Secure SOA And Integrate to Enterprise Identity Management

SOA (Service Oriented Architecture) services have been the cornerstone of enterprise integration for the past 10+ years. SOAP and XML, the main building blocks of SOA services provide enterprises with tremendous amount of flexibility to build reusable services that can power both application-to-application (A2A) and business-to-business (B2B) integrations. SOA services are supported by an extensive and well defined set of standards, including SAML and WS-* standards for security. Vordel API Server simplifies the tasks of securing SOA services and integrates to enterprise security infrastructures.

Service Interface Security with Vordel API Server

Network firewalls do not block message level threats. Web application firewalls only protect web applications. Vordel API Server detects and prevents message level threats for SOA web service traffic, scanning at the protocol header level (e.g. HTTP headers), SOAP header level (for security tokens and timestamps), XML level, and attachment level. The API Server also performs schema validation and can enforce schema usage policies. See the API Protection page for a full list of protection the Vordel API Server provides out-of-the-box.

Access Control & Identity Integration with Vordel API Server

Unfortunately most SOA services do not have sufficient level of access control implemented. While SOA web services are supported by a comprehensive set of security standards such as SAML, WS-Security, WS-Trust, WS-Federation, WS-I and WS-Secured Conversation; the task of sorting through the long list of standards and implementing them “by the book” is daunting for developers. Vordel API Server provides access control capabilities for SOA services out-of-the-box, including authentication, authorization, audit, trust relationship management, and identity federation. These are in addition to the basic security capabilities such as transport security, encryption, and signing. On top of support for all the open standards, Vordel API Server is shipped with pre-built integrations to all the leading identity management platforms such as CA, IBM, Oracle, and more, including handling all these vendor’s proprietary cookies and tokens.

Managing SOA Security Artefacts

SOA security relies on a number of artefacts for authentication, encryption and signing tasks. Vordel API Sever provides secured administration and storage for all forms of SOA service security artefacts such as tokens, keys and certificates. Vordel supports a broad array of standards such as SAML, Kerberos, SPNEGO, X.509 and XACML. You can find a full list of supported standards on the Standards page. Vordel API Server also provides integration with management systems such as LDAP, Active Directory, Active Directory Federation Service (ADFS), Windows Domain Controller, certificate authority and other PKI systems, anti-virus, hardware and network based security modules (HSM). In addition, the API Server can serve as the SSL termination point and handle SSL related tasks.