SOA Security (Paperback)

Description

SOA is one of the latest technologies enterprises are using to tame their software costs - in development, deployment, and management. SOA makes integration easy, helping enterprises not only better utilize their existing investments in applications and infrastructure, but also open up new business opportunities. However, one of the big stumbling blocks in executing SOA is security. This book addresses Security in SOA with detailed examples illustrating the theory, industry standards and best practices.

It is true that security is important in any system. SOA brings in additional security concerns as well rising out of the very openness that makes it attractive. If we apply security principles blindly, we shut ourselves of the benefits of SOA. Therefore, we need to understand which security models and techniques are right for SOA. This book provides such an understanding.

Usually, security is seen as an esoteric topic that is better left to experts. While it is true that security requires expert attention, everybody, including software developers, designers, architects, IT administrators and managers need to do tasks that require very good understanding of security topics. Fortunately, traditional security techniques have been around long enough for people to understand and apply them in practice. This, however, is not the case with SOA Security.

Anyone seeking to implement SOA Security is today forced to dig through a maze of inter-dependent specifications and API docs that assume a lot of prior experience on the part of readers. Getting started on a project is hence proving to be a huge challenge to practitioners. This book seeks to change that. It provides bottom-up understanding of security techniques appropriate for use in SOA without assuming any prior familiarity with security topics on the part of the reader.

Unlike most other books about SOA that merely describe the standards, this book helps you get started immediately by walking you through sample code that illustrates how real life problems can be solved using the techniques and best practices described in standards. Whereas standards discuss all possible variations of each security technique, this book focusses on the 20% of variations that are used 80% of the time. This keeps the material covered in the book simple as well as self-sufficient for all readers except the most advanced.

描述

SOA是企業目前使用的最新技術之一，用於控制軟體成本 - 在開發、部署和管理方面。SOA使整合變得容易，不僅有助於企業更好地利用現有的應用程序和基礎設施投資，還能開拓新的業務機會。然而，執行SOA的一個重大障礙是安全性。本書通過詳細的示例，說明了SOA中的安全性理論、行業標準和最佳實踐。

確實，安全性在任何系統中都很重要。SOA帶來了額外的安全性問題，這些問題源於使其具有吸引力的開放性。如果我們盲目應用安全原則，就會失去SOA的好處。因此，我們需要了解哪些安全模型和技術適用於SOA。本書提供了這樣的理解。

通常，安全性被視為一個神秘的話題，最好由專家來處理。雖然確實需要專家關注安全性，但包括軟體開發人員、設計師、架構師、IT管理員和經理在內的每個人都需要執行需要對安全性主題有很好理解的任務。幸運的是，傳統的安全技術已經存在了很長時間，人們可以理解並在實踐中應用它們。然而，SOA安全性不是這種情況。

任何希望實施SOA安全性的人都必須在相互依賴的規範和API文檔迷宮中尋找，這些文檔假設讀者在安全性方面具有很多先前經驗。因此，對從事者來說，開始一個項目變成了一個巨大的挑戰。本書旨在改變這種情況。它提供了從底層開始的安全技術的理解，適用於在SOA中使用，而不假設讀者對安全性主題有任何先前的熟悉。

與大多數其他關於SOA的書籍只是描述標準不同，本書通過演示如何使用標準中描述的技術和最佳實踐來解決現實生活中的問題，幫助您立即入門。而標準討論了每種安全技術的所有可能變化，本書則專注於80%的時間使用的20%的變化。這使得本書所涵蓋的材料既簡單又自給自足，除了最高級的讀者外，適用於所有讀者。