Advanced SOA Security


Module 19
Advanced SOA Security

This course covers a series of technical and complex security topics pertaining to contemporary service-oriented solution design, infrastructure, middleware and modern service technologies.

The following primary topics are covered:

  • Security Extensions and Controls for Enterprise Service Bus (ESB) Implementations
  • Security Patterns for Internal Service Architecture
  • Security Risks and Considerations for Cloud-based Services and Service Compositions
  • Authentication Sessions and Secure Conversations
  • Security Token Structures and Issurance
  • Using WS-Trust and WS-Secure Conversation with SAML
  • REST Security Controls and Designs
  • Using HTTP Security Mechanisms
  • Federation and Trust Brokering
  • Security Policy Design and Governance
  • Understanding and Preparing for Common SOA Security Threats

Duration: 1 Day

Text Book(s)

This SOACP course module covers a range of in-depth topics that are described in the course booklet(s) and further elaborated by detailed technical coverage and case study examples in the accompanying Web Service Contract Design & Versioning for SOA, and SOA Design Patterns text books from the acclaimed Prentice Hall Service Technology Series from Thomas Erl.

When attending this course as part of an instructor-led workshop, the required text book(s) are automatically provided together with the course booklet. When working with self-study kits, the required text books need to be purchased separately.

Self-Study Kit

The materials for this course module can be purchased separately as part of the Module 19 Self-Study Kit, which includes additional materials and study aids. These materials are designed to prepare you for Exam S90.19 but they are also suitable for general remote, self-paced study purposes.


This course corresponds to Exam S90.19, which is required for the following certifications:

Vendor-Neutral Topic Overview

Note that all SOACP course modules are focused on vendor-neutral SOA topics and therefore do not provide detailed coverage of any vendor-specific platforms or technologies. SOACP courses are intentionally authored this way so as to provide an unambiguous and objective understanding of SOA practices and technology that can be further complemented with product-specific training.

Fact Sheet

Download a printable PDF document with information about this course module and its corresponding self-study kit.

Prometric Exams

For the latest exams available via Prometric testing centers, visit

Self-Study Kits

For each Prometric exam a self-study kit is being made available, allowing you to study remotely and at your own pace. For information about the latest available Self-Study Kits, visit the Self-Study page.

Instructor-Led Workshops

The following public workshops are currently scheduled. Additional workshops are often added on short notice. For information regarding private instructor-led workshops delivered to your location, contact: