Handling Multiple Credentials in a Heterogeneous SOA Environment

Abstract

With all the diverse technology in a typical corporate IT environment, it's no surprise that multiple types and formats of security credentials exist, each one designed to protect its respective software system. We can address the problem of handling multiple credential types and formats in a heterogeneous SOA environment by using a data structure designed not only to store and propagate user credential information but also to accurately reflect trust relationships between credential instances. Modeling credentials in this manner leads to improved assurance for applications that need to enforce security policies, either based on business rules established at the corporate level or by compliance to the relevant security specifications.