Borland VisiBroker® 7.0 - Borland Technical Publications

Chapter2Getting Started with SecurityChapterAs more businesses deploy distributed applications and conduct operations over theInternet, the need for high quality application security has grown.Sensitive information routinely passes over Internet connections between webbrowsers and commercial web servers; credit card numbers and bank balances aretwo examples. For example, users engaging in commerce with a bank over the Internetmust be confident that:■■■They are in fact communicating with their bank's server, not an impostor that mimicsthe bank for illegal purposes.The data exchanged with the bank will be unintelligible to network eavesdroppers.The data exchanged with the bank software will arrive unaltered. An instruction topay $500 on a bill must not accidentally or maliciously become $5000.VisiSecure lets the client authenticate the bank's server. The bank's server can alsotake advantage of the secure connection to authenticate the client. In a traditionalapplication, once the connection has been established, the client sends the user'sname and password to authenticate. This technique can still be used once aVisiSecure connection has been established, with the additional benefit that the username and password exchanges will be encrypted. VisiSecure provides support for anynumber of authentication realms providing access to portions of distributedapplications. In addition, with VisiSecure you can create authorization domains thatdelineate access-control rules for your applications.Chapter 2: Getting Started with Security 7