SOA Patterns


About a 18 months ago Thomas Erl approached a group of us at Microsoft if we could review the SOA Patterns work he was doing. Whilst doing the review I observed that the book was lacking any patterns describing how to think about security within SOA applications. We talked and decided to add two whole chapters on the topic – starting with material that we (Fred Chong, Tom Hollander, Wojteck Kozaczynski, Lonnie Wall, Paul Slater, Dwayne Taylor and Ward Cunningham) had created in patterns & practices about 5 years ago.


 


The book is now available (has been for about 6 months now – this post is a little dated 🙂 – but included the following security related patterns:



  • Direct authentication

  • Brokered authentication 

  • Data confidentiality

  • Data origin authentication 

  • Exception shielding

  • Message screening

  • Trusted subsystem

  • Service perimeter guard 

The book also includes a bunch more patterns – which when combined with other books like Enterprise Integration Patterns (Hohpe) and Integration Patterns (P&P) makes for an invaluable resource for understanding different approaches for designing distributed systems. I am also really pleased to see there is a SOA Symposium event in the Netherlands at the end of October where we will be presenting a bunch of this material. I will post more about this later this week…


 

Comments (0)

Skip to main content