Designing a logical security framework for enterprise service oriented architecture (ESOA)

Abstract

Enterprise Service Oriented Architecture (ESOA) is an appropriate strategy to provide an integrated, flexible, adaptable, and cost efficient enterprise Service-based that derives from various set of Web Services combined with business logic to support a particular business process. Despite the benefit of SOA, integration of application makes security design more complex. It brings several security problems. There is no comprehensive security framework for helping developers to design an adequate security solution. In order to alleviate these problems, some additional nonfunctional security requirements are needed. This project aims to analyze the security requirements raised by real world SOA in an enterprise and proposes a logical security framework to meet these needs. This framework can support all three security levels (content, communication, and network) of IT infrastructure. The proposed Security Service Oriented Reference Architecture (SSORA) shows which security service defined by the proposed security framework can be applied on each layer of Service Oriented Reference Architecture. In the real world, the location of each service is an important element of security design. In order to decrease the holes of the inner firewall, a Service Routing Coordinator (SRC) is located in the internal network. This service acts as an intermediary between the Web Services and the internal network servers. The proposed framework is applied on the logical SOA deployment architecture in order to design a security solution for an enterprise. Designing a security solution for Razavi Financial Institute (RFI) shows that proposed security framework can be applied for any SOA based environment.