Comparing the Security Architectures of Sun ONE and Microsoft .NET
Eduardo B. Fernandez (Florida Atlantic University, USA), Michael Thomsen (Florida Atlantic University, USA) and Minjie H. Fernandez (Florida Atlantic University, USA)
Copyright: © 2008
Platforms for web services have been reduced to two basic approaches: Microsoft .NET and Sun ONE (J2EE). We compare here these two platforms with respect to the security they provide to the web services that use them. We arrive to the conclusion that although the basic security architectures are fairly similar, their actual implementations differ. Microsoft’s approach appears weaker because of their self-contained approach, and a failure to follow good principles of software and secure systems design.