This article, written by two experts in Identity Management from Oracle corporation, details a way of thinking about identity and access control based on the integration of identity systems and policy systems.
You can access the full article here.
SOA systems identify infrastructural services that are needed by other services to achieve a complete functional architecture. In many cases, certain functions cut across many others. These "cross cutting concerns" provide a challenge to the organization to come up with ways to manage them in a more holistic way.
The article suggests that applications of this this technology can include companies exposing their applications to external trading partners, compliance with government regulations such as Sarbanes-Oxley, and the integration of merged companies. It quotes the wikipedia, which defines Identity Management as:
"Identity Management (IM) is an integrated system of business processes, policies, and technologies that enable organizations to facilitate and control their users' access to critical online applications and resources - while protecting confidential personal and business information from unauthorized users. It represents a category of interrelated solutions that are employed to administer user authentication, access rights, access restrictions, account profiles, passwords, and other attributes supportive of users' roles/profiles on one or more applications or systems."
The article goes on to suggest the connection between identity and selective policy enforcement.