Chapter 22. Security
by Kevin Price
In This Chapter
Security is often the most overlooked aspect of any application development effort. In fact, the mere thought of having to implement security usually makes most developers cringe. In reality, security in any application, not just Internet applications, is usually relatively easy to implement. BizTalk Server is no exception. BizTalk Server enables the secure exchange of data via the standard security features found in Windows 2000 Server and SQL Server: public-key infrastructure, COM+, Crypto API, and Kerberos. This chapter covers some security basics and then specifically exploits BizTalk Server's capability to securely exchange data with business partners. Specifically, this chapter will:
Introduce basic Internet security terms
Explain how to use the different security options available in BizTalk Server, as well as programming in general
Use certificates to verify identities between BizTalk Servers
Caution
This chapter is meant only as a guide and is not designed to be a comprehensive resource for implementing Internet security. Several books and Web sites are dedicated to this. Visit http://www.microsoft.com/technet/security for more information on this topic.
To begin, let's discuss some basic security terminology in relation to the technology used on the Internet today as well as the security features found in Windows 2000, SQL Server, IIS 5.0, and BizTalk Server 2002.