Bloombase
Bloombase Spitfire SOA - Service Oriented Architecture Information Security
Overview
Electronic information exchange is everywhere in business world: bank transactions, brokerage clearance, customs declaration, purchasing, billing, workflow, and reporting, all relate to private and sensitive data that require high level of security handling. Latest proceedings in data interchange include ASC X12's CICA, FIN-XML for financial transactions, C-XML for diverse commercial transactions, UN-backed ebXML initiative, Microsoft BizTalk and XML/EDIFACT all are defining the next generation document format. One thing in common is extensible markup language (XML). Web services is a next-wave enterprise-application-integration (EAI) technology for implementation of Service Oriented Architecture (SOA), again it is based on XML messaging. Digital communications made over the Internet risk data privacy and authenticity. There is no exception to XML data.
Spitfire SOA Server is a secure electronic document platform built on public key infrastructure (PKI), extensible markup language (XML) and time-stamping technology . PKI can enhance level of assurance to user authentication, message authentication, data integrity and non-repudiation.
-
Spitfire SOA Server supports a large variety of document formats and international standards including
- PKCS#1
- PKCS#7
- Enveloping XML
Spitfire management console is a web-based application for administration, configuration and management of Spitfire modules as well as security data including keys and remote resource locations.
With simply a generic web browser with SSL support, administrators can configure resource location of key repository, cache profile and sizing, personalized look-and-feel, service registry and alter status of individual framework components.
Requiring no learning curve, Spitfire management console users can import X.509 digital certificates and PKCS#12 keystores, define revocation resource locations, specify certificate authority LDAP URLs, configure revocation preferences, inquire keys, examine logs, and generate reports.
Spitfire SOA is built on Java technologies which is portable on virtually all enterprise platforms including Sun Solaris, HPUX, IBM AIX, Linux and Windows. Out-of-the-box client connectivity suite supports native languages including Java and C. Generic connectivity protocols including plain socket, HTTP and web services support heterogeneous language integration without sacrificing performance.
Spitfire SOA has well prepared for the most demanding application integration or messaging environments. It supports server cluster architecture. With optional Spitfire High-Availability (HA) component, it scales up easily and guarantees non-stop service for mission-critical applications.
Business Benefits
Spitfire SOA can be used in a number of real world applications raising security level of enterprise distributed computing and data exchange
Interbank Transaction Clearing
- Encryption protects sensitive financial data being exposed to general public, trespassers or hackers
- Digital signature on financial data ensuring data unaltered during Transmission
- No two signatures are identical adding trust to sender identity
Supply Chain Management Data Exchange
- Hackers and trespassers see sensitive data as if garbage
- Recipients are confident received data are never tampered or altered
- Business partners have mutual trust on each other's identity and data sent or received<
Business Applications of Spitfire SOA Server
Spitfire SOA Server is designed to be incorporated into core enterprise systems with concern at low cost, highly scalable, highly extensible and with rich features including digital signing services, signature verification services, key life cycle management services, certificate validation services, auditing services and time-stamping services. It is also equipped with logging and monitoring modules.
Spitfire SOA can be used in a broad range of real-world e-commerce applications such as
- Banking and securities trading systems
- Supply chain management systems
- Pharmaceutical and healthcare database protection
- Electronic contract and legal document management
- Online transaction and electronic data exchange
- Insurance systems
Risks with existing Enterprise Application Integration and Electronic Data Interchange
Enterprise Application Integration (EAI) nowadays faces a number of security threats
- EAI Remote Procedure Calls (RPC) sensitive contents are readable by Internet trespassers
- No way to identify if data transmitted are altered
- Lack of sender and recipient's proof of identity
Electronic Data Interchange (EDI) nowadays faces a number of security threat
- No EDI sensitive business data are in plain and readable by Internet trespassers
- Data transmitted are prone to unauthorized alterations
- Sender and recipient's identities are lack of legal support