WSO2 Delivers Secure Governance to the Cloud with WSO2 Governance as a Service and WSO2 Identity as a Service

Open Source WSO2 Stratos Cloud Middleware Services for Governance and Identity Management Enable Rapid Enterprise SOA Development, Protect Against Cloud Lock-in

Mountain View, CA – November 15, 2010 WSO2 today announced the newest releases of WSO2 Governance as a Service and WSO2 Identity as a Service, which enable secure governance of enterprise service-oriented architecture (SOA) deployments in the cloud. Based on the widely implemented WSO2 Governance Registry and WSO2 Identity Server, the middleware services bring robust capabilities, based on proven technology, for governance and identity management on a public cloud, private cloud, or hybrid cloud.

As cloud service adoption grows in the enterprise, IT organizations need a centralized solution for consistently managing resources, people, processes and policies—across internal, shared and software as a Service (SaaS) systems. Working in concert, WSO2 Governance as a Service and WSO2 Identity as a Service ensure that each new service or application deployed automatically participates in and benefits from the governance policies of the organization, and that access remains secure and private. The WSO2 middleware services can be used on WSO2’s hosted infrastructure, within a private cloud, or in a hosted private cloud such as Amazon’s Virtual Private Cloud.

“As more enterprise applications and services move to the cloud, they are introducing a range of new deployment models, and this is placing more demands than ever on enterprise governance and identity management,” said Paul Fremantle, co-founder and CTO. “Our WSO2 Governance as a Service and Identity as a Service combine consistent policy enforcement with flexible implementation models to ensure secure governance, regardless of whether applications reside on private clouds, public clouds, on-premise systems, or one of the increasing number of hybrid environments.”

New Functionality with Launch of WSO2 Stratos 1.0

The newest versions of WSO2 Governance as a Service and WSO2 Identity as a Service are part of the WSO2 Stratos 1.0 platform as a service (PaaS), which also launched today. The open source WSO2 Stratos is the industry’s first complete cloud middleware platform for implementing an enterprise SOA. WSO2 Stratos extends WSO2 Carbon, the award-winning, OSGi-compliant enterprise middleware platform, which includes WSO2 Governance Registry and WSO2 Identity Server. [For more detail, see WSO2 Stratos 1.0 press release also dated November 15, 2010.]

WSO2 Governance as a Service and WSO2 Identity as a Service offer all the benefits of the cloud without the complexity or fear of vendor lock-in. First, the automated, integrated and highly scalable infrastructure translates into shorter project times. Second, multi-tenancy means applications managed by different business units or regional offices can be delivered cost-effectively from a single location. Third, multi-tenancy, metering and auto-scaling reduce costs by optimizing data center utilization and letting tenants pay only for what they use. Fourth, because governance is automated, it facilities control over applications and services across different tenants. Finally, because the middleware services are based on the open source WSO2 Governance Registry, WSO2 Identity Server, and WSO2 Stratos, they allow applications to be migrated smoothly and safely—on premise, to a private cloud, to the public cloud, or to a hybrid environment—for unprecedented deployment flexibility.

With the launch of WSO2 Stratos 1.0, WSO2 Governance as a Service and WSO2 Identity as a Service now offer tight integration with all WSO2 Stratos middleware services. All the resources of WSO2 Stratos services can be monitored and governed from a single point with WSO2 Governance as a Service, and any modification made in one place, such as changing a security policy, is immediately visible to all other places. Additionally, tight integration now enables single sign-on through Identity as a Service to access all WSO2 Stratos services that they are authorized to use. Other enhancements include:

  • New auto-scaling capabilities automatically adjust the use of cloud resources to meet increased or decreased demand, and help enterprises optimize data utilization.
  • Enhanced automatic activity monitoring is now available in real time, eliminating the time gap between data collection and the availability of data for monitoring.
  • Enhanced usage metering is now automated so that every operation by a tenant or its users will be monitored and recorded to facilitate billing and manage access.

WSO2 Governance as a Service

WSO2 Governance as a Service builds on the proven performance of the WSO2 Governance Registry, a structured registry and repository featuring comprehensive SOA lifecycle management support. It offers well-defined extension points for a flexible, plug-in approach to linking resources and allowing users to encode their own governance rules and polices. A governance dashboard provides runtime and design-time monitoring, while eventing and notification support is available through the application of business rules. Together with its socially enabled interface, these capabilities facilitate collaboration in the management,ranking and reuse of enterprise Web services—locally or in the cloud.

WSO2 Governance as a Service and WSO2 Identity as a Service also take advantage of WSO2 Carbon Studio, the fully open source Eclipse-based integrated developer environment (IDE). Launched in October 2010, WSO2 Carbon Studio provides a new level of ease in building SOA and composite applications based on WSO2 Carbon and WSO2 Stratos.

WSO2 Identity as a Service

WSO2 Identity as a Service is based on the proven WSO2 Identity Server—providing strong, multifactor authentication and identity management. It uses electronic IDs based on OpenID and Information Cards based on Microsoft CardSpace technology standards, and it supports the Open Authorization (OAuth) protocol for controlled sharing of information with other websites. The claim-based security token service maps user attributes to defined claims, which can be used to enable identity federation with claim-aware Web services. Additionally, statistics, reporting and an audit trail enable administrators to monitor user accounts and issuances of information cards and tokens for login requests to relying party Web-applications.

Availability and Support

WSO2 Governance as a Service and WSO2 Identity as a Service are available today as supported production-ready deployments for private clouds and as beta versions in the public cloud at and, respectively. As fully open source solutions, WSO2 Governance as a Service and WSO2 Identity as a Service do not require any licensing fees. WSO2 offers a range of service and support options, including evaluation support, the CloudStartSMconsulting program, development support, and production support.

About WSO2

WSO2 is the lean enterprise middleware company. It delivers the only complete open source enterprise SOA middleware stack purpose-built as an integrated platform to support today’s heterogeneous enterprise environments—internally and in the cloud. WSO2’s service and support team is led by technical experts who have proven success in deploying enterprise SOAs and contribute to the technology standards that enable them. For more information,visit and the WSO2 OxygenTank developer portal at, or check out WSO2 on Twitter, LinkedIn, Facebook, Planet WSO2and FriendFeed.

Trademarks and registered trademarks are the properties of their respective owners.