With the increased reliance on SOAs, and their more prominent role in critical enterprise systems, organizations need a comprehensive security strategy. In an age when security threats are more prevalent than ever, a security breach can cause serious legal, economic and corporate perception issues. SOA Security should not be taken lightly, but should be a primary consideration when establishing communications between distributed systems.
A fundamental aspect of a successfully implemented SOA security is a well-defined, well-planned and well-implemented security model/strategy that is focused around the three basic principles of security (confidentiality, integrity and availability). The world of SOA vulnerabilities is a volatile one. There will always be new threats, and ways to combat these threats. A security policy can not remain static. It needs to be agile in its approach to threats and countermeasures.