Service Oriented Architecture (SOA) raises new challenges for Identity and Access Management (IAM) but equally IAM represents a challenge, which has yet to be properly addressed in SOA. SOA is first and foremost about delivering business agility – the ability to respond in good time and at acceptable cost to rapid and not always predictable change. Successful enterprises don’t try to avoid change – they embrace it. Every aspect of the agile enterprise must be agile: the organization, its processes and policies and the IT services and infrastructure that support that. SOA also opens up the world of the extended enterprise and the vision of the virtual enterprise. Enterprise services may be shared with, operated by or delegated (outsourced) to partners and suppliers.IAM is a specific challenge, which must be addressed during the planning of an SOA. In an agile environment based on Enterprise services possibly deriving from different security domains, it is important to design access policies, which are as agile as the correspondent services. Access policies need to be as loosely coupled as the services themselves and have to be applicable independently of user repositories and security domains.
As a consolidated user repository an IAM system becomes not only the point of authority for authentication and authorization but will also provide the basis for Identity Federation, which will be the foundation for manageable cross-domain SOA.This presentation looks in more detail at the challenges, the strengths and weaknesses of existing techniques and at the standards needed to make it all work. We will consider various strategies to deliver the solution and the related architectural models that incorporate that solution in a complete enterprise vision.
