• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
  • Bear Bibeault
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Piet Souris
  • salvin francis
  • Stephan van Hulst
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Jj Roberts

ensuring secure and trusted communication between two applications

 
Ranch Hand
Posts: 765
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

There is an app A, providing an interface for payment processing to all those apps (B1, B2, ...) connecting to it. Means app A takes payment details as an input from B1, B2 etc and passes this input to a payment processor.

App A will publish its services via various modes (WS, JMS, Sockets etc) so that B1,B2 has multiple ways to connect app A.

I want to assure:

  • 2-Way communication between A and B1,B2 etc is secure and confidential
  • Both A and B1,B2 has assurity that they are communicating to the right partner. Means, in case, if someone forge the IP of B1,B2 then A must know that its not communicating with the right person.

  • Both A and B1,B2 etc belongs to same intranet but different network segments. Probably, A will be on separate box and behind firewall.

    Kindly advise what are the methods available to assure above two points


    Bye,
    Viki
     
    author
    Posts: 23887
    142
    jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator

    Vikrama Sanjeeva wrote:Hi all,

    There is an app A, providing an interface for payment processing to all those apps (B1, B2, ...) connecting to it. Means app A takes payment details as an input from B1, B2 etc and passes this input to a payment processor.

    App A will publish its services via various modes (WS, JMS, Sockets etc) so that B1,B2 has multiple ways to connect app A.

    I want to assure:

  • 2-Way communication between A and B1,B2 etc is secure and confidential
  • Both A and B1,B2 has assurity that they are communicating to the right partner. Means, in case, if someone forge the IP of B1,B2 then A must know that its not communicating with the right person.

  • Both A and B1,B2 etc belongs to same intranet but different network segments. Probably, A will be on separate box and behind firewall.

    Kindly advise what are the methods available to assure above two points


    Bye,
    Viki




    SSL will encrypt (protect the data packets from being seen by a third party) -- so that will solve the first issue. SSL also support authentication, so that will kinda help protect against "untrusted" sources. However, that probably won't guarantee that the other end is correct -- to do that you will have to use some sort of application level authentication.

    Henry
     
    To do a great right, do a little wrong - shakepeare. twisted little ad:
    Thread Boost feature
    https://coderanch.com/t/674455/Thread-Boost-feature
    reply
      Bookmark Topic Watch Topic
    • New Topic