SOA-based security governance middleware
This work addresses security governance for businesses needing rapid adaptability, but it appears incremental as it builds on existing SOA and middleware concepts.
The authors tackled the challenge of security being a hindrance in dynamic business environments by proposing SOA-based security governance middleware that provides flexible and transparent security settings through managed compositions of security services, resulting in enhanced flexibility and transparency compared to existing approaches.
Business requirements for rapid operational efficiency, customer responsiveness as well as rapid adaptability are actively driving the need for ever increasing communication and integration apabilities of software assets. In this context, security, although acknowledged as being a necessity, is often perceived as a hindrance. Indeed, dynamic environments require flexible and understandable security that can be customized, adapted and reconfigured dynamically to face changing requirements. In this paper, the authors propose SOA based security governance middleware that handles security requirements on behalf of a resource exposed through it. The middleware aims at providing different security settings through the use of managed compositions of security services called profiles. The main added value of this work compared to existing handlers or centralized approaches lies in its enhanced flexibility and transparency.