Register   Login   About   Study   Enterprise   Share
AI / Internet Technology University (AITU)
Fast Login - available after registration







|

Top Links: >> 80. Technology >> Internet Technology Summit Program >> 4. Web Apps Frameworks
Current Topic: 4.6.Web Services Security
Sub-Topics: 4.6.1. How to access web services from Java with SSL Certificate | 4.6.2.Passing Tokens in the WSSecurity
-- Scroll to check for more content below...
You have a privilege to create a quiz (QnA) related to this subject and obtain creativity score...
4.6.Web Service Security

SOA and Web Service Security

A Problem

Service-Oriented Architecture shift development focus from applications to services.
Multiple applications can call the same services instead of copy/paste/modify their code.
The problem is that exposed services can be called not only by legitimate applications.
Being outside of application umbrella, exposed services need secure protection.

Solution

What:

Service request must include:
- Secure identification of an application requested a service
- Prove that the application has the proper access rights
- Prove that the data are protected and have not been changed
Was it clear so far?

How:

Multiple layers of security provide better security.
Using SSL over HTTP we ensure that all messages are encrypted
This means that web users will access applications with the URL that starts with
HTTPS: and served by the SSL port (usually 443)

Another layer is to protect users from authentication fraud by establishing rules for password encryption and change password functionality.

Working in Java environment, it is recommended to use Java encryption library and proven encryption mechanisms, versus homegrown encryption algorithms.

Establish a single Security Guard protecting services deployed at multiple locations.

A proxy web server is a single point of access for multiple internal and external consumers accessing multiple web services

Assignments
1. Research this subject on the web and provide an essay expanding the most important aspects.
2. Email the essay with the reference links to dean@ituniversity.us
3. Create 4 QnA on the subject and email to dean@ituniversity.us

| Check Your Progress | Propose QnA | Have a question or comments for open discussion?

Have a suggestion? - shoot an email
Looking for something special? - Talk to me
Read: IT of the future: AI and Semantic Cloud Architecture | Fixing Education
Do you want to move from theory to practice and become a magician? Learn and work with us at Internet Technology University (ITU) - JavaSchool.com.

Technology that we offer and How this works: English | Spanish | Russian | French

Internet Technology University | JavaSchool.com | Copyrights © Since 1997 | All Rights Reserved
Patents: US10956676, US7032006, US7774751, US7966093, US8051026, US8863234
Including conversational semantic decision support systems (CSDS) and bringing us closer to The message from 2040
Privacy Policy