Implementing SOA Security Using (SCA) Service Component Architecture, Model

Security can be implemented for service-oriented systems using a variety of security architectural models. Conventional security architectures rely on endpoint security having hard-coded and tightly-coupled security and business procedures. Due to this it is not possible to separate business and security protocols. As a result, the service endpoints have to execute both the security and business protocols creating performance problems for the business services. Besides, it becomes difficult to develop, maintain and update the security components independently due to tight integration of business and security code. To solve this problem it is important to separate the business and security concerns in SOA systems and provide security by dedicated security services offered by decoupled security components. This paper presents a SOA security solution based on service-oriented security architecture to execute out-of-band security protocols. The proposed approach is implemented with Service Component Architecture (SCA), which provides an architectural model for composition of security services in SOA systems. The proposed approach is applied for the security requirements of healthcare systems to protect the sensitive medical data of the patients from unauthorized exposure.