cancel
Showing results for 
Search instead for 
Did you mean: 

TLS vs. MLS

Former Member
0 Kudos

TLS vs. MLS: transport level security versus message level security

Hello everyone,

I've been busy configuring HTTPS and message security in my PI landscape but there are some points I'm not sure about.

What are the differences between TLS and MLS? Both say they encrypt the business document, validate the sender and receiver(TLS with client and server certificates, MLS with digital signatures using again the certificates) and offer message integrity. So why two different mechanisms for providing the same(or is it not?) functionality using the very same certificate technology?

What are the differencies between these two? Please do not provide any links as I've already read a bunch of them but still unsure, simple answers will do.

Thanks,

Gökhan

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

hi,

MLS:

Used when messages leave XI or bofore they come to XI

it has nothing to do with monitoring in XI

/people/michal.krawczyk2/blog/2006/01/02/xi-sxmbmoni--controlling-access-to-message-display

Also find some information in these links

http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm

/people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi

TLS:

You can use transport security for consuming and providing Web services either at HTTP transport level or at SOAP message level. To do this, you can use the standard HTTP transport security mechanisms such as HTTPS and the WS standard mechanisms to set the transport security at the higher SOAP message level.

Transport security at SOAP message level is suited to the specific security requirements for WS access, and also allows you to use the strong SOAP message transport mechanisms such as XML signatures/encryption and SecureConversation for inbound and outbound WS communication

Thanks,

Vijaya,.

Answers (1)

Answers (1)

Former Member
0 Kudos

Transport Level Security

HTTP Authentication (provided by application server).

SSL Client Side Certificate (configured by System Admin/Developer)

URL Access control Policies(Restrict user to access a URL in application server)

SSL Encrypted Connections

Point to point SSL Encryption

SSL based sender authentication

Message Level Security

SSO Header Tokens (Authentication Info can be placed in message header)

SSO Header Tokens (Authorization role info can be placed in message header)

XML Encryption specification

XML Digital Signature Specification

Use of XML Signature for message authentication

regards

chandra