GMU C4I Center Seminar
Security and Service Oriented Architecture
Dr. Kenneth Laskey
Friday, February 3, 2012 at 1:00 PM
Nguyen Engineering building, Room 4705
There are many attempts at defining Service Oriented Architecture, more than a few being circular in
their references between SOA and services. The OASIS SOA Reference Model provides a different focus:
Service Oriented Architecture (SOA) is a paradigm for organizing and utilizing distributed capabilities
that may be under the control of different ownership domains. This is important in the context of
security and SOA for two reasons. First, a significant motivation for SOA is the reuse of services
from different sources, enabling the composition of basic building blocks into more complex solutions.
If services are the means to utilizing distributed capabilities within compositions, they must be
appropriately scoped and provide functionality that is widely applicable to many solutions. It is
also important to be clear what we mean by and expect of composability. Second, if we are to cross
ownership boundaries in using services, there must be sufficient trust among actors for them to be
willing to participate in service interactions. One element of establishing trust is sufficient and
DR. KENNETH LASKEY is a lead engineer at The MITRE Corporation. He supports SOA efforts for DoD and numerous
agencies within the Intelligence Community, including support for the development of CDR IPT service
specifications. Dr. Laskey's involvement in international standards organizations include 8 years as an
elected member of the W3C Advisory Board and chair of the OASIS SOA Reference Model Technical Committee.
Dr. Laskey is also an editor of the Reference Model for Service Oriented Architecture (an OASIS Standard)
and the OASIS Reference Architecture Foundation for Service Oriented Architecture (an OASIS Committee
Specification). Dr. Laskey co-teaches the SOA Foundations course for the MITRE Institute..