Nowadays almost all subsystem require to expose or consume data to/from other subsystems & yes, this is outside firewall or VPN. It can be other servers, mobile apps, wearable apps, IOT app or anything else. Exposing the data outside the network or cloud firewall is a very important decision. This became big responsibility for an organisation to make sure all data remain secure as well as rightly accessible. There are three aspects of security from WS point of view – message security, authentication and authorisation. In this article we will talk about first two. Let’s check some thoughts on these aspects.
Concluding above approach we think that SSL is fundamental need for any WS communication in confidentiality section. While Auth2.0 is widely used but many cases custom authentication is required.
We at 9series believes that, every different use case have different need for security. As it require to match with organisation belief, thought process, policy & compliance with legacy system. Security should not be strict to slow down the process or restrict required access, at the same time security should never be compromised. It is a combination of multiple thought process it start with common sense approach, comply with best practices and empowered from most secured algorithm.