WebSphere® eXtreme Scale can
secure data access, including allowing for integration
with external security providers.
Note: In an existing non-cached data store such as a database,
you likely have built-in security features that you might not need
to actively configure or enable. However, after you have cached your
data with eXtreme Scale, you
must consider the important resulting situation that your backend
security features are no longer in effect. You can configureeXtreme Scale security on necessary
levels so that your new cached architecture for your data is also
secured.
A brief summary of
eXtreme Scale security features
follows. For more detailed information about configuring security
see the
Administration
Guide and the
Programming Guide.
Distributed security basics
Distributed
eXtreme Scale security is based
on three key concepts:
- Trustable authentication
- The ability to determine the identity of the requester. WebSphere eXtreme Scale supports both client-to-server
and server-to-server authentication.
- Authorization
- The ability to give permissions to grant access rights to the
requester. WebSphere eXtreme Scale supports
different authorizations for various operations.
- Secure transport
- The safe transmission of data over a network. WebSphere eXtreme Scale supports the Transport
Layer Security/Secure Sockets Layer (TLS/SSL) protocols.
Authentication
WebSphere eXtreme Scale supports a distributed
client server framework. A client server security infrastructure is
in place to secure access to eXtreme Scale servers. For example,
when authentication is required by the eXtreme Scale server, an eXtreme Scale client must provide
credentials to authenticate to the server. These credentials can be
a user name and password pair, a client certificate, a Kerberos ticket,
or data that is presented in a format that is agreed upon by client
and server.
Authorization
WebSphere eXtreme Scale authorizations are
based on subjects and permissions. You can use the Java™ Authentication and Authorization Services
(JAAS) to authorize the access, or you can plug in a custom approach,
such as Tivoli® Access Manager
(TAM), to handle the authorizations. The following authorizations
can be given to a client or group:
- Map authorization
- Perform insert, read, update, evict, or delete operations on Maps.
- ObjectGrid authorization
- Perform object or entity queries and stream queries on ObjectGrid
objects.
- DataGrid agent authorization
- Allow DataGrid agents to be deployed to an ObjectGrid.
- Server side map authorization
- Replicate a server map to client side or create a dynamic index
to the server map.
- Administration authorization
- Perform administration tasks.
Transport security
To secure the client
server communication, WebSphere eXtreme Scale supports
TLS/SSL. These protocols provide transport layer security with authenticity,
integrity, and confidentiality for a secure connection between an eXtreme Scale client and server.
Grid security
In a secure environment, a
server must be able to check the authenticity of another server. WebSphere eXtreme Scale uses a shared secret
key string mechanism for this purpose. This secret key mechanism is
similar to a shared password. All the eXtreme Scale servers agree on
a shared secret string. When a server joins the grid, the server is
challenged to present the secret string. If the secret string of the
joining server matches the one in the master server, then the joining
server can join the grid. Otherwise, the join request is rejected.
Sending
a clear text secret is not secure. The eXtreme Scale security infrastructure
provides a SecureTokenManager plug-in to allow the server to secure
this secret before sending it. You can choose how you implement the
secure operation. WebSphere eXtreme Scale provides
an implementation, in which the secure operation is implemented to
encrypt and sign the secret.
Java Management
Extensions (JMX) security in a dynamic deployment topology
JMX
MBean security is supported in all versions of eXtreme Scale. Clients of catalog
server MBeans and container server MBeans can be authenticated, and
access to MBean operations can be enforced.
Local eXtreme Scale security
Local eXtreme Scale security is different
from the distributed eXtreme Scale model
because the application directly instantiates and uses an ObjectGrid
instance. Your application and eXtreme Scale instances are in
the same Java virtual machine
(JVM). Because no client-server concept exists in this model, authentication
is not supported. Your applications must manage their own authentication,
and then pass the authenticated Subject object to the eXtreme Scale. However, the authorization
mechanism that is used for the local eXtreme Scale programming model
is the same as what is used for the client-server model.