What is end-to-end security? In a multitier system, each tier should have its own security and work in tandem with the other tiers. Designing security where different systems and middleware come together is quite a challenge. Simply put, system security is only as strong as the weakest link and, unless you consider security from an end-to-end viewpoint, it is subject to being broken.
What are the benefits of a three-tier J2EE application architecture?
The J2EE application model defines an architecture for implementing services as multi-tier applications that avoid these problems and deliver the scalability, accessibility, and manageability that is needed.
What kind of architecture should we take as the reference, when we talk about the J2EE application architecture? traditional client/server system, or 2-tier J2ee application model?
Manageability is the ability to manage the system to ensure the continued health of a system with respect to scalability, reliability, availability, performance, and security. Manageability deals with system monitoring of the QoS requirements and the ability to change the system configuration to improve the QoS dynamically without changing the system. Your architecture must have the ability to monitor the system and allow for dynamic system configuration.
Regards,<br /> Yong How, Lim<br /> SCEA, SCBCD, SCWCD, SCJD, SCJP, LPIC-1
First of all, J2EE has different security domains, thus, breaking into one does not automatically gives the intruder access to the rest of the domains (that cannot be true for the client/server)
Secondly, Denial Of Service is a real security threat, and J2EE by the virtual of have more tier is more resilient to that. (Of course, a good firewall can help alot)
Regards,<br /> Yong How, Lim<br /> SCEA, SCBCD, SCWCD, SCJD, SCJP, LPIC-1
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime. |