ANALYSIS OF END-TO-END SOA SECURITY PROTOCOLS WITH MOBILE DEVICES

Service Oriented Architecture (SOA) is an architectural style that provides agility to align technical solutions to a modular business Web Services (WS) that are well decoupled from their consumers. This agility is extended to the Cloud model. To achieve a high level of security and a degree of decoupling, SOA encourages the use of standardized transport schemes such as SOAP/HTTP(s) with WS family of standards specifications (commonly referred to as WS-* (WS-star)) to ease the interoperability complexity and security concerns in enterprise networks, which have medium/high bandwidth and reliable/wired networks. However, these protocol standards are ill suited for mobile devices due to their limited computational capabilities, low bandwidth, and intermittent connectivity. In this paper, we present an analysis of WS-* standards, classifying and discussing their inter-dependencies to provide a basis for determining the limitation of mobile device use in SOA and for establishing an architectural consideration baseline for selecting appropriate security mechanisms.