• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

What are my options for non-repudiation?

 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've scanned through your book, and plan on reading it shortly. I have a question on your "security fundamentals" chapter. What options do I have to enforce non-repudiation for an SOA? Is the likely solution to depend on a (vendor specific) implementation of an ESB? Or are there other options?


Manny
 
Author
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Manny Worden:
I've scanned through your book, and plan on reading it shortly. I have a question on your "security fundamentals" chapter. What options do I have to enforce non-repudiation for an SOA? Is the likely solution to depend on a (vendor specific) implementation of an ESB? Or are there other options?


Manny



Manny,

Thanks for your interests.

To ensure Non-repudiation in SOA and ESB (assuming a Web Services channel or JMS), the book identifies "Secure Message Router" and "Secure Logger" patterns. The Secure Message Router is an security intermediary that aggreagtes access to multiple service endpoints for both incoming and outgoing messages and dynamically provides the security logic for routing the messages to its ultimate destinations. To ensure NON-REPUDIATION, it makes use of digital signatures and time stamps in messages and also adopts the "Secure Logger" for creating a tamper-proof audit trails.

You will find "Secure Message Router" pattern in Chapter 11.


Hope this helps

/Ramesh
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic