One of the most significant concerns developers have when building their Apps, is the issue of security on Bluemix. As an application developer, they must enable the security configurations, including application data protection, for their applications that run on Bluemix.
IBM Bluemix is a Cloud Based Plat
There are several security capabilities provided by Bluemix. Below are listed the most commonly used services to help secure applications:
IBM Single Sign On for Bluemix is a policy-based authentication service that provides an easy to embed single sign-on capability for Node.js or Liberty for Java applications. To enable an application developer to embed single sign-on capability into an application, the administrator creates service instances and adds identity sources.
This service provides a security analysis of Android mobile applications. To use this service, you must upload a compiled Android app as an APK file. When the security analysis scan is done, you can download a report.
This service provides a security analysis of web applications with a dynamic analysis tool. The tool works on the deployed web app, not on the app source code, and it can scan any Bluemix web app regardless of its language or technology. You can scan only applications of the organizations that you belong to. To create a scan, you must configure the web app URL and the login credentials if any. When the scan is done, you can download a report.
This service uses IBM Directory Server LDAP for authentication and IBM InfoSphere® Guardium® Data Activity Monitor to protect the database that is accessed by applications. The connection between applications and the database is protected by the SSL certificate that DigiCert signs. You can use the SQL database console in Bluemix to get reports that contain the following information:
- Sensitive data that might exist in the database that is accessed by applications.
- The application users who accessed the database within a specified period.
- The application users who are accessing sensitive data that is in the database.
To mask data by using SQL, applications can call the masking user-defined functions (UDFs) that are deployed together with the database. For example, you can mask the data that you want to use elsewhere for testing. The UDFs implement the data masking algorithms from IBM Infosphere Optim™. For more information, see Data privacy.
The dashDB service uses IBM Directory Server LDAP for user authentication and IBM InfoSphere Guardium Data Activity Monitor to protect the database that is accessed by applications. The connection between applications and the database is protected by SSL certificates. This service uses the DB2® native encryption capability to automatically encrypt your deployed database and database backups. Master key rotation is automatic and happens every 90 days.
Create your IBM Bluemix Account and enjoy a 30 day free trial. Use this time to determine if the service is a perfect fit for your needs.