Service Oriented Architecture Security Risks and their Mitigation

reportActive / Technical Report | Accession Number: ADA576267 | Open PDF

Abstract:

Service Oriented Architecture SOA is an architectural paradigm and its aim is to achieve a loose coupling amongst interacting distributed systems. SOA is used by enterprises to efficiently and cost-effectively integrate heterogeneous systems. However, SOA is affected by several security vulnerabilities, thus affecting the speed of its deployment in organisations. In this report, we describe some of the security threats faced by SOA systems and corresponding risk mitigation measures by means of security technology, standards and products.

Author(s):
Indrakanti, Sarath
Author Organization(s):
DEFENCE SCIENCE AND TECHNOLOGY ORGANISATION EDINBURGH (AUSTRALIA) COMMAND CONTROL COMMUNICATIONS AND INTELLIGENCE DIV
Descriptive Note:
Technical note
Pagination:
0032

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:
Approved For Public Release
Distribution Statement:
Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR
Identifying Numbers
Report Number(s):
DSTO-TN-1126, DODA-AR-015-420
Monitor Series:
AR-015-420, DSTO/CCCI
 Subject Terms
Joint Capability Areas:
JCA_6.4.1_Secure Information Exchange; JCA_6_Net Centric; JCA_7_Protection; JCA_6.4_Information Assurance; JCA_7.2.1_Mitigate Lethal Effects; JCA_7.2_Mitigate; JCA_5_Command and Control; JCA_6.1.3_Switching and Routing; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_6.1_Information Transport; JCA_5.5_Direct; JCA_5.5.1_Communicate Intent and Guidance; JCA_8.2_Shape; JCA_8_Building Partnerships; JCA_8.2.4_Leverage Capacities and Capabilities of Security Establishments; JCA_3.2_Engagement; JCA_3_Force Application; JCA_3.2.2_Non-Kinetic Means; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_5.2_Understand
Communities of Interest:
Cyber
Descriptor(s):
*COMPUTER APPLICATIONS, *COMPUTER ARCHITECTURE, ARCHITECTURE, AUSTRALIA, COST EFFECTIVENESS, INTEGRATED SYSTEMS, SECURITY, STANDARDS, THREATS, VELOCITY, VULNERABILITY
Field(s)/Group(s):
Computer Programming and Software
Keyword(s):
FOREIGN REPORTS, RISK MITIGATION, DISTRIBUTED SYSTEMS, SERVICE ORIENTED ARCHITECTURE
Report Date:
2012 Oct 01
Creation Date:
2013 Jun 03