Service oriented architecture governance tools within information security

M.Tech.Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it can be tampered with. Information security is therefore one of the crucial qualities that need to be satisfied within information systems. This dissertation addresses the issue of information security within Service Oriented Architecture applications. Some organisations rely on Service Oriented Architecture governance tools when securing information in their Service Oriented Architecture environment. However, they may purchase them without investigating whether they include information security. The aim of this dissertation is to analyse whether these tools include information security. Each tool is benchmarked against the five information security services, defined by the ISO 7498/2 document and including identification and authentication, authorisation, confidentiality, integrity and non-repudiation. The dissertation concludes with a table summarising the results. This dissertation offers decision-makers information that can assist them in analysing whether Service Oriented Architecture governance tools includes information security. It also assists organisations to be aware of security vulnerabilities within Service Oriented Architecture applications, and the consequences that may arise if information security measures are ignored