Wednesday, May 6, 2020
Web Based System Integration
Question: Discuss about the Web Based System Integration. Answer: Introduction System integration is combination of the various sub-systems of a process into one system so that the system along with the sub-systems works as a whole (Hunter et al. 2016). Hence it is clear that web service integration is meant for large projects only like e-commerce websites. In this essay one challenge i.e., WS security, associated with the task of web based system integration has been discussed in detail. Investigation of an Issue associated with Web-Based System Integration Web services provide great benefits to service oriented architecture based applications, but also expose to newer security threats. Creating a secure environment for web services needs a great deal of expertise as web service is based on loosely coupled connections and involves various components like internet, coding and the security mechanisms. A single web service may interact with many other applications for generating a result. Hence the web service security includes various aspects, which are authentication, confidentiality, network security (Ren Wang and Wang 2012). Authentication is the process by which users are verified of their identity based on the presented credential. The authentication can be verified through real world IDs or passwords or biometric information. Since, web based system integration can be understood as the process of incorporation of all the activities and the outputs essential for running a web based project under one umbrella. Using combination of the three ensures a strong authentication. Authentication takes care of three aspects, namely authorization, confidentiality and privacy (Garca and Milln 2013). Authorization is granting access to user specific resources depending upon depending upon authentication. Confidentiality or privacy ensures keeping the user information secret; it includes emails and identity of user. Integrity ensures the messages remain unaltered during the transit, this is done by providing digital signature and time stamp to ensure replaying is not done after expiration. In his article Kepes (2016 ) discuss the recent development regarding the authentication in Geocities, in which users in future will have to go through contextual access mechanism instead of simpler username and password mechanism. The classical way of accessing data is more susceptible to identity theft and the report shows 63% of breaches was result of leveraging of password. Confidentiality deals with privacy and data security. The web services consist of a chain of application coupled to produce the outputs. Hence the data transactions are prone to corruption and mismanagement. Apart from the data transaction a lot of data regarding the user are maintained in the data base which has to be kept out of reach of hackers, hence arises the security issue regarding the data transaction and protection (Chang et al. 2014). Although encryption of data do resolve the issue of corruption of data during transaction but security threat to consumer data remains, which demands proper attention. Consumer data compromise reduces the integrity of the company and reduces the brand value (Garca and Milln 2013). A report published in fudzilla discusses the same issue. Farrell (2016) reports the plan of European Union to extend the telecommunication rules for safer web services. After implementation of the rule the services will be fairer and will ensure more privacy. Network security deals with the practices and policies related to malicious attempts like, unauthorized access, denial of services, modification etc. Network security arises mostly due to external forces. Internal factors and environmental factors also result in loss of security but the probabilities of such risks are low. External attacks are mainly due to hackers, these attacker find the network vulnerabilities and affect the system (Kahate 2013). Although basic security measures ensure network security but there exist no easy answer for advanced issues, it needs a continuous improvement. A similar incident in one of the leading cloud service provider serves as an example (Greene 2016). To counteract such network breaches Amazon AWS has introduced four new tools. The tools are Margarita shotgun for gathering memory from remote system for reducing the time of compromised instances, AWS IR for gathering incedent evidences, ThreatResponse Web for analyzing gathered data and ThreatPrep for defending the instances. Conclusion Web based system integration is need of the hour and helps to serve customers better, but the complexity of the system doesnt make it suitable for smaller system. The essay discusses the web based system integration and the issues faced by the system. In this aspect, the web service security was analyzed for a better understanding. Reference Hunter, J., Brooking, C., Reading, L. and Vink, S., 2016. A Web-based system enabling the integration, analysis, and 3D sub-surface visualization of groundwater monitoring data and geological models.International Journal of Digital Earth,9(2), pp.197-214. Ren, K., Wang, C. and Wang, Q., 2012. Security challenges for the public cloud.IEEE Internet Computing,16(1), p.69. Garca, E.M.T. and Milln, G.L., 2013. Web Service Security: Authentication and Authorization.Network Security Technologies: Design and Applications: Design and Applications, p.108. Chang, D.Y., Benantar, M., Chang, J.Y.C. and Venkataramappa, V., International Business Machines Corporation, 2014.Authentication and authorization methods for cloud computing security. U.S. Patent 8,769,622. Kahate, A., 2013.Cryptography and network security. Tata McGraw-Hill Education. Kepes, B. (2016). Forget two-factor authentication, here comes context-aware authentication. [online] Computerworld. Available at: https://www.computerworld.com/article/3105866/application-security/forget-two-factor-authentication-here-comes-context-aware-authentication.html [Accessed 18 Aug. 2016]. Greene, T. (2016). Four free tools for handling Amazon Web Services security incident response. [online] Network World. Available at: https://www.networkworld.com/article/3106729/security/four-free-tools-for-handling-amazon-web-services-security-incident-response.html [Accessed 18 Aug. 2016]. Farrell, N. (2016). EU wants more privacy on web services. [online] Fudzilla.com. Available at: https://www.fudzilla.com/news/41348-eu-wants-more-privacy-on-web-serviceshttps://www.fudzilla.com/news/41348-eu-wants-more-privacy-on-web-services [Accessed 18 Aug. 2016].
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.