Use case
This use case extends Chapter 8, Design-time Service Promotion and Discovery and details on how to implement Runtime Governance for the deployed services. These services enable Weir & Bell to enhance its supply chain process by exposing key business services for consumption by the third parties.
Exposing services into untrusted networks for the third parties to use implies that extra security measures have to be taken into consideration, to protect Weir and Bell core systems from unauthorized access and other external threads such as:
Denial of Service attacks (DoS)
Malicious SOAP or REST requests
XPath and XQuery injections
XML Injections
Cross-site encrypting (XSS)
Other threads such as the OWASP top 10 (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
In order to enforce security and protect internal systems from such threats, Weir and Bell decided to implement three lines of defense:
First Line of Defense (or Perimeter Security): Located in the Demilitarized Zone...
