TEC Workbook - IBM

More documents

Recommendations

Info

<strong>IBM</strong> Software 3.4 Summary In this lab, you saw a variety of ways in which WebSphere DataPower appliances can help secure data using its cryptographic capabilities. You learned: ● How crypto certificates and crypto keys are used to dereference key and certificate files for maximum flexibility and ease of maintainability. ● Crypto keys and certificates are used when creating and verifying digital signatures, as well as during encryption and decryption. ● You can add a digital signature to an XML message simply by dragging a sign action onto the processing rule and identifying which key to use. ● Field level, as well as message level encryption and decryption can be performed without sacrificing performance as a result of hardware encryption technology. ● The transaction probe is a powerful tool that allows you to visually inspect every aspect of a transaction, helping to identify configuration or communication problems. Page 68 WebSphere Lab Jam
Lab 4 Access Control Framework Prerequisites: This lab requires the completion of labs 1 through 3. <strong>IBM</strong> Software Up until now, you’ve seen how WebSphere DataPower can protect XML Web traffic using built-in XML threat protection, digital signatures, and encryption. This lab will introduce the access control framework which provides authentication, authorization, and audit services. Collectively, this is referred to as AAA. An AAA policy identifies a set of resources and procedures used to determine whether or not a requesting client is granted access to a specific service, file, or document. AAA policies are thus filters in that they accept or deny a specific client request. Basic AAA processing is depicted in the figure below. 4.1 Extract identity & extract resource The first action that occurs is to extract the claimed identity of the service requester and the requested resource from an incoming message and its protocol envelope. WebSphere DataPower appliances provide an extensive list of predefined identity and resource extraction methods. For example, the identity can be based on IP address, account name/password, SAML assertion, or other criteria, while the requested resource can be specified by (among others) an HTTP URL, a namespace, or a WSDL method. 4.2 Authenticate If the identity is successfully extracted from the message, it will then be authenticated. Authentication is most commonly accomplished via an external service such as Tivoli Access Manager or LDAP. If the authentication is successful, the process enters the resource and credential mapping phase. Lab 4 - Access Control Framework Page 69
Page 1 and 2:
WebSphere Lab Jam Connectivity WebS
Page 3 and 4:
Contents IBM Software CONNECTION PA
Page 5 and 6:
Connection Parameters Spreadsheet I
Page 7 and 8:
1.4 Introduction to WebSphere DataP
Page 9 and 10:
IBM Software You’re now ready to
Page 11 and 12:
There are several areas in the WebG
Page 13 and 14:
1.10 WebSphere DataPower Services I
Page 15 and 16:
IBM Software Gateway supports WebSp
Page 17 and 18: cert: Directory Usage IBM Software
Page 19 and 20: __7. Click on the small plus sign t
Page 21 and 22: 1.13 Logging IBM Software WebSphere
Page 23 and 24: ● Trigger a set of actions to occ
Page 25 and 26: 1.13.4 Appliance management IBM Sof
Page 27 and 28: 1.13.8 Configuration Comparison, Ch
Page 29 and 30: Lab 2 Working with XML Prerequisite
Page 31 and 32: 2.1.5 WebSphere DataPower Configura
Page 33 and 34: IBM Software It’s also possible t
Page 35 and 36: Match Rule - evaluate statements us
Page 37 and 38: IBM Software __18. In the Configure
Page 39 and 40: IBM Software __2. Expand the policy
Page 41 and 42: IBM Software __12. In soapUI, click
Page 43 and 44: IBM Software __3. Click the green s
Page 45 and 46: The SQL statement would become: SEL
Page 47 and 48: __2. Click and drag a transform act
Page 49 and 50: 2.7 Stylesheet Caching IBM Software
Page 51 and 52: 2.8.3 Virus Scanning IBM Software V
Page 53 and 54: Lab 3 Securing XML Message Content
Page 55 and 56: 3.2.2 Create the Crypto Key and Cer
Page 57 and 58: 3.2.7 Verifying the request signatu
Page 59 and 60: __8. Click the Close Window link to
Page 61 and 62: __12. Click on the small [+] to sho
Page 63 and 64: IBM Software __3. Click on the last
Page 65 and 66: IBM Software __6. In the list of co
Page 67: __11. Click the Done button in the
Page 71 and 72: __3. Double click the yellow outlin
Page 73 and 74: Appendix A. Notices This informatio
Page 75 and 76: Appendix B. Trademarks and copyrigh
Page 77 and 78: NOTES
show all

TEC Workbook - IBM

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?