-          Co-sponsored with C4I Center


DATE:            Friday, February 3, 2012

TIME:            1:00pm  - 2:00pm

LOCATION: ENGR, room 4705


Security and Service Oriented Architecture 

Dr. Ken Laskey

Lead Engineer, MITRE Corporation



There are many attempts at defining Service Oriented Architecture, more than
a few being circular in their references between SOA and services.  The
OASIS SOA Reference Model provides a different focus:  Service Oriented
Architecture (SOA) is a paradigm for organizing and utilizing distributed
capabilities that may be under the control of different ownership domains.
This is important in the context of security and SOA for two reasons.
First, a significant motivation for SOA is the reuse of services from
different sources, enabling the composition of basic building blocks into
more complex solutions.  If services are the means to utilizing distributed
capabilities within compositions, they must be appropriately scoped and
provide functionality that is widely applicable to many solutions.  It is
also important to be clear what we mean by and expect of composability.
Second, if we are to cross ownership boundaries in using services, there
must be sufficient trust among actors for them to be willing to participate
in service interactions.  One element of establishing trust is sufficient
and predictable security.

The seminar will explore both of these aspects of the secure use of
services.  We will review the efforts of the Joint IC/DoD Content Discovery
and Retrieval (CDR) Integrated Product Team (IPT) to define the core
components needed to address the CDR challenges and begin to look at what
the composition of services implementing these core components can provide.
We consider the variety of compositions possible and then discuss the needs
of CDR solution architects to be well-versed in and be able to incorporate
security guidance when designing service solutions.  The overall goal is to
sensibly enable rather than reflexively limit the flexibility that a SOA
ecosystem is expected to deliver.  


Short Bio

Dr. Ken Laskey is a lead engineer at The MITRE Corporation.  He supports SOA
efforts for DoD and numerous agencies within the Intelligence Community,
including support for  the development of CDR IPT service specifications.
Dr. Laskey's involvement in international standards organizations include 8
years as an elected member of the W3C Advisory Board and chair of the OASIS
SOA Reference Model Technical Committee.  Dr. Laskey is also an editor of
the Reference Model for Service Oriented Architecture (an OASIS Standard)
and the OASIS Reference Architecture Foundation for Service Oriented
Architecture (an OASIS Committee Specification).  Dr. Laskey co-teaches the
SOA Foundations course for the MITRE Institute.