processes across the SOA environment.
By federating the user identity credential transparently across all required applications it eliminates the need for users to login multiple times to different applications and delivers an improved and simplified single sign-on access experience.
B) Secure Services and Applications over a heterogeneous environment - end-to-end security can be a challenge in a SOA environment, since SOA-based services are composed and deployed from applications and resources from across the spectrum of IT/Data center. Implementing and provisioning access controls and authorization levels in this heterogeneous environment can be complex, costly and time consuming. IBM TFIM enables complete security of the SOA environment by integrating with the existing and disparate security models across different platforms, to secure access to applications, transactions and protection of sensitive information and data.
C) Consistently enforce and audit security policy for services – to ensure the integrity of corporate security policies and meet the regulatory requirements IBM Tivoli Security Operations Manager (TSOM) offers a single security dashboard for a central location to collect, correlate, detect and alert on all security events and risks. In addition, TFIM offers complete audit and access reports of activities by transactions, by users’ or by access of applications and data.