When exposing Web services to entities external to your organization, it is easy enough to roll your own security and management policies – if you don’t have a lot of services. As B2B integration points increase in number, however, many find it useful to handle the various areas of policy management from a single utility. Most companies would probably prefer their developers spend more time on business logic than infrastructural concerns.
The folks over at SOA Software recently released Policy Manager 6 with revamped security federation and policy management interoperability. The company has also refactored the product to run on top of the highly-extensible OSGi framework.
“We’ve gone a lot more standards-based in the policy framework,” said Ian Goldsmith, VP of product management at SOA Software. “We have a lot more capabilities of integrating with heterogeneous platforms – things like IBM WebSphere Registry/Repository, deeper integration with Microsoft WCF, SAP ESR integration – these kinds of things that are made possible through the standards port in 6.0.”
Goldsmith said the company has also updated the security standards to include SAML, WS-Trust, XACML and WS-SecureConnection.
Policy and security control is something that is relevant whenever there are Web services being exposed and consumed externally. This is no different when approaching cloud computing, said Goldsmith.
“We’ve really focused on the workflow and the processes around service provisioning,” said Goldsmith. “With our extended standards support around security we can now federate between different cloud providers or software as a service providers and the enterprise.”