Functional Use Cases and Security Integration Template

Long overdue, here is a paper I published last fall on use cases and integration templates for distributed service architectures. While this is not necessarily the most advanced set of use cases, it is intended to guide implementation of technologies today, as opposed to 3 years from now (or so).

I compiled these by talking to a number of architects of service oriented infrastructures and services. Broadly speaking, there are 4 major categories of use cases:

  • Simple Single Sign on for Web Applications (1)
  • Web Application to legacy, SOAP, and RESTful service (2, 3, 4, 5, 6, 7)
  • Rich Client to service (8, 9)
  • Service Chaining (10, 11)

Note that I do make a strong difference in these use cases as to what credential is used for a subsequent invocation.

In addition, I compiled some characteristics of a common security infrastructure that would be needed by many projects, which includes access management, user provisioning, federation, and logging components. Finally, this common security infrastructure should be capable of integrating with the five integration templates (custom reverse proxy to fully security enabled SOAP or REST HTTP service).

At this time, I am using this taxonomy to better understand what a given engineering solution for distributed services can actually implement. If you have suggestions as to what else should be included, please let me know.

Leave a Reply

Your email address will not be published. Required fields are marked *