developerWorks: Securing Web Services Using SSL and Tivoli Access Manager 4.1

"Securing Web Services is one of the main challenges we have to face today in order to allow the use of web services in a production environment.

"On one hand, the immediate security level you can provide on web services is securing the transport protocol used to transmit the SOAP requests and responses. If your Web Service is available through HTTP, SSL can be a good way to fulfill your security requirements. What SSL provides at the protocol level, is:

• "Identification: who are you?
• "Authentication: how do I know your identity is true?
• "Integrity: is the data you sent the same as the data I received?
• "Confidentiality: are we sure that nobody read the data you sent me...?"

Complete Story

Related Stories:

• developerWorks: Network Programming with the Twisted framework, Part 4(Sep 17, 2003)
• developerWorks: Working with James, Parts 1 and 2(Jun 13, 2003)
• developerWorks: Securing Linux for Java Services(Apr 07, 2003)
• LinuxPlanet: Admin Digest: Setting Up Your Own Web Server(Jan 02, 2003)