Visit Our UNIX and Linux User Community

SOA Security (Part 1)

Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Complex Event Processing RSS News SOA Security (Part 1)
# 1  
Old 09-30-2007
SOA Security (Part 1)

Tim Bass
Sun, 30 Sep 2007 14:11:44 +0000
While we are on the topic of SOA, or*”modular distributed computing” as many of friends*are calling*SOA these days,*let us*take a moment to visit SOA security.
Many of*the security*issues associated with SOA*come from the fact that security, SOA-style, attempts to replace traditional security*controls with new, open standards.* Most of these new SOA security standards are relatively immature and unproven.*** In addition, the SOA standards that have emerged,*like XML, SOAP, WSDL, and UDDI, *have done little, if anything*to address IT security.
XML, SOAP, WSDL, and UDDI are open standards that enable the transmission and description of data and interprocess communications between systems.**These standards do not address SOA security and, by themselves,*are*simple a*security breach that easily*circumvent firewalls and put organizations at higher risk.
Therefore, as we move*to*”modular distributed computing”*the architecture of*loose coupling has the second order effect of*decreasing*SOA adoption when we get*past the*market*hype and move into the details of how to actually security this loosely coupled monster we are building.
In this series, wearing my CISSP hat,**we will visit many of the key issues in SOA security and talk about why event processing is critical to securing modular distributed architectures.


Previous Thread | Next Thread
Test Your Knowledge in Computers #263
Difficulty: Easy
Alan Turing played a key role in cracking intercepted coded messages that enabled the Allies to defeat the Nazis in many crucial engagements, including the Battle of the Atlantic, and in so doing helped win and end the war.
True or False?
ldns-notify(1)						      General Commands Manual						    ldns-notify(1)

ldns-notify - notify DNS servers that updates are available SYNOPSIS
ldns-notify [options] -z zone servers DESCRIPTION
ldns-notify sends a NOTIFY message to DNS servers. This tells them that an updated zone is available at the master servers. It can perform TSIG signatures and it can add a SOA serial number of the updated zone. If a server already has that serial number it will disregard the message. OPTIONS
-z zone The zone that is updated. -h Show usage and exit -v Show the version and exit -s serial Append a SOA record indicating the serial number of the updated zone. -p port Use port as destination port (default the DNS port 53) for the UDP packets. -y key:data Use the given TSIG key and base64-data to sign the NOTIFY. Uses the hmac-md5 algorithm. -d Print verbose debug information. The query that is sent and the query that is received. -r num Specify the maximum number of retries before notify gives up trying to send the UDP packet. EXIT CODE
The program exits with a 0 exit code if all servers replied an acknowledgement to the notify message, and a failure exit code otherwise. AUTHOR
Written by the ldns team as an example for ldns usage. REPORTING BUGS
Report bugs to <>. COPYRIGHT
Copyright (C) 2005 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PUR- POSE. 9 Jan 2007 ldns-notify(1)

Featured Tech Videos