SOA security and IAM

How do you relate your SOA to your security strategi (Identity and Access Management, Single Sign On etc.). What is a good IAM-strategy, and how do you implement it?

Keywords: - SAML 2 - Federation - Distributed IAM checklist - Single Sign On - Open SSO - ESB or Security proxy

The biggest challenge which IAM implementation faces is that it is perceived by a lot of business stakeholders to be an IT project, whereas it is actually a business project because rules are defined across business processes and the organization.

💡 h3. Resources 💡 💡 * IdM @ Cantara Wiki 💡 * IAM Guiding Principles 💡 * Liberty Alliance 💡 * SAML-lSSO and SAML OpenID Profile 💡 * SAML versus OpenID 💡 * LDAP og RFCs 💡 💡 💡 💡 💡 💡 !IAM concepts.jpg! 💡 💡 💡