|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Web app based on .net - best practice?
From: Calderon, Juan C (CORP, DDEMESIS) (Juan.Calderon
ddemesis.ge.com)
Date: Wed Apr 23 2003 - 11:10:46 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
****************
I thought it would be a good idea to have the presentation layer (asp)
in a DMZ and the business layer (components in VB and C#) in a safe site
behind a firewall. The communication in between would take place with
RPC calls.
****************
Well... If you are using .NET, RPC will not be the "correct" approach according Microsoft, but Web Services. Web Services are called in a RPC-like basis, this is, inserting a reference in a ASP.NET Project will allow you to call them as they were part of the project, Besides .NET Framework 1.1 (or 1.0 plus Web Services Enhancement Pack) provides WS-Security specification support.
Perhaps, You'll find these documents interesting:
"Security in a Web Services World: A Proposed Architecture and Roadmap" http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwssecur/html/securitywhitepaper.asp (it mentions DMZ)
"Web Services Security" http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch10.asp
Cheers :)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]