To account for evolution of your SOA security strategy over time, bake into your design as much consistency as possible between simpler SOA security patterns and more-complex ones. Although your organisation may be accustomed to making security compromises to avoid the cost of an advanced brokered, layered, federated security strategy, an advanced strategy will become both easier to attain and more mandatory overtime as SOA security matures and as requirements for cyber security increase.
Randy Heffner is a vice president at Forrester Research, serving Enterprise Architecture professionals. He is a leading expert on architectures and design approaches for building enterprise applications that are secure and resilient in the face of continuous business and technology change.
Sign up for Computerworld eNewsletters.