The more distributed organization's Web services and service-oriented architectures (WS/SOA) become, the more businesses are benefited from the speed, flexibility and cost of building and deploying applications. To get benefit of WS/SOA security, businesses need to manage and control access at a new level; but in absence of a centralized security architecture, businesses can afford the inconsistency and inefficiency of siloed application security, increased risk of information leakage and the higher security administration and regulatory compliance costs. The problem is, this distributed model unites different teams and services, and invites a range of new security management challenges. Web services and service-oriented architectures require the same website security functionality as those that are commonly provided by Web access management systems authentication, authorization, auditing and administration capabilities that users expect.
CA SiteMinder Web Services Security (WSS) is Web services and service-oriented architectures (WS/SOA) security solution. CA SiteMinder WSS helps to secure access to services by inspecting information contained in the XML documents submitted by service providers and consumers. Using centralized security policies bound to user identities, CA SiteMinder WSS delivers consistent authentication, authorization, federation, session management and security auditing services. CA SiteMinder WSS fits into heterogeneous WS/SOA deployments by providing agent and policy enforcement points that are controlled and managed by centralized policy decision points.
With CA SiteMinder WSS, organizations can centrally manage enterprise security for WS/SOA deployments no matter how many Web services or different infrastructure technologies are deployed. Providing centralized, policy-based security as an integral part of WS/SOA infrastructure enables the abstraction of security from the Web services themselves. This eases the administrative burden and cost of providing consistent and reliable enterprise security for WS/SOA.
Access management: Centralized policy definition and execution provides message level authentication, authorization, federation, session management and auditing Security centralization: Separates enterprise security from Web service, allowing externalized policy creation and change Heterogeneous support: Install SOA agents within service containers and/or with a XML gateway to accommodate various deployment models Identity-centric policies: Access policy decisions can be made based on XML message contents and requester attributes Standards support: Supports standards such as XML, SOAP, SAML Session Ticket, WS-Security, XML Encryption and XML signatures as well as .NET and J2EE Federation: Service federation enables businesses to serve as both a security token consumer and producer
Enable growth: Security with WS/SOA deployed to support external business
Mitigate risk: Centralized security with consistent policy enforcement and auditing
Reduce costs: Shared security service for use across application silos
Simplify administration: Centrally managed policies across Web services using XML standards