tailieunhanh - Mastering Web Services Security p9
Hình cũng cho thấy các thẻ có khả năng có thể được thông qua từ P2 trung gian cho các đối tượng mục tiêu như là một phần của tiêu đề SOAP. Trong ví dụ này, tiêu đề SOAP truyền các hạn chế phân quyền, xác định các trung gian được phép hành động như các đại biểu, và những tuyên bố bảo mật khởi xướng, | 350 Chapter 12 the challenges of Web Services security that we ve examined in this book. We take a step back from the detailed analysis of technologies needed to create secure Web Service applications and look at the general principles for integrating security applications. Based on these principles we then discuss how to deploy Web Services applications in the context of planning a security architecture. We describe how Web Services security relates to other security technologies used in the perimeter middle and back-office tiers of the enterprise. In this context we go through each of the steps that are needed to achieve end-to-end Enterprise Application Security Integration EASI for Web Services. We use ePortal and eBusiness as our case study for applying EASI. Web Services Security The Challenges We saw in Chapters 1 and 2 that Web Services have the potential to finally attain the elusive goal of e-business application interoperability across lines of business and enterprises regardless of the platform application programming language or operating system OS . Cross-platform communication among businesses takes the original vision of electronic data interchange EDI to the next level. Web Services provide access to valuable business service opportunities that never existed before because the data was trapped in networks behind firewalls. Web Services may have great potential but they also have a huge problem they are too open. Companies need to limit access to their valuable resources whether they are patient records credit card numbers or manufacturing designs. Enterprises want to collaborate and share information but not at the expense of giving away all of their assets. Companies need to keep their guard up and stay suspicious of whom they communicate with. They want to share just enough information but not too much. Security Must Be In Place Before Web Services will be successful security must be in place. Companies will never be willing to open up their .
đang nạp các trang xem trước