Prateek Mishra

Last month (WSJ, Vol. 4, issue 2), we looked at how Web services should not depend on specific security environments and rules but should be managed as part of all of an enterprise's corporate data assets such as Web applications, ERP systems, and in-house applications. We recommended that Web services security be integrated with the overall enterprise security infrastructure at the very beginning of the Web services deployment phase. This month, we'll look at some of those possible deployment models. Deployment Models There are four deployment models based on the guidelines presented in our earlier article. Terminology The terms used in the deployment models are defined as follows: Reverse proxy server: Intermediary server (e.g., a Web server) configured to filter requests coming from Internet users into the enterprise, providing security, management, and caching ... (more)

Enterprise Web Services Security: A Reference Architecture

Web services are past the initial marketing hype. Early Web services were part of experimental one-off projects within a single enterprise department. Now, larger Web services deployments are moving outside of the enterprise firewall to better leverage existing business partnerships and value chains. Larger Web services projects come with a price, however. They are more complicated to implement and more costly to manage. They require careful deployment planning throughout the enterprise based on well-established business processes. The emerging proliferation of Web services netwo... (more)