Service-Oriented Security aligns with the overall Application-Centric approach of Identity and Access Management solutions - with the goal of providing a comprehensive, standards-based, developer-friendly platform. By leveraging and sharing many of the common Identity "Services", Service-Oriented Security allows developers to spend the effort on where it counts the most - the application logic itself. Security will be just a service that can be invoked over a well defined hetrogenous interface based on open Standards. This panel discusses the technologies, the architectural patterns and the organizational approaches for transforming and aligning the enterprise access infrastructure with the business goals.