Elements of application security

Applications that run in WebSphere Process Server are secured by authentication and by access control. In addition the data that is transferred during the invocation of an application is kept secure by various mechanisms; these mechanisms ensure that the data cannot be read or altered in transit. The final element of security is the propagation of security information through various systems, in order that the user need not repeatedly enter a user name and password.

It is possible to divide security in WebSphere Process Server into three broad groupings:

Application security

The security of your WebSphere Process Server applications is maintained in two ways:
  • Authentication A user who wants to use an application must provide a user name and password from the user registry.
  • Access control A user must have permission to invoke the application. Roles are associated with invocation of the application. An authenticated user must be part of the appropriate role, otherwise the application will not run.

Data integrity and privacy

The security of the data accessed by an application is secured at origin, destination, and in transit:
  • Integrity Data sent over the network can not be altered in transit.
  • Privacy/confidentiality Data sent over the network cannot be intercepted and read in transit.

Identity propagation

The final element of security is one of propagation of identity:
  • Single sign on When a client request needs to flow through several systems within the enterprise, the client is not forced to provide authentication data multiple times. The single sign on method is used to propagate the authentication information to downstream systems that can in turn apply access control.

Terms of use |

Last updated: Thu Apr 27 14:39:08 2006

(c) Copyright IBM Corporation 2006.
This information center is powered by Eclipse technology (http://www.eclipse.org)