I presented a discussion on SOA Security Patterns at the SOA Symposium today in Rotterdam. The abstract fro the talk is included below and the PPT is attached for anyone interested.
Service-oriented solutions are distributed applications and therefore rely on many of the established security controls, practices, and technologies. However, there are distinct characteristics that make services and service compositions special. For example, designing distributed systems that will with greater frequency span organizational boundaries requires architects to understand threats associated with exposing such functionality on potentially hostile networks. This presentation walks through a number of the SOA design patterns that are specific to services, processes, and SOA security in general. In this talk we will introduce and explain these patterns and discuss how they can be applied to establish a secure foundation to service-oriented systems.