The lack of quality messaging
has been a major hurdle in the implementation of Services
Oriented Architectures for eCommerce. Traditionally,
messages between Web services are neither reliable
(meaning the sender is never sure the message has been
received and processed by the recipient) nor secure
(meaning the recipient cannot be sure the message was
sent by the machine or user claiming to be the sender).
As part of ongoing application
development support for the U.S.
Department of Defense (DOD) EMALL, ICF International
performed security design on an upgraded business-to-business
messaging system to meet more robust DOD security
requirements. The architecture of the application,
developed with BEA
Systems' WebLogic Integrator product, relies
on software functionality in different geographic
locations, which must send messages between each
other to complete a shopper’s order. Using
the previous messaging system, orders could be
duplicated and the origin of the order
could be ambiguous.
Among the key enhancements in the new DOD EMALL
is the use of the Electronic Business using eXtensible
Markup Language (ebXML) standard for secure, reliable
messaging between trading partners. DOD EMALL is
one of the largest on-line operations ever to adopt
ebXML, which is designed to allow the Web site to
retry actions that are aborted or fail and confirm
message receipt to ensure non-repudiation while helping
to complete transactions faster. ebXML also helps
facilitate the use of digital signatures to verify
message authenticity and help to ensure message integrity.
In addition, ebXML is protocol independent so that
it can be used regardless of the means by which an
interaction is taking place (e.g., e-mail, FTP, http,
Web services). |
|
