Oracle Simplifies SOA and Web Services security

NEW DELHI: Oracle has announced the industry's first integrated, standards-based business process platform that simplifies the security of service-oriented architectures (SOAs) and Web services. This platform comprised of Oracle BPEL Process Manager and Oracle Web Services Manager enables customers to easily and cost-effectively implement end-to-end Web services security and management, helping guarantee that Web services deployed within or across enterprise firewalls are 100 percent secure.

The integrated components of Oracle Fusion Middleware make it easier to implement and deliver on service level agreements. The combined products also make it simple to create, integrate, orchestrate and access secure Web services without hard coding security policies, transformations, location transparency and version control. Previously, organizations had to purchase and integrate a separate Web services orchestration engine and Web services security management tool to get the same result — a complex, lengthy and costly process.

Based on the Business Process Execution Language (BPEL) standard, Oracle BPEL Process Manager allows organizations to easily implement adaptive transactions and collaborative business processes based on composite applications — the cornerstone of SOAs. Oracle Web Services Manager secures and manages the operations of Web services and the interactions between these services. When integrated, the two provide a secure business process platform that includes all of the elements required to secure business processes built on any Java-based application server.

Key features of Oracle Web Services Manager include:

Policy Manager

— Graphical tool for building new security and operations policies, storing policies and managing distribution and updates to runtime agents and gateways.

Policy Gateways

— Deployed in front of a group of applications or services, policy gateways can intercept inbound requests to these applications in order to enforce policy steps, adding application security and other operation rules to applications that are already deployed.

Policy Agents

— Provide a fine-grained level of security by plugging directly into an application or service.

Monitoring Dashboard

— Collects data from gateways and agents as they execute policies and displays results in a graphical format. Allows administrators to set quality of service levels for each application and will display alerts when the application exceeds established targets.