> On 5/31/06, Gregg Wonderly <[EMAIL PROTECTED]> wrote:
>
>> So what about the path between the XML-SG and your application
>
> An option to consider for that would be 2-Way SSL for data in transit
> protection and machine-to-machine authentication.
Yes, that can work as long as you avoid man in the middle attacks...
>> How do you limit what administrators can
>> do there and how to you ensure identity of
>> management access in that domain?
>
> By making sure that processes are in place to assure that one has
> competent,
> well trained and hopefully trustworthy individuals who are doing the
> administration and putting in place a solid auditing/logging functionality
> :-)
That's probably okay for the mom-and-pop web shop, but what about billing or
other monetary or highly secure environments? Wouldn't you want to make sure
that all of your services provided secure management endpoints that included
true authentication?
Gregg Wonderly
SPONSORED LINKS
| Computer software | Computer aided design software | Computer job |
| Soa | Service-oriented architecture |
YAHOO! GROUPS LINKS
- Visit your group "service-orientated-architecture" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
