Any Service-Oriented Architecture (SOA) needs to support security features that provide auditing, authentication, authorization, condentiality, and integrity for the messages exchanged between the client and the service. Microsoft Windows Communication Foundation (WCF) provides these security features by default for any application that is built on top of the WCF framework. In this session the presenters will discuss the WCF security features related to auditing and logging, authentication, authorization, condentiality and integrity.
This talk is focused on WCF security features with code demonstration to use behaviors and bindings to congure security for your WCF service. Bindings and behaviors
allow you to congure transfer security, authentication, authorization, impersonation, and delegation as well as auditing and logging. This presentation will help you understand basic security-related concepts in WCF, what bindings and behaviors are and how they are used in WCF, authorization and roles in the context of WCF, impersonation and delegation in the context of WCF and what options are available for auditing in WCF.
Targeted towards solution architects and developers, this talk will provide you architectural guidance regarding authentication, authorization, and communication design for your WCF services, solution patterns for common distributed application scenarios using WCF and principles, patterns, and practices for improving key security aspects in services.
SOA establishes an architectural model that aims to enhance the efficiency, agility, and productivity of an enterprise by positioning services as the primary means through which solution logic is represented in support of the realization of the strategic goals associated with service-oriented computing.On a fundamental basis, the service-oriented computing platform revolves around the service-orientation design paradigm and its relationship with service-oriented architecture. In fact, the term "service-oriented architecture" and its associated acronym have been used so broadly by the media and within vendor marketing literature that it has almost become synonymous with service-oriented computing itself. It is therefore very important to make a clear distinction between what SOA actually is and how it relates to other service-oriented computing elements.As a form of technology architecture, an SOA implementation can consist of a combination of technologies, products, APIs, supporting infrastructure extensions, and various other parts. The actual face of a deployed service-oriented architecture is unique within each enterprise; however it is typified by the introduction of new technologies and platforms that specifically support the creation, execution, and evolution of service-oriented solutions. As a result, building a technology architecture around the service-oriented architectural model establishes an environment suitable for solution logic that has been designed in compliance with service-orientation design principles.