The growing popularity of Service Oriented Architectures is mainly due to business and technology trendsthat have crystallized over thepast decade. On the business side, companies struggle to survive in a competitive - vironment that pushes them towards a tighter integration into an industry's value chain, to outsource non core business operations or to constantly- engineer business processes. These challenges boosted the demand for sc- able IT-solutions, with e?orts ultimately resulting in a ?exible architectural paradigm - Service Oriented Architectures. On the technical side, middleware standards, technologies and archit- turesbasedonXMLand Webservicesaswellastheirsecurityextensionshave matured to a sound technology base that guarantees interoperability across enterprise and application boundaries - a prerequisite to inter-organizational applications and work?ows. While the principles and concepts of Service Oriented Architectures may lookevidentandcogentfromaconceptualperspective,therealizationofint- organizational work?ows and applications based on the paradigm "Service Oriented Architecture" remains a complex task, and, all the more when it comes to security, the implementation is still bound to low-level technical knowledgeandhence error-prone.
The number of books and publications o?ering implementation-level c- erageofthetechnologies,standardsandspeci?cationsasrequiredbytechnical developers lookingfor guidance on how to"add"security to service oriented solutions based on Web services and XML technology is already considerable and ever growing. The present book sets a di?erent focus. Based on the p- adigmof Model Driven Security, it shows how to systematically designand realize security-critical applications for Service Oriented Architectures.