Technology Detail

SOA Systems Security

Get More

Contact Us

Contact UsTo learn more about Raytheon BBN's technology development, call 617-873-8000 or email us at technology@bbn.com.

Launch the Quick Contact Form
Protecting SOA Systems Against Determined Adversaries

Service oriented architectures (SOAs) are proliferating because they allow developers to incorporate previously developed software components and apply them in innovative ways, which means they can build reliable new applications faster and at lower cost. Because of these benefits, more and more military information systems and other critical systems are based on SOAs.

Critical SOA systems must not only tolerate accidental failures, but also continue to deliver an acceptable level of service despite being under attack. Yet the very characteristics that make SOA systems appealing--dynamism, loose coupling, and novel messaging and interaction patterns—also make them a challenge to protect. Current SOA environments lack adequate protection, detection, and adaptation capabilities to survive against motivated, well-resourced, and determined adversaries, putting them at significant risk of corruption, loss of service, and maliciously initiated leakage of information.

Protecting SOA environments requires a synergistic combination of protection, detection, and adaptation capabilities, complemented by validated design principles such as defense-in-depth, single point of failure avoidance, containment and isolation. Furthermore, novel techniques such as automatic generation of configurations and policies from high-level specifications are needed to address the additional risks and vulnerabilities introduced by service-oriented method of system construction. We are developing security features to handle the multifaceted and dynamic information exchange demanded by network-centric operations more quickly and cost effectively to enable future SOA systems to detect, protect and adapt to survive attacks from motivated, well-resourced, and determined enemies. Our strategic combination of innovative approaches is designed to bring the same level of resiliency to SOA systems that we have previously demonstrated in a distributed object based system. Our solution is focused on the following areas:

  • Architecture Enhancements to introduce isolation, containment, redundancy and to enable adaptive behavior.
  • Innovative Defense Mechanisms, including new security and adaptive technologies.
  • Safe and Secure Composition to ensuring safety, proper configuration, and freedom from residual vulnerabilities.