I always try to attend the Twin Cities BizTalk User Group meetings at the Bloomington office. I have presented a topic there last year and will be presenting another one later this year. About last year, a Microsoft employee was discussing BizTalk with me and he mentioned that he was looking for a demo BizTalk application which he can use for his sales.
Unfortunately, all I could do was listen to him and could not provide him with a working demo. My manager had informed me that only certain people from my organization should be in contact with that particular Microsoft employee and asked me not to provide him with anything.
Well, its been about a year now and I feel he must have got the demo he was looking for from somewhere. I feel it is good if I can put up a working demo for the benefit of all BizTalk professionals, here in my blog. Lets look at the special requirement for the demo:
The Problem:Companies dealing with financial data (like Credit Card, Banks,etc) usually need to ensure a very high level of security, especially when transferring data. From within one message, there may be certain fields which may be considered highly confidential - like SSN, Credit Card Number, Date Of Birth, etc. and security for these fields should be very high. These companies regularly need to send and receive such data from other companies. In order to be interoperable, they usually send and receive data in XML format in clear text. Clear text is needed for speed and also to ensure that communications are not hindered due to incompatible encryption logic used by different companies. When using BizTalk, any message data which comes into BizTalk via PipeLine, is first stored within the MessageBox Database, before it is sent to the Orchestrations and also before it is sent to the send pipelines. It is stored in the MessageBox Database without encryption to ensure proper speed and debugging functionality. Though this data is stored in here for a relatively really small time, it is very much possible that it can be it can be read by those who want to really get their dirty hands on the data. This, on its own, is a very scary scenario for the companies mentioned above. |
The Solution:
Lets now look into the solution for this problem mentioned above. The "High Level Overview" of the solution is really very simple - We need to ensure that the data is Encrypted before it reaches the MessageBox Database and then it is Decrypted while it is leaving the BizTalk Server.
Hmm....simple enough. But how?
Let us look into the details of such a solution:
- Receive Pipeline Component will encrypt data
- Send Pipeline Component will decrypt data
- Schema will determine which element(s) of the message should be encrypted.
Well, now that we have broken down the solution to a more developer understandable solution, let us deep dive into the solution.
No comments:
Post a Comment