Model driven engineering and SOA seem to complement each other very well. SOA enables horizontal decoupling of services (the issues of that are discussed on our other blog www.trustedsoa.org), and MDA enables horizontal decoupling (of models from implementations). Now this is obviously an oversimplification, but a nice upcoming architectural idea.
Security plays an important role here, and it is currently still a bit unclear to many how security can be defined and enforced in a manageable way. Of course there are webservices security specifications, but those (at least the ones that work in real-world products today) only deal with the protocol layer, which is the easy bit.
The harder bit is how to define and enforce policies for agile SOA-style enviroments. We at ObjectSecurity believe that model driven security (MDS) can help here because it allows to generate security policies for agile systems from a stable model.
But securing SOA is only one application of this useful concept...
No comments:
Post a Comment