Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Build a Robust Network and Security Foundation for Web Services : Page 4

Entrust your Web Services to a multi-layer security architecture enabled by firewalls and virtual private network technology.




Full Text Search: The Key to Better Natural Language Queries for NoSQL in Node.js

IPSec VPNs: Guarantee End-to-End Security
In some business scenarios, security of data transmissions must be guaranteed between endpoints. Thus, VPN technologies that utilize a gateway for security operations (as noted in previous sections) will not meet this requirement. Instead, IPSec facilities can guarantee:
  • The identity of hosts based upon x.509 certificates
  • Confidentiality through data encryption
  • Integrity of data through MD5/SHA-1 hash algorithms

Operating systems such as Windows 2000 include support for IPSec. In this model, security associates are established between the client (initiating the connection) and the server (hosting the Web service).

Leverage Traditional Infrastructure Security Controls
To implement a high level of security within Web service applications, your organization will benefit from leveraging traditional infrastructure security controls such as VPNs, firewalls, and IPSec. Not only will these technologies defend exposed services from worm-like Internet attacks, but you can use well-proven VPN security mechanisms to make a Web service between your organization and its partners trustworthy as well.

Craig Nelson is a Systems Engineer at Avanade, Inc. He currently holds Microsoft MSCE, MSDBA, Cisco CCNA, and CISSP security certifications. Craig formerly was a senior consultant with Accenture, focused on security infrastructure and systems vulnerability assessment. Reach him at craign@avanade.com.
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date