CA Meets IT, Integration Challenges (Continued)
Maintaining Data Integrity
Carter: What kind of methodologies for Web services have you developed to make sure that the integrity of data and data access isn't compromised?
LeClair: That's an excellent question. Today, we don't deliver direct access to the Web services to clients outside CA; the clients use the Web service, but they're essentially using it through a portal technology. We use Web services behind our firewall, but even then we have a variety of security products under our e-Trust brand, as well as PKI and access-control products. So, we use public key, for example, for our account-connect information. We give the customers the digital certificate so we know exactly who they are, and because there is, obviously, confidential information involved, as far as contracts and contacts and that kind of thing in the company.
Carter: So your portal is almost like an application server, where it sits in the middle and consumes the Web services, and then publishes out the data through the portal interface using your software?
LeClair: Correct. The portal itself is written in Java and runs in an application server. CA doesn't produce its own application server, so we use a Java application server. So, we integrate and certify a variety of application servers, and we do happen to run one. We also run a lot of this on Linux on the mainframe because we have a significant mainframe investment and expertise here at CA, and we can take advantage of some of IBM's new initiatives toward encouraging the use of Linux on a mainframe environment. We've found Linux to be a productive environment to deploy mission-critical applications.
Back to top
|
Web Services Behind Portlets 
