New Security Runtime For SOA Infrastructures Eclipse Project
Security Runtime for SOA Infrastructures (secRT) has been proposed as an Eclipse project.
In business projects confidentiality, integrity and authenticity of information and data have to be ensured along with protection against Trojans, viruses and various other web-based attacks. One security method, is the application-centric approach of manually implementing security requirements inside the applications. However, secRT aims to provide a comprehensive automated solution through a platform independent runtime environment for security, based on OSGi. Applications may access the secRT security services via interfaces without the need for implementations of specific mechanisms for each application.
The secRT architecture will consist of local runtime components which act as Policy Enforcement Points. A Security Workflow Editor will orchestrate the secRT security services. During runtime, the secRT will automatically enforce the security policy – configuration, deployment and realisation can be achieved without programming effort.
Standard implementations of algorithms for cryptographic operations will be available through the encapsulation of cryptographic libraries via a wrapper. Daily rolling log-files will enable analysis and error search.
secRT is being proposed as a technology project, rather than a part of the Eclipse platform. SOA security company CORISECIO GmbH will contribute major parts of its custom-developed security platform into this project.
An initial Eclipse release is expected in September 2010.