SOA Security Specialist
Each service can have its own individual security requirements and security architecture. Further, with agnostic services, the requirements of the service compositions reusing the service to automate different types of business processes also need to be taken into account. In this case, the service may need to join a service composition architecture that introduces a parent security architecture that encompasses the service’s individual security architecture.
Either way, the SOA Security Specialist role is dedicated to ensuring that services (individually and as part of service compositions) are properly secured and also that agnostic services are sufficiently flexible so that they can be incorporated into other security architectures when required.
Figure 1 – Security issues are of primary concern when physical design stages are entered, through to when the service is implemented. SOA Security Specialists will further be involved with subsequent stages, as new security requirements or threats surface.