292


Security Scenarios


To address security needs, enterprise platforms use well known mechanisms


to provide for common protections, as follows:


  Identity, which enables a business or service to know who you are


  Authentication, which enables you to verify that a claimed identity is genuine


  Authorization, which lets you establish who has access to specific resources


  Data integrity, which lets you establish that data has not been tampered with


  Confidentiality, which restricts access to certain messages only to intended 


parties


  Nonrepudiation, which lets you prove a user performed a certain action such 


that the user cannot deny it


  Auditing, which helps you to keep a record of security events


These are just some of the concepts important to security, and there are others


such as trust, single sign on, federation, and so forth. The chapter describes mech 


anisms to address and handle the threats to security, including credentials for


establishing identity, encryption to safeguard the confidentiality of messages,


digital signatures to help verify identity, and secure communication channels


(such as HTTPS) to safeguard messages and data. 


Keep in mind that the J2EE 1.4 platform does not invent new security mecha 


nisms. Rather, the platform provides a programming model that integrates existing


security mechanisms, and makes it easier to design and implement secure applica 


tions. 


This chapter begins with an examination of some typical Web service security


scenarios. It then covers the security features available on the J2EE 1.4 platform.


Once the technologies are described, the chapter shows how to design and imple 


ment secure Web services using these J2EE technologies. The chapter also covers


the emerging technologies for Web service security, in particular message level


security.


7.1


Security Scenarios


Enterprise environments with Web site applications have a variety of security use


case scenarios. Although the spread of Web services has given rise to additional


security use cases, these Web services application use cases have similar security








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      
 

    

  

  




Our web partners:
Inexpensive 
Web Hosting 



Java Web Hosting


personal webspace


webspace php 


linux webhost
 




 html web templates




DreamweaverQuality Web Templates


PSD Web Templates
 





cheap webhost


j2ee web Hosting


buy webspace


ftp webspace


adult webspace
 





frontpage WebHosting


webspace hosting


cheap webhost


Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved



aol web hosting