http://www.soamag.com The SOA Magazine is a monthly online publication provided by SOA Systems Inc. and Prentice Hall/PearsonPTR and is officially associated with the "Prentice Hall Service-Oriented Computing Series from Thomas Erl." SOA en-us Copyright 2006-2008, SOA Systems Inc. http://www.soamag.com/I21/0808-3.asp Unlike conventional application architecture, service-oriented solutions that expose Web services to external users and business partners are more susceptible to unauthorized access. While traditional application architectures relied on limited external access with specific security controls, these measures are no longer sufficient for SOA. Service-oriented architectures have opened and connected "black box" software implementations across enterprises, resulting in a new set of interoperable heterogeneous solutions with the common thread of standard protocols. While this level of interoperability is unprecedented for enterprise systems, it further muddies the water for application and enterprise security. The objective of this article is to first introduce the new threats associated with services and service-oriented solutions in general, and then provide fundamental design considerations to mitigate the risks resulting from these threats with an emphasis on message-level security and firewalls. SOA http://www.soamag.com/I21/0808-3.asp#When:13.08.08