There is a rapid movement to SOA because of the promise it brings for unprecedented levels of agility by allowing the business to respond to rapidly changing forces quickly, easily and with a minimum of risk. SOA can be used to create reusable business services, discover existing business services within and beyond an environment, manage business services throughout their lifecycle, assemble business services to support an end-to-end business process, and deliver the outcome of business services in deployment. When well executed, it robustly connects business processes end to end, allowing for easy and non-disruptive changes, and it reduces IT costs with reusable, componentized services. The distributed and open nature of SOA demands security due diligence in order to ensure that identity and security are appropriately managed across a range of systems, organizations, and a diverse mix of new and old technologies.
SOA Security is best verified by the following activities: