Arcitura IT Certified Professionals (AITCP)
Arcitura IT Certified Professionals (AITCP)
Arcitura IT Certified Professionals (AITCP)
Arcitura YouTube Channel
- Overview
- Introduction
- History
- Acknowledgements
- Podcasts
- Candidate Patterns
- Forms
- Press Releases
- Resources
- Compound Patterns
- Design Patterns (alphabetical)
- Overview
-
Agnostic Capability
-
Agnostic Context
-
Agnostic Sub-Controller
-
Asynchronous Queuing
-
Atomic Service Transaction
-
Brokered Authentication
-
Canonical Expression
-
Canonical Protocol
-
Canonical Resources
-
Canonical Schema
-
Canonical Versioning
-
Capability Composition
-
Capability Recomposition
-
Compatible Change
-
Compensating Service Transaction
-
Composition Autonomy
-
Concurrent Contracts
-
Content Negotiation
-
Contract Centralization
-
Contract Denormalization
-
Cross-Domain Utility Layer
-
Data Confidentiality
-
Data Format Transformation
-
Data Model Transformation
-
Data Origin Authentication
-
Decomposed Capability
-
Decoupled Contract
-
Direct Authentication
-
Distributed Capability
-
Domain Inventory
-
Dual Protocols
-
Endpoint Redirection
-
Enterprise Inventory
-
Entity Abstraction
-
Entity Linking
-
Event-Driven Messaging
-
Exception Shielding
-
File Gateway
-
Functional Decomposition
-
Idempotent Capability
-
Intermediate Routing
-
Inventory Endpoint
-
Legacy Wrapper
-
Lightweight Endpoint
-
Logic Centralization
-
Message Screening
-
Messaging Metadata
-
Metadata Centralization
-
Multi-Channel Endpoint
-
Non-Agnostic Context
-
Partial State Deferral
-
Partial Validation
-
Policy Centralization
-
Process Abstraction
-
Process Centralization
-
Protocol Bridging
-
Proxy Capability
-
Redundant Implementation
-
Reliable Messaging
-
Reusable Contract
-
Rules Centralization
-
Schema Centralization
-
Service Agent
-
Service Callback
-
Service Data Replication
-
Service Decomposition
-
Service Encapsulation
-
Service Façade
-
Service Grid
-
Service Instance Routing
-
Service Layers
-
Service Messaging
-
Service Normalization
-
Service Perimeter Guard
-
Service Refactoring
-
State Messaging
-
State Repository
-
Stateful Services
-
Termination Notification
-
Trusted Subsystem
-
UI Mediator
-
Utility Abstraction
-
Validation Abstraction
-
Version Identification
- Design Patterns (by category)
- Foundational Inventory Patterns
- Logical Inventory Layer Patterns
- Inventory Centralization Patterns
- Inventory Implementation Patterns
- Inventory Governance Patterns
- Foundational Service Patterns
- Service Implementation Patterns
- Service Security Patterns
- Service Contract Design Patterns
- Legacy Encapsulation Patterns
- Service Governance Patterns
- Capability Composition Patterns
- Service Messaging Patterns
- Composition Implementation Patterns
- Service Interaction Security Patterns
- Transformation Patterns
- REST-inspired Patterns
- Cloud Computing Patterns
- Service Technology Specs
- SOA School
Trusted Subsystem (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham)
How can a consumer be prevented from circumventing a service and directly accessing its resources?
Problem
A consumer that accesses backend resources of a service directly can compromise the integrity of the resources and can further lead to undesirable forms of implementation coupling.
Solution
The service is designed to use its own credentials for authentication and authorization with backend resources on behalf of consumers.
Application
Depending on the nature of the underlying resources, various design options and security technologies can be applied.
Impacts
If this type of service is compromised by attackers or unauthorized consumers, it can be exploited to gain access to a wide range of downstream resources.
Principles
Service Loose CouplingArchitecture
Service
Neither a malicious or non-malicious consumer can access the database directly. Only the service itself can access the database with its own credentials.
Related Patterns in This Catalog
Brokered Authentication, Direct Authentication
Related Service-Oriented Computing Goals
This page contains excerpts from:
SOA Design Patterns by Thomas Erl
Foreword by Grady Booch
With contributions from David Chappell, Jason Hogg, Anish Karmarkar, Mark Little, David Orchard, Satadru Roy, Thomas Rischbeck, Arnaud Simon, Clemens Utschig, Dennis Wisnosky, and others.
(ISBN: 0136135161, Hardcover, Full-Color, 400+ Illustrations, 865 pages)
For more information about this book, visit www.servicetechbooks.com.