Keys to Successful SOA Security Integration
This presentation will focus on successful strategies for SOA Security integration, patterns, best practices, pitfalls, and lessons-learned in SOA based projects – giving design and code examples in Java.
Specifically, the presentation will:
- Provide a vendor-agnostic and technology-agnostic design for access control & policy decision enforcement for clients & services, with code examples & references.
- Provide an overview & look at example Java code of a custom components that can be customized for any enterprise and used by portals and web servers in order to map enterprise Attribute Services (ABAC) to the J2EE role-based (RBAC) security model for Container-managed security (using Apache Tomcat, JBoss)
- Provide lessons-learned many SOA-based projects.
Sponsor: Consult2Hire
Dominion Innsbrook Technical Center
About the Presenter
Kevin T. Smith
Kevin T. Smith is a Senior Technical Director at ManTech International, where he leads and provides SOA and Information Security guidance to many government projects in the Department of Defense and Intelligence Community.
The author of many technology books and articles in industry magazines revolving around SOA, Security, Enterprise Architecture, XML, and Java Programming, Kevin has led technology workshops and has been a featured speaker at numerous industry conferences, such as the RSA Security Conference, JavaOne, the Semantic Technology Conference, ApacheCon.
His most recent book, Applied SOA: Service-Oriented Architecture and Design Strategies (Wiley, 2008), is relevant to this presentation.
A full list of his books and articles is available at http://home.comcast.net/~kevintsmith/