| Project Description: | Security architecture is a blueprint of how to place resources optimally in an IT
environment to support businesses, with security as a critical component. Corporations
face challenges in doing this as data and applications in a corporate network need to be
accessed by several entities within and outside the network. As organizational units in an
enterprise create new Web applications, it is important that they take care of all security
loopholes at the Web application level.
This project aims at first designing an enterprise wide Security Architecture that
will serve as a guideline or a reference to translate new business needs into secure
application platforms, that comply with the enterprise wide Security Architecture. Texas
A&M University, Corpus Christi (TAMU-CC), is the model organization for which the
Enterprise wide Security Architecture is designed. The designed Security Architecture
and enterprise wide security standards are then used to design a target security
architecture for a Web application in TAMU-CC. The target architecture is designed to
comply with the enterprise wide security standards and architecture.
The Secure Sockets Layer (SSL) protocol is used to provide secure connections
between applications over the network/Internet. This project concentrates on
implementing SSL on Web server as well as Weblogic application server. This research
also focuses on generating private keys using various open source tools, obtaining selfsigned
or digitally signed certificates from the Certificate Authority (CA) and applying
them to the above Web and application servers. |
