Wire-level security and users/roles security are related as follows. Under users/roles security, a client furnishes an identification such as a username or even a digital certificate together with a security credential that vouches for the identification (for instance, a password or a signature on the digital certificate from a certificate authority). To avoid hijacking, the identification and the credential should be sent from the client to the server through a secure channel, for instance, over an HTTPS connection. Wire-level security is thus the foundation upon which users/roles security should be implemented, and HTTPS is an ideal way to provide wire-level security for web-based systems such as web services.

Users/roles security is a two-phase process (see Figure 6-8). In the first and required phase, the user provides an identification and a credential that vouches for the identification. A successful user authentication phase results in an authenticated subject. In the optional second phase, role authorization, the access permissions of the authenticated subject can be refined as needed. For example, in a software development organization there might be a distinction between a senior engineer and a starting programmer, in that the former can access resources (for instance, sensitive records in a database) that the latter cannot access. This distinction could be implemented with different authorization roles.

At what ...