Layer 7 secures Oracle ESB, protects SOA applications

By Rob Barry 21 Oct 2009 | SearchSOA.com

News on SOA, EAI, Web services Digg This!     StumbleUpon     Del.icio.us

XML appliances acting as security gateways have protected the fringes of SOA applications for a number of years. They have been most apparent in defense and homeland security settings. A deal between Layer 7 Technologies and Oracle brings such technology deeper into commercial settings.

With all the messages that flow from an enterprise service bus (ESB) through the middleware stack, a layer of security is important in protecting vital information. Due to their architectures, ESBs often rely on an external layer for security, like one recent offering from Layer 7 Technologies.

Earlier this month Layer 7 released an integrated appliance for the Oracle Service Bus component of Fusion Middleware. The company said that the OSB Appliance combines XML security and a stripped-down deployment of Layer 7's SecureSpan XML Gateway.

The appliance is now sold alongside OSB through Layer 7 and Oracle and runs on Sun x64 servers.

"The idea came from a customer of ours who had a lot of back-end data behind the firewall," said Scott Morrison, VP of engineering and chief architect at Layer 7. "They wanted to make it accessible but with security."

A major benefit of a product like this is not having to set up and configure a custom gateway to live along side an ESB, suggested Scott Morrison, VP of engineering and chief architect at Layer 7. As an integrated appliance, it is designed to drop a security perimeter right into the network.

Morrison said major interest to date has been from government agencies with high security requirements, such as the Department of Defense and Homeland Security. He said the government seems to be making a more aggressive move towards adopting SOA standards.

"The commercial sector is more about integrating with existing identity management right now," Morrison said. "The government tends to be very aware of standards coming out. And they have to. After 9/11, the government really started taking the direction where information needs to be shared between departments."

For some commercial operations, a review of ESB and security touchpoints may be in order, said an industry expert.

"Enterprises must consider that while there may be specific security handling capabilities within the domains of their ESBs and other various engines, they must also holistically address the many interfaces and touchpoints between and across the network," said Sandra Rogers, independent industry analyst.

Tags: VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web services development Java-based Abdera open source tools implement Atom services Gomez adds new features through platform-wide upgrade PowerBuilder 12 beta available RAD Studio 2010 hits the shelves Oracle brings Fusion Middleware into the modern age Oracle Fusion Middleware 11g supports SCA, JavaServer Faces development Investment site turns to Xignite, Amazon cloud computing to power portfolio tracker SimpleDB shows promise Yahoo says no deal Amazon links Web services to data

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary ColdFusion  (SearchSOA.com) Delphi  (SearchSOA.com) Eclipse  (SearchSOA.com) elegant solution  (SearchSOA.com) interaction management  (SearchSOA.com) message-driven processing  (SearchSOA.com) Ruby on Rails  (SearchSOA.com) Tim Berners-Lee  (SearchSOA.com) Web services  (SearchSOA.com) Web Services: Glossary  (SearchSOA.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary