SOA security patterns - Part - I

It's been some time I desperately wanted to get started with the $subject - but things got delayed till I get my blog cleaned up with some missing images.

Sri Lanka lost the 3rd ODI today against Aussies and the match turned out quite boring after few minutes from the start - fixing missing images in the blog was less boring than watching the match..

Here I am ready to blog again :-)

"In software engineering, a design pattern is a general reusable solution to a commonly occurring problem in software design. A design pattern is not a finished design that can be transformed directly into code. It is a description or template for how to solve a problem that can be used in many different situations."

That's Wikipedia for you...

SOA has it's own patterns and in security space we have plenty too...

Let me list some of them which I will be discussing with further details in upcoming episodes of this series.

1. Direct authentication with user name and password - SOAP
2. Direct authentication with user name and password - REST
3. Direct authentication with certificates - SOAP
4. Direct authentication with certificates [mutual authentication] - REST
5. In direct authentication with certificates
6. Federated authentication with WS-Trust
7. In direct authentication with Kerberos
8. Authorization Enforcer pattern - fine grained authorization with XACML
9. REST client authenticating to a SOAP web service with user name and password
10.SOAP client authenticating to a RESTFull service with user name and password
11.Securing a service with multiple security policies
12.SSL bridging
13.Trusted Sub System pattern
14.Message Interceptor Gateway pattern
15.Secure Message Router pattern
16.Assertion Builder pattern
17.Credential Tokenizer pattern
18.Secure Service Facade pattern
19.Audit Interceptor pattern
20.Interceptor Validator pattern
21.Secure Pipe pattern

We have implemented all those security patterns with WSO2 products in various client deployments.

In the upcoming sessions of the SOA Security Patterns series I will cover them all with implementation details.