Chapter 7 Security
297
Message level security can be useful in XML document centric applications,
since different sections of the XML document may have different security require 
ments or be intended for different users.
7.1.2 Security Implications of the Operational Environment
The operational environment within which Web services interactions occur is an
important factor in your security design. Service interactions occurring entirely
within an enterprise have very different security requirements than service interac 
tions open to everyone on the Internet. Thus, the relationship among Web service
participants such as Internet, intranet, and extranet is an important consideration.
When participants are closely aligned, you have a greater ability to negotiate secu 
rity requirements. 
In essence, the more control you have over the environment in which the Web
service participants run, the easier it is to solve your security design. For example,
if the Web services limit communication to applications inside your enterprise,
then the network's physical security might shield the Web service. The operational
environment security might be sufficient to satisfy your security needs. Similarly,
Web services in environments that require communication via a Virtual Private
Network (VPN) might not need to worry about issues such as confidentiality,
since the communication channel is already secure.
When all participants are trusted, such as within one enterprise, it is an easier
matter to set up and exchange security keys. However, this is a difficult challenge
for untrusted participants with an open Internet Web service.
7.2
J2EE Platform Security Model
The J2EE platform container provides a set of security related system services to its
applications and clients. These built in container services simplify application
development because they remove the need for the application developer to write
the security portion of the application logic. 
Security on the J2EE platform is primarily declarative and is specified exter 
nally from the application code. 
Declarative security
 mechanisms used in an
application are expressed via a declarative syntax in a configuration document
called a deployment descriptor. The declarative security model has the advantage
of enabling you to easily change these declarative settings to match security
policy.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

 

Our web partners: Inexpensive Web Hosting Java Web Hosting personal webspace webspace php  linux webhost

 html web templates DreamweaverQuality Web Templates PSD Web Templates

cheap webhost j2ee web Hosting buy webspace ftp webspace adult webspace

frontpage WebHosting webspace hosting cheap webhost

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved

aol web hosting