B2B Communication and Securing them
B2B Communication and Securing them
For B2B Communications and that too if we want it to be near real time Web Services are best. Now for the sake of discussion lets assume a certain business A provides a Web Service and business B
consumes the Web Service. If the data is not critical, then we don’t need any sort of security it can be on plain HTTP. But what if the data needs to be secure and encrypted ? The Web Service can be on HTTPS. Now what if the client also needs to be authenticated ? Each client can be issues a specific random guid and ask them to send that guid as a part of the communication. But wait what if the guid is leaked out, or some one tried playing around and found a valid guid ? The next step is to use Client Certificates. Now these Client certificates can be used for authentication. OK, but how do we use Client Certificate ?
There are two ways in which we can use Client Certificates:
1) Configure IIS to terminate connections which don’t use a Client Certificate, or even go ahead and specify which client certificates are accepted, so if a request comes in with a client certificate and it is not in the list of accepted Client certificates, the connection is terminated in IIS.
2) Do the same in code.
I plan to do 3 articles on how to configure IIS, how to use code and discuss more about Client Certificates in future articles which would be published within the nest 10 days. Stay tuned.
B2B Communication and Securing them
Tags: Security, WebService
August 22nd, 2008 at 11:30 am
[...] Web: jQuery Timers jQuery: Animation for Dummies A Horizontal Layout Navigation Web Page Using jQuery 15 Quick Ways to Shrink Page Load Times Speed Up Your Web Pages By PreLoading, Caching… B2B Communication and Securing them [...]