Identity Access Management & Governance

Enterprise Service Oriented Architecture (SOA)

What is a Service Oriented Architecture?

The goal of a service oriented architecture is to provide services that are 100% available, reliable, compliant, and secure. The has a wonderful definition and explanation of an SOA and what it comprises.

Enterprises would benefit from design and realignment of its business and technical processes to align with a Service Oriented Architecture (SOA). SOA design encourages building applications composed of discrete software agents that have simple, well-defined interfaces, and are orchestrated through a loose coupling to perform a required function.

When designing a SOA, the following should be taken into account to ensure the organization, department or location can continue the service the clinician or other company resources desires to accomplish. The following is an example and certainly not inclusive:

  • Services must publish an Service Level Agreement (SLA) & hold themselves to it
  • Services must talk to one another in a reasonably consistent manner
  • Services must meet regulatory requirements in a consistent manner
  • Services must identify and discover one another using DNS
  • Services must authenticate to one another in the same manner for level of trust

SOA Compliance

What are the requirements to create an SOA compliant IAM governance program? ISO/IEC 17998:2012 provides guidelines for SOA governance which should be a part of the enterprise Identity Governance Program foundation principles.