Web Services Security

Purpose

Web services offer new possibilities for the integration of business systems in a company’s system landscape. However, due to the openness of the Web services design, you need to take special care to provide these services in a secure way and not to impose security risks on existing systems.

Security Considerations

To secure the transmission and to ensure proper authorizations for processing such documents, there are several mechanisms available on the SAP J2EE Engine:

·        Secure communication using SSL

·        Document Security (XML signature and XML encryption, see: OASIS WS-Security)

·        Authenticating the client

·        Assigning authorizations

 

Secure Transmission

WS Security

Authentication

Authorization