By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
- Federation – Authentication at the initiating client and authorization at the Web services server. The basic problem here is establishing trust.
- Privacy – Authentication without revealing the identity of the client. Take a look at this URL, which describes a joint project of Internet2 and IBM that tackles this problem.
- Security Administration – While there are systems that handle identity management, that is only a portion of Web services security administration needs. Other areas that require an administration model are Authorization, Attributes and Policy between disparate companies.
- Access Control – There has been some very good work in access control, but there are still some interesting problems in this area, especially as we move to Web services security. Take a look at the XACML specification at this URL for some of the recent work on access control in Web services.
Dig Deeper on SOA security strategy
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.