Böhm, O.O.BöhmCaumanns, J.J.CaumannsFranke, M.M.FrankePfaff, O.O.Pfaff2022-03-102022-03-102008https://publica.fraunhofer.de/handle/publica/36079010.1109/EDOC.2008.362-s2.0-56649119133The loose coupling of services is a key characteristic for modern IT-systems based on SOA. This paper analyzes the design and realization of SOA security in a SOA-compliant fashion. It focuses on federated authentication and authorization based on Web services security technologies. The SOA-style infrastructure of the eCR specification is used as a practical case study. eCR systems address the exchange of medical data within regional healthcare networks. Adequate IT-security and especially federated authentication and authorization are imperative for eCR systems.en004conference paper