Just wanted to add a little to this... > On Wednesday 13 September 2006 16:14, AJIT DIXIT wrote: > > a) Security and Safety > > Against moderat level of threats from normal people, it's fine. > You can run the remote calls over SSL, and obviously password > protect things.
For security, you want to consider: 1) Security of the Flash Player 2) Security of the Data Communications 3) Security of the server-side infrastructure There are a number of whitepapers on http://www.adobe.com/devnet/security/ on all of the above, and what's worth noting for (3) above is that J2EE security model is applied to server-side of your Flex applications. One of our Adobe Consultants, Peter Martin, speaks often of how to apply security in a Flex/Cairngorm application, see his blog at http://weblogs.macromedia.com/pmartin/ > > > b) Can Flex be used for very high volume site > > Sure. Just like any other tool. How about http://maps.yahoo.com/# ??? Flex, and very high volume..... > > d) In e-governance projects / legal identity management > systems PKI is > > very important and each document is required to be signed > with private > > key of PKI to have legality. Is there any component for reading > > Private key and public key in PKI enabled environment > > Not as far as I know. > Sounds like you want to give people a form to sign, and have > it signed and encrypted (in the PGP style) before being sent back ? > Cant see the point of signing in that case - you've already > verified as much as you can that it's the real user sat in > front of the computer by asking for their login. I'd have to understand your requirements in greater detail to suggest technical architecture of a solution; Flex is not going to disallow you from creating these kind of experiences, but how you achieve it would depend greatly on the user-experience and requirements you wish to offer. You might also want to consider Policy Server and Document Security Server as part of the Adobe LiveCycle product suite; we are delivering a number of projects at present where we are leveraging Policy Server, Security Server and Flex in concert, to deliver rich user-experiences that address the risks of distributing confidential information, while controlling document access and rights. Document Security Server will fit within an existing J2EE infrstructure and expose services that allow you to generate certified PDF files, encrypt and decrypt documents where you already have a PKI infrastructure, as well as enabling you to digitally sign documents and validate signed documents. So I wonder if you might also want to consider an application that leverages the LiveCycle platform against Flex, which is an increasingly common pattern of solution that our clients are embracing. More details on LiveCycle here: http://www.adobe.com/products/livecycle/ http://www.adobe.com/products/server/securityserver/overview.html http://www.adobe.com/products/server/policy/ I hope this provides some further insight for you as you determine your technical architecture. Please let me know if there's anything else I can do to help. Best wishes, Steven -- Steven Webster Practice Leader (Rich Internet Applications and LiveCycle) Adobe Consulting Westpoint, 4 Redheughs Rigg, South Gyle, Edinburgh, EH12 9DQ, UK p: +44 (0) 131 338 6108 m: +44 (0) 7917 428 947 [EMAIL PROTECTED] -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/flexcoders/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
