Web Services Security
Learning Wcf
Teaching federated identity in computer and information science
Journal of Computing Sciences in Colleges
| Hi-index | 0.01 |
Most agree that applications programming is moving to the Internet. This type of application is inherently insecure, as it allows access to the server on the initial HTTP request. A fairly well thought out security strategy was developed for second generation Web applications by creating a security sand-box around the HTTP request (until the user was authenticated), then using standard server security to protect the processing and finally extending the ideas of distributed computing to secure accessing data. Web application programming is currently moving to a Service-Oriented Architecture (SOA) that includes extensive use of Web services. There is a mad rush in the UNIX world to perfect the Enterprise Service Bus (ESB) and in the Microsoft world to finish the Windows Communications Foundation (WCF). And the beauty of the SOA is that a Web application developed using WCF will be able to access data from a Java Web service. This new SOA will support a distributed application development environment that is truly vendor independent. But, while the new architecture promises to make vendor independent distributed programming a reality, it has introduced a large number of new security concerns. This tutorial will describe SOA, give a brief introduction to computer security and then present SOA security in detail.