Businesses rely on the exchange of information between business partners over public networks. In such a setup information/data travels from the source to the destination using emerging standards, such as XML and SOAP. These standards promise to improve interoperability and lower the cost of systems integration within and between enterprises. With this increased level of integration comes a host of security concerns, some of which may have been addressed in the individual applications exposed to partners.

Web-services security is still in its infancy. New standards and applications are being continually developed and deployed. Web-services security as of today can be achieved at two levels:

• Security at the transport level
• Security at the SOAP or messaging level
  

As companies continue to expose applications internally and to partners, custom coding security logic into each application will require vast resources to develop, manage, and maintain individual security policies throughout the application lifecycles.  New products and services help address most of the security concerns in this space.

SENA Domain Expertise

SENA professionals have broad experience with Web Services security.  We work with multiple vendors, giving us a deep understanding of the Standards/Technology as well as detailed, product specific knowledge.  Some of the services which SENA has worked include in Web Services Security include:

• Enterprise Web Services Security Reference Architecture &  Blueprints
• Design and Development Web Services Security XML Firewalls
• Integration of Web Services Security with Application Servers, Kerberos and backend systems
  

SENA Web Services Security Offerings

SENA provides full lifecycle services for Web Services Security projects starting from the development of a strategy and architecture through implementation and integration.  Additional services include review and assessment of existing solutions.  Each of these services offers unique challenges where SENA can assist our clients.