Documente Academic
Documente Profesional
Documente Cultură
83%
82%
81%
83%
End-to-End Security
Control over Access and Utilization Service Level Management Transaction Integrity
ERP PLM SCM HCM CRM
DATA SYNC
Hybrid IT Infrastructure
3
Web Service
OWSM Agent
Service Bus
OWSM Agent
Web Service
Web Service
Extranet
DMZ
OWSM Agent
Web Service
Cryptographic attacks
Public Keys Replay
SOAP attacks SOAP operation filtering Checking for rogue SOAP attachments (e.g., viruses)
Communication attacks
HTTP header and query string analysis IP address filtering Traffic throttling
Benefits
Ensures reliability of hybrid infrastructure Improves performance through policy conformance
XML Acceleration - Fast processing of XML queries - Fast XML validation - Patented acceleration engine DMZ Security - Fine grained authorization - Authentication - Identity propagation
XML Load Speed
End-to-End Security
Authentication Across Enterprise Boundaries
On-premise Public Cloud
Enterprise Gateway
SaaS
Integrator
Customers use Cloud services Gateway applies outbound security required to access services If request must be signed, Gateway does the signing
8
Providers offer Cloud services Gateway provides inbound security for providers services
End-to-End Security
Identity Management and Propagation
Web Application
HTTP GET/POST
Identity Management
Web Access Control Web Client (Browser) Web Service Client HTTP GET/POST RBAC, FineGrained Authorization Identity & Role Mgt User Provisioning & Role Governance User Identities
REST
XML
SOAP
AuthZ
Enterprise Gateway
AuthN
Web Service
JMS
10
HTTP GET/POST
Policy Agents
REST REST
SOAP
Identity Management
XML
SOAP
JMS Metadata Store (MDS) SOA Management Policy Manager Policy Manager Policy Manager
* Service Bus can be used with or without Policy Manager integration ** Enterprise Gateway may optionally use same policies as Service Bus and Policy Agents
11
Gold
12
Transaction Integrity
Across Enterprise and Cloud
Appliance Web
Process Engine Service Bus
DBMS
SaaS
Problem diagnosis and managing exceptions is less laborious, with shorter mean-time-to-resolve
Averts 80% of effort spent merely isolating the issue No longer a manual effort based on log mining Fewer developer resources diverted to IT fire-drills
Service Bus
DBMS
13
Public Cloud
Design Policy
Enterprise Repository
Architecture Standards
Developer/ Integrator
Compliance Reports
SaaS
On-Premise: Operations
Employee
Secure Access
Audit
Logging & Reporting
Interoperability
App
XML Validation
Audit
Employee
Corporate & Regulatory Payment Card Industry Data Security Standards (PCI DSS) Compliance Statement on Auditing Standards 70: Service Organizations (SAS 70 ) per Auditing
Standards Board of the AICPA. Health Insurance Portability and Accountability Act (HIPAA.)
14
API Management
Security, Monitoring and Governance
Threat Protection
Tablets
Mobile
API
API Governance API Monitoring and Management
Gaming Consoles
Devices, Sensors
16
17
Security Inside-Out
Cloud Security
Perimeter Security
Application Security
Broad & Deep Coverage Delivered through Oracle Web Services Manager, & 3rd Party Agents
Next Steps
1. Explore Oracles Web Sites
www.oracle.com/soa http://bit.ly/soagov http://bit.ly/OEGateway
5. Join Oracle SOA communities: 2. Run Oracle SOA on the Cloud Amazon EC2: http://bit.ly/HLgyRS twitter.com/OracleSOA
facebook.com/OracleSOA
3. Attend an Upcoming SOA Event Oracle SOA Group Blog blogs.oracle.com/governance