Object- and service-oriented security – Final report


  • Lars Westerdahl

Publish date: 2011-12-31

Report number: FOI-R--3361--SE

Pages: 39

Written in: Swedish


  • IT-security
  • information security
  • Service-oriented architecture


The project Object- and service-oriented security has explored the possibilities for presenting security functionality as services. The purpose with service orientation is to create more flexible systems, which can adapt to new environments and situations easier and quicker, for instance when coalition partners enters or leaves the coalition. The development in the internet community during the lifetime of the project has been fast. As a consequence, some security functionalities are today offered as cloud services. Public cloud services are not yet mature from a defence point of view. However, offering security functionalities as internal services may be beneficial. It could provide a more consistent and predictable development. During the lifetime of the project, there has been a shift in focus towards objectbased security. Service orientation of security functionality has been deemed a way forward to distribute security functionalities and thus increase the availability of information objects.