Hi Manish,
Thanks - that article is a great resource. Another great resource is the Web
Service Security Guide (whitepaper in PDF format) at:
http://www.microsoft.com/downloads/d...displaylang=en.
I'm realizing now that there are two fundamentally different approaches;
Message Level Security (which your link proposes) and Transport Level
Security (e.g. SSL). Right now I'm analyzing the two approaches to determine
which will best suit my needs. If I understand the literature correctly,
Message Level doesn't perform as well as single point-to-point SSL, However,
if the trip from client to server involves multiple SSL connections, then
Mesage Level would be the better choice since in this case each server hop
will require a new SSL connection. For an intranet application where clients
are going to communicate directly with the application server it sounds like
Transport Level Security would be the way to go?
Thanks for your advice.
- Joseph Geretz -
"Manish Bafna" <Ma*********@discussions.microsoft.comwrote in message
news:F8**********************************@microsof t.com...
Hi,
you will find following link useful for encrypting data using TRiple DES
in
web service:
http://www.c-sharpcorner.com/UploadF...ebService.aspx
Thanks and Regards,
Manish Bafna.
MCP and MCTS.
"Joseph Geretz" wrote:
>How do I implement security for my Web Service application? Specifically,
I
am concerned about protecting the data against prying eyes as it travels
across the wire. Is it simply a matter of using https rather than http?
Or
is there more to it?
Advice and/or links, will be very much appreciated!
- Joseph Geretz -
