Presentation: "Security & Secure Interoperability in J2EE Application Servers"
Wednesday 13:00 - 13:45, Public Room
Wednesday 14:15 - 15:00, Public Room
Application security becomes an increasingly important topic especially for the next generation of enterprise wide Java 2 Enterprise Edition (J2EE) applications. As J2EE applications grow from Java Server Pages (JSP's), Servlets and basic Enterprise Java Beans (EJB) more and more J2EE applications will include the whole spectrum of J2EE features.
This will include of course JSPs, Servlets, and EJBs, but also as well need secure (and may even secure, 2-PC-transactional) interoperability amongst J2EE Application Servers and backend systems. Such systems are may integrated by means of CORBA, JCA, JMS etc. Especially larger companies use such features within their enterprise wide application systems including mainframes with e.g. Cobol/PL/I based IMS/CICS transactions.
While in J2EE 1.2 security issues were covered only in it's basics, which leaded to several proprietary security solutions, in J2EE 1.3 a fully standards based solution becomes reality by including JAAS and TLS/SSL. This talk will introduce these features, as well as take a look at some existing solutions in different application servers such as BES or WAS. It also will show some general examples for secure application architectures, e.g., one used in a large insurance company. Moreover the technical architecture and design of the security infrastructure for a J2EE application server and an enterprise security framework are presented using the IONA Orbix Application Server and the IONA Security Service as examples.
Pre-requisites
General J2EE knowledge
Intended Audience
Developers, Development Managers
Level
intermediate - advanced
Security & Secure Interoperability in J2EE Application Servers - (slides)
Please notice that the slides are password protected. You should have received an e-mail containing the required username and password.