Understanding the Impact of IAM for SOA – and vice versa

SOA (Service Oriented Architecture) is definitely one of the most misapplied acronyms in IT. Beyond the architectural approach which is described by the term it is used for a new, process-oriented type of business applications which consist of orchestrated (web) services. BPM (Business Process Management) as the discipline of describing, managing and orchestrating these business processes and ESBs (Enterprise Service Busses) as a technical approach to connect systems and the processes are other important elements, like BAM (Business Activity Monitoring) as a, in today's implementations, usually very constricted solution to detect business-relevant irregular activities which shall be manually or automatically managed.

Currently we focus mainly on two aspects of SOA: The first one is the impact IAM has on SOA to provide not only business processes but secure business processes, enabling end-to-end security and consistent security models across the entire architecture. Federation is one of the key elements in there, Web Service Security another. Application Security Infrastructures and defined layers of identity and security services add to this as well. And all these evolvements have to be seen in the context of GRC.

The second focus is on the enhancements SOA and especially ESBs provide to IAM, enabling new architectural approaches for many of the solutions which are offered today in the IAM space.

We will continuously enhance our research scope to cover the entire field of BSM, from BPM to ESPs, the application platforms, approaches like SAP's Enterprise SOA and MDA tools (Model driven architecture) to provide a comprehensive support for our customers.