Fundamental SOA Security


Module 18
Fundamental SOA Security

This course provides essential techniques, patterns and industry technologies that pertain to establishing security controls and security architectures for services and service-oriented solutions.

The following primary topics are covered:

  • Common SOA Security Practices and Service Security Controls
  • Security and the Service-Oriented Architectural Model
  • SOA Security Considerations for Service and Composition Architectures
  • Service Interaction Security Patterns
  • Security Implications of Service-Orientation Principles
  • Authentication, Authorization, Confidentiality and Integrity Mechanisms Relevant to Service-Oriented Solutions
  • PKI, Digital Certificates, Certificate Authorities
  • Single-Sign On Technologies
  • Web Services and XML Industry Standards Relevant to Service-Oriented Solutions
  • Common and Emerging Threats and Attacks

Duration: 1 Day

Text Book(s)

This SOACP course module covers a range of in-depth topics that are described in the course booklet(s) and further elaborated by detailed technical coverage and case study examples in the accompanying SOA Principles of Service Design, Service-Oriented Architecture: Concepts, Technology, and Design, and SOA Design Patterns text books from the acclaimed Prentice Hall Service Technology Series from Thomas Erl.

When attending this course as part of an instructor-led workshop, the required text book(s) are automatically provided together with the course booklet. When working with self-study kits, the required text books need to be purchased separately.

Self-Study Kit

The materials for this course module can be purchased separately as part of the Module 18 Self-Study Kit, which includes additional materials and study aids. These materials are designed to prepare you for Exam S90.18 but they are also suitable for general remote, self-paced study purposes.


This course corresponds to Exam S90.18, which is required for the following certifications:

Vendor-Neutral Topic Overview

Note that all SOACP course modules are focused on vendor-neutral SOA topics and therefore do not provide detailed coverage of any vendor-specific platforms or technologies. SOACP courses are intentionally authored this way so as to provide an unambiguous and objective understanding of SOA practices and technology that can be further complemented with product-specific training.

Fact Sheet

Download a printable PDF document with information about this course module and its corresponding self-study kit.

Prometric Exams

For the latest exams available via Prometric testing centers, visit

Self-Study Kits

For each Prometric exam a self-study kit is being made available, allowing you to study remotely and at your own pace. For information about the latest available Self-Study Kits, visit the Self-Study page.

Instructor-Led Workshops

The following public workshops are currently scheduled. Additional workshops are often added on short notice. For information regarding private instructor-led workshops delivered to your location, contact: