Service Oriented Architecture

TWM Associates, Inc. (TWM) has been providing support and knowledge transfer on security issues relating to the use of the service oriented architectures (SOAs).

TWM not only identified some of the major security concerns from both a security and governance perspective with SOAs, but has also developed a process to assess the security vulnerabilities that exists within SOA.

TWM has accomplished this through an understanding of the intent of policy while working at the code and architecture level with the system developers. TWM believes success is achieved by working with vendors and service providers in the development laboratory to achieve as much assurance as possible. Once all the assurance can be derived from the technology, some level of residual risk has to be determined. TWM works to determine if compensating controls need to be integrated into the enterprise to protect both the customer and the vendor. In the end, TWM attempts to provide an IA compliant success approach that is affordable and achievable.