This week's book giveaway is in the Kotlin forum.
We're giving away four copies of Kotlin in Action and have Dmitry Jemerov & Svetlana Isakova on-line!
See this thread for details.
Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

What are my options for non-repudiation?  RSS feed

 
Manny Worden
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've scanned through your book, and plan on reading it shortly. I have a question on your "security fundamentals" chapter. What options do I have to enforce non-repudiation for an SOA? Is the likely solution to depend on a (vendor specific) implementation of an ESB? Or are there other options?


Manny
 
Ramesh Nagappan
Author
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Manny Worden:
I've scanned through your book, and plan on reading it shortly. I have a question on your "security fundamentals" chapter. What options do I have to enforce non-repudiation for an SOA? Is the likely solution to depend on a (vendor specific) implementation of an ESB? Or are there other options?


Manny


Manny,

Thanks for your interests.

To ensure Non-repudiation in SOA and ESB (assuming a Web Services channel or JMS), the book identifies "Secure Message Router" and "Secure Logger" patterns. The Secure Message Router is an security intermediary that aggreagtes access to multiple service endpoints for both incoming and outgoing messages and dynamically provides the security logic for routing the messages to its ultimate destinations. To ensure NON-REPUDIATION, it makes use of digital signatures and time stamps in messages and also adopts the "Secure Logger" for creating a tamper-proof audit trails.

You will find "Secure Message Router" pattern in Chapter 11.


Hope this helps

/Ramesh
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!