These issues arise as an effect of the main premise of SOA, which is to erase application boundaries and technology differences.
Standards such as WS-Security, SAML, WS-Trust, WS-SecureConversation and WS-SecurityPolicy focus on the security and identity management aspects of SOA implementations that use Web services.
Technologies such as virtual organization in grid computing, application-oriented networking (AON) and XML gateways are addressing the problem of SOA security in the larger context.
An XML gateway is a dedicated application which allows for a more centralized approach to security and identity enforcement, similar to how a protocol firewall is deployed at the perimeter of a network for centralized access control at the connection and port level.
Regulatory certification for XML gateway security features are provided by Federal Information Processing Standards (FIPS) and United States Department of Defense.