Search results

Authentication is the act of verifying a user's identity based on the credentials that they have presented. Establishing each user's identity is a critical first step in any client/server based system. In this IBM® Redbooks® publication, we present an overview of the set of authentication options in the IBM FileNet® P8 V4.0 release. The two standards at the core of the authentication process in IBM FileNet P8 V4.0 are the Java™ Authentication and Authorization Service (JAAS) standard and the Web Services Security standard (WS-Security). The JAAS standard forms the framework for security interoperability in the J2EE™ world, while the WS-Security standard forms the framework for security interoperability in the heterogeneous world of clients and servers that communicate through Web services interfaces. IBM FileNet customers rely on a variety of authentication technologies to secure their corporate intranets. By implementing and adhering to these two standards, IBM FileNet P8 V4.0 enables a wide range of authentication integrations. In this IBM Redbooks publication we discuss and demonstrate the IBM FileNet P8 integration with IBM Tivoli Access Manager for e-business, IBM Tivoli Federated Identity Manager, and the SPNEGO mechanism provided in IBM WebSphere Application Server. This book is a valuable resource for security officers, access management administrators, and architects who wish to better understand single sign-on options for the IBM FileNet P8 V4.0 solution. The re-publication from 24 Novem

Identity management is the concept of providing a unifying interface to manage all aspects related to individuals and their interactions with the business. It is the process that enables business initiatives by efficiently managing the user life cycle (including identity/resource provisioning for people (users)), and by integrating it into the required business processes. Identity management encompasses all the data and processes related to the representation of an individual involved in electronic transactions. This IBM® Redbooks® publication provides an approach for designing an identity management solution with IBM Tivoli® Identity Manager Version 5.1. Starting from the high-level, organizational viewpoint, we show how to define user registration and maintenance processes using the self-registration and self-care interfaces as well as the delegated administration capabilities. Using the integrated workflow, we automate the submission/approval processes for identity management requests, and with the automated user provisioning, we take workflow output and automatically implement the administrative requests on the environment with no administrative intervention. This book is a valuable resource for security administrators and architects who wish to understand and implement a centralized identity management and security infrastructure.

Deploying an access control solution for a medium-size business begins with a thorough analysis of the existing business and IT environment. After we fully understand the organization, its deployed infrastructure, and the application framework, we can define an applicable representation of these assets within an access control implementation. This IBM Redbooks publication takes a step-by-step approach to implementing an access control solution based on IBM Tivoli Access Manager for e-business. Part 1 takes you through an example company profile with existing business policies and guidelines and builds an access control solution designed for this particular environment. In Part 2, we describe how the new access control components can be integrated into the existing environment. Then we explain how to execute the access control integration tasks that must be implemented in order to create a fully functional end-to-end solution. This book does not introduce any general access control concepts, nor does it systematically explain all of Tivoli Access Manager's components and capabilities. Instead, those details are thoroughly discussed in the IBM Redbooks publication Enterprise Security Architecture Using IBM Tivoli Security Solutions, SG24-6014.

Securing access to information is important to any business. Security becomes even more critical for implementations structured according to Service-Oriented Architecture (SOA) principles, due to loose coupling of services and applications, and their possible operations across trust boundaries. To enable a business so that its processes and applications are flexible, you must start by expecting changes – both to process and application logic, as well as to the policies associated with them. Merely securing the perimeter is not sufficient for a flexible on demand business. In this IBM Redbooks publication, security is factored into the SOA life cycle reflecting the fact that security is a business requirement, and not just a technology attribute. We discuss an SOA security model that captures the essence of security services and securing services. These approaches to SOA security are discussed in the context of some scenarios, and observed patterns. We also discuss a reference model to address the requirements, patterns of deployment, and usage, and an approach to an integrated security management for SOA. This book is a valuable resource to senior security officers, architects, and security administrators.

This IBM Redbooks publication reviews the overall Tivoli Enterprise Security Architecture. It focuses on the integration of audit and compliance, access control, identity management, and federation throughout extensive e-business enterprise implementations. The available security product diversity in the marketplace challenges everyone in charge of designing single secure solutions or an overall enterprise security architecture. With Access Manager, Identity Manager, Federated Identity Manager, Security Compliance Manager, Security Operations Manager, Directory Server, and Directory Integrator, Tivoli offers a complete set of products designed to address these challenges. This book describes the major logical and physical components of each of the Tivoli products. It also depicts several e-business scenarios with different security challenges and requirements. By matching the desired Tivoli security product criteria, this publication describes the appropriate security implementations that meet the targeted requirements. This book is a valuable resource for security officers, administrators, and architects who want to understand and implement enterprise security following architectural guidelines.

Don't be fooled by the name; IBM Tivoli Directory Integrator integrates anything, and it is not in any way limited to directories. It is a truly generic data integration tool that is suitable for a wide range of problems that usually require custom coding and significantly more resources to address with traditional integration tools. This IBM Redbook shows you how Directory Integrator can be used for a wide range of applications utilizing its unique architecture and unparalleled flexibility. We discuss the business context for this evolutionary data integration and tell you how to architect and design an enterprise data synchronization approach. By telling you everything about Directory Integrator's component structure and then applying all the techniques in two comprehensive business scenarios, we build a formidable base for your own data integration and synchronization projects. This book is a valuable resource for security administrators and architects who want to understand and implement a directory synchronization project.

This IBM Redbook is a study guide for IBM Tivoli Access Manager for e-business Version 6 and is meant for those who want to achieve IBM Certifications for this specific product. The IBM Tivoli Access Manager for e-business Certification, offered through the Professional Certification Program from IBM, is designed to validate the skills required of technical professionals who work in the implementation of the IBM Tivoli Access Manager for e-business Version 6 product. This book provides a combination of theory and practical experience needed for a general understanding of the subject matter by discussing the planning, installation, configuration and customization, programming, auditing and troubleshooting of Access Manager for e-business solutions. It also provides sample questions that will help in the evaluation of personal progress and provide familiarity with the types of questions that will be encountered in the exam. This publication does not replace practical experience, nor is it designed to be a stand-alone guide for any subject. Instead, it is an effective tool which, when combined with education activities and experience, can be a very useful preparation guide for the exam.

Today, companies have no way to trust identities belonging to their partners, suppliers, contracts and their outsourcers. This lack of trust means companies end-up creating online identities (and passwords) for all users. This approach is very costly, inefficient, and creates user frustration with multiple accounts and registrations for each Web Site. Federation is the set of business and technology agreements as well as policies that enable companies to optimally pursue business automation goals that best align with their business model, IT policies, security and privacy goals and requirements. This book takes a close look at the trust infrastructure over which business federations are implemented. We cover important aspects of utilizing the Tivoli integrated identity management architecture in order to build and deploy the Tivoli Federated Identity Management and Web Services Security components, which consist of Tivoli Federated Identity Manager, IBM WebSphere Application Server, and the IBM Integrated Solutions Console. This book is a valuable resource for security officers, administrators and architects who wish to understand and implement Web Services security and federated identity management.

Integrating an IBM WebSphere Application Server for z/OS cluster with IBM Tivoli Access Manager is challenging. Tailoring the business this way allows administrators to facilitate the best of both worlds, so they can focus WebSphere Application Server as a Java environment provider and Tivoli Access Manager as a security policy enforcer. This IBM Redbook gives you a broad understanding of how you can enforce security for IBM WebSphere Application Server on z/OS, by using IBM Tivoli Access Manager on a distributed platform. It explains how you can achieve security, scalability, and high availability by adding and further configuring resources to a computing environment. This IBM Redbook also demonstrates how to configure a WebSphere Application Server for z/OS cluster functioning with Tivoli Access Manager. It exploits high availability scenarios that you can implement in your organization. This book uses the following components for high availability: WebSphere Edge Components Load Balancer for load balancing between security proxies and user registries Sysplex Distributor for Web servers Specific products are employed for their functions and strengths. And, basic products are configured to demonstrate their high availability characteristics.

This IBM Redbook provides IT architects, IT specialists, and administrators with the critical knowledge to design, develop, implement, deploy, and manage multiple consumer direct and B2B direct stores based on the Extended Sites model using WebSphere Commerce V5.6.1. This book includes: - An introduction to the WebSphere Commerce Extended Sites model - An ITSO Extended Sites example, including a business requirements analysis and solution design - How to implement a team development environment, customize a store profile, and build, deploy, and manage multiple stores - How to manage an Extended Sites hub, hub organization, and hosted stores - How to manage an Extended Sites B2B direct store and organizations - How to manage an Extended Sites consumer direct store and organizations The appendixes include procedures and tips for WebSphere Commerce implementation, WebSphere Commerce Developer implementation, common procedures, and error handling scenarios.