SOA Patterns - Data Confidentiality

Arcitura IT Certified Professionals (AITCP) Int'l SOA, Cloud + Service Technology Symposium Series Prentice Hall Service-Oriented Computing Series Arcitura IT Certified Professionals (AITCP) Int'l SOA, Cloud + Service Technology Symposium Series Prentice Hall Service-Oriented Computing Series Arcitura IT Certified Professionals (AITCP) Int'l SOA, Cloud + Service Technology Symposium Series Prentice Hall Service-Oriented Computing Series Arcitura YouTube Channel

Overview

	History
	Acknowledgements
	Podcasts
	Notification Form
	Feedback Form
	Press Release #1
	Press Release #2
	Press Release #3

Master SOA Design
Pattern Catalog

	Master Pattern List (alphabetical)
	Master Pattern List (by category)
	Master Pattern List (Text)
	Pattern Notation
	Pattern Profiles
	Symbol Legend
	Pattern Contribution Form

SOA Candidate Patterns

	SOA Patterns Review Committee
	Candidate Patterns Overview
	Candidate Patterns List
	Candidate Pattern Contribution Form
	Candidate Pattern Feedback Form
	SOA Pattern Template

Design Pattern Basics

	What's a Design Pattern?
	What's a Design Pattern Language?
	What's a Compound Pattern?

Supplemental

	SOA Patterns and Application Technologies
	SOA Design Patterns Historical Influences
	SOA Design Patterns and Design Principles
	SOA Design Patterns and Design Granularity
	Legal

Resources

	Design Patterns Publications
	Reference Posters
	SOAPrinciples.com
	WhatIsSOA.com
	SOA Visio Stencil

Data Confidentiality

(Hogg, Smith, Chong, Hollander, Kozaczynski, Brader,
Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham)

Home > Service Interaction Security Patterns > Data Confidentiality

How can data within a message be protected so that it is not
disclosed to unintended recipients while in transit?

Problem

Within service compositions, data is often required to pass through one or more intermediaries. Point-to-point security protocols, such as those frequently used at the transport-layer, may allow messages containing sensitive information to be
intercepted and viewed by such intermediaries.

Solution

The message contents are encrypted independently from the transport, ensuring that only intended recipients can access the protected data.

Application

A symmetric or asymmetric encryption and decryption algorithm, such as those specified in the XML-Encryption standard, is applied at the message level.

Impacts

This pattern may add runtime performance overhead associated with the required encryption and decryption of message data. The management of keys can further add to governance burden.

Principles

Service Composability

Architecture

Inventory, Composition, Service

Data Confidentiality protects the message while in transit between services and while in the possession of unauthorized intermediaries.

Related Patterns in This Catalog

Brokered Authentication (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham), Data Origin Authentication (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham), Direct Authentication (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham), Message Metadata (Erl), Service Agent (Erl), Service Messaging (Erl), State Messaging (Karmarkar)

Related Service-Oriented Computing Goals

Increased Vendor Diversification Options, Reduced IT Burden

This page contains excerpts from:

SOA Design Patterns by Thomas Erl

Foreword by Grady Booch

With contributions from David Chappell, Jason Hogg, Anish Karmarkar, Mark Little, David Orchard, Satadru Roy,
Thomas Rischbeck, Arnaud Simon, Clemens Utschig, Dennis Wisnosky, and others.

(ISBN: 0136135161, Hardcover, Full-Color, 400+ Illustrations, 865 pages)

For more information about this book, visit www.soabooks.com.

The Prentice Hall Service-Oriented Computing Series from Thomas Erl

Home SOA Books SOA Magazine What is SOA? SOA Principles SOASchool.com SOA Glossary