Biography As Chief Technical Officer at Vordel, Mark O'Neill oversees the development of Vordel’s technical strategy and product development for the delivery of XML and security solutions for Global 2000 companies and Governments worldwide. He regularly presents at industry seminars on the security issues effecting Web Services and is author of the book, “Web Services Security”, published by Osborne-McGrawHill. Mark holds a double-honors degree in Mathematics and Psychology from Trinity College Dublin and studied neural network modelling at Oxford University.

Presentation
Mapping Security to a Service Oriented Architecture
A Service Oriented Architecture (SOA) involves deploying software as services which are accessed using structured XML documents. The deployment of an SOA offers significant cost savings over using native interfaces into ERP, database, and mainframe systems. However, security is a concern. This session explains how SOA and security can be part of a virtuous circle, because the services in an SOA must include security services, and the SOA itself must be made secure.

We begin with a “whiteboard” diagram of a typical SOA, based on Vordel’s experience working with SOA early adopters over the past 5 years. A security model is then overlaid onto this diagram. The session lists the security services which should be part of an SOA, including services for signing, encryption, XML threat-analysis, logging, security token issuance, and security token validation.

Real-life examples are given from Vordel’s customer base, who are using tools such as SAP NetWeaver and BEA WebLogic to deploy SOAs.