Security overview

The security of your data and processes is critical. WebSphere Process Server security is based on the WebSphere Application Server version 6.0 security. Refer to the WebSphere Application Server Network Deployment documentation for detailed information about security.

Security tasks can be broadly divided into those concerning the administration of security in the WebSphere Process Server environment and those that are related to the applications running in WebSphere Process Server. The security of the server environment is central to the security of applications, and therefore the two sides should not be thought of in isolation.

Securing the environment involves enabling global security, creating profiles with security, and restricting access to critical functions to selected users.

There are several aspects to securing an application. First is authentication; a user or a process that invokes an application must be authenticated. Second is access control; does the authenticated user have permission to perform the operation? The third aspect is that of integrity and privacy of the data that is accessed by an application. The last element is the concept of identity propagation with single sign on, which permits a user to provide authentication data once and then passes this authentication information to downstream components.

The remainder of this section details the security considerations at various stages of operation of the WebSphere Process Server.


Last updated: Tue 24 Oct 2006 22:01:09

(c) Copyright IBM Corporation 2005, 2006.
This information center is powered by Eclipse technology (http://www.eclipse.org)