Filter by products, topics, and types of content

(27 Products)

(71 Topics)

(3 Industries)

(7 Types)

1 - 33 of 33 results
Show Summaries | Hide Summaries
View Results
Title none Type none Date none
Message-level security with JAX-WS on WebSphere Application Server V7, Part 2: Integrating JEE authorization
In Part 1, you learned how to provide message level security using JAX-WS on WebSphere Application Server V7, including how to use policy sets to encrypt and sign messages, and how to use a UsernameToken profile for authentication. In Part 2, you'll learn how to use the UsernameToken passed in the SOAP header as the JEE principal to provide programmatic authorization in the service provider.
Also available in: Chinese  
Articles 27 Jan 2010
Use Active Directory for authentication and authorization in your Node.js Bluemix application
In this article, you learn how to use your existing Microsoft Active Directory infrastructure to provide authentication and authorization decisions to your Node.js Bluemix application. Editor's note: This article has been archived due to outdated tech or methodologies. Please refer to updates to this article in "Use LDAP and Active Directory to authenticate Node.js users."
Also available in: Chinese  
Tutorial 17 Dec 2015
OAuth 2.0 clients in Java programming, Part 3: Authorization code grant
This multi-part series will help you develop a generic and reusable OAuth 2.0 client that can be used to interface with any OAuth 2.0-compliant server. Part 1 explained how to implement the resource owner password credentials grant. Part 2 described how to implement the client credentials grant. Now, Part 3 teaches you how to implement the authorization code grant.
Also available in: Chinese   Russian   Japanese   Portuguese  
Tutorial 04 Nov 2014
Securing a composite business service delivered as a software-as-a-service: Part II, Supporting identity propagation (enterprise and federated SSO) and authorization
A composite business service (CBS) introduces many new challenges for security in an SOA solution. In this two-article series, a few security scenarios are examined in a proof-of-concept (PoC) CBS software-as-a-service (SaaS) application for banking called Jivaro. These scenarios help to identify when and how to apply different IBM Tivoli security products. In particular, scenarios for using IBM Tivoli Access Manager and Tivoli Federated Identity Manager (TFIM) for meeting SSO requirements in a CBS are described.
Articles 27 Sep 2007
Understanding IBM InfoSphere MDM Server security, Part 3: Using LDAP to implement transaction authorization
IBM InfoSphere Master Data Management Server allows you to plug in your transaction authorization provider. In this article, learn about the default transaction authorization provider and explore an example showing how to implement a transaction authorization provider using an LDAP server.
Also available in: Chinese  
Articles 20 Nov 2008
Add your own authorization proxy to a third-party app
In this article, you learn how to use Bluemix Node.js to create an authorization proxy. This proxy can then perform authorization checks that are not supported by an original application, which might be a third-party app.
Articles 03 Jun 2016
Configure your IBM Cloud Node.js authorization proxy to communicate with the user
In this article, you learn how a mostly transparent proxy can produce pop-up messages to communicate with the user. You send the user a small script that asks the proxy every second if there are any messages for it. When it gets a message, it covers the screen until the message is acknowledged. Using this technique, an authorization proxy can inform the user when an attempted action is unauthorized, and how to get authorization for it.
Articles 11 Jul 2016
Use business rules as an authorization engine
Authorization policies in web-based applications are not only complicated, but also dynamic. If you implement those policies in the source code of the application, you must change it every time the policy changes. This article shows you how to use a business rule engine, Nools, to make authorization decisions in a Node.js application. This allows the security policy to be stored as an object, and edited with a simple Angular-based user interface.
Also available in: Chinese   Russian   Japanese  
Articles 16 Jun 2015
Deploying secure software configuration management
IBM Rational ClearCase provides robust support for all four dimensions of computer security: authentication, authorization, encryption, and event-logging. In this overview of security features, learn about deploying software configuration management.
Also available in: Chinese  
Articles 22 Dec 2015
Playful web development, Part 1: Manage user authentication with the Play Framework and Scala
Implement user management for your Play Framework applications and put your Scala skills to work. Pablo Pedemonte takes you through building a basic Play application that handles authentication and authorization. You can even use the application code as a starter for your own Play projects to shorten user-management development time.
Also available in: Chinese   Japanese   Portuguese  
Articles 12 Nov 2015
Mobile device risk-based access and authentication governance
Discover how the IBM Tivoli Federated Identity Manager risk-based access capability can provide assessment decision and enforcement capabilities for device consent purposes and establish a high level of confidence for insurance purchase transactions. The article also showcases the use of OAuth mobile access and authorization with OAuth Access tokens when performing transaction- and risk-based access on mobile devices.
Articles 27 Jan 2014
IBM DB2 Content Manager security model essentials
IBM DB2 Content Manager provides a flexible way of defining the security for your Enterprise Content Management system. Depending on your business needs, you can design the security for your ECM system to be lenient or strict. CM provides various levels of security through authentication and authorization, and CM uses privilege sets and Access Control Lists (ACLs) to provide a stringent authorization mechanism. In this article, explore the methods for keeping your ECM data secure.
Also available in: Russian  
Articles 15 Nov 2007
Intranet Single Sign-On for Windows and Tivoli Access Manager
Microsoft Windows based intranets provide the ability to use desktop credentials to sign-on to intranet infrastructure based on Microsoft Internet Information Services (IIS). This is implemented using Microsoft’s SPNEGO HTTP authentication protocol to sign-on using NTLM or Kerberos credentials. Until IBM Tivoli Access Manager for e-business (TAM) 4.1 was released there was no way to achieve the same sign-on to TAM’s WebSEAL web resource authorization engine. With TAM 4.1 this sign-on can be achieved by combining the SPNEGO sign-on capability of TAM Plugin for IIS with e-Community single sign-on capabilities of WebSEAL. This article describes in detail the configuration steps required to make this work.
Articles 01 May 2003
Authorize with a Cloudant proxy
It is sometimes useful to have more granular access controls on a database than the controls that are provided by Cloudant. In this tutorial, you learn how to create a Cloudant proxy that is under your control. Using such a proxy, you can implement the appropriate authorization model to the system.
Also available in: Chinese  
Tutorial 06 Dec 2017
Introducing IBM Security Access Manager for Mobile
IBM Security Access Manager for Mobile can deliver mobile access security protection in a modular virtual or physical appliance package, enabling you to securely manage both mobile user access and applications. In this demonstration, you'll see how ISAM for Mobile helps you initiate mobile single sign-on and sessions management; enable context-aware authorization using device fingerprinting, geolocation awareness, and IP reputation mechanisms; and more.
Articles 06 Jan 2014
Sentry 2 and PHP, Part 1: Authentication and access control for PHP
Authentication and access control are critical to keeping your web application secure. Sentry 2 is a framework-agnostic authentication and authorization system written in PHP. It provides built-in methods for many common authentication and authorization tasks, allowing you to efficiently and securely develop public-facing PHP web applications.
Also available in: Russian  
Articles 01 Oct 2013
Monitor database activity for application users with Guardium and WebSphere Application Server
Certain audit requirements mandate that specific database activity can be traced back to the user who is responsible for the specific activity. This is especially challenging in application scenarios where the pooled database connections are used and the application itself is responsible for authentication and authorization. This article presents a generic approach for WebSphere Application Server applications that enables database activity monitoring solutions like InfoSphere Guardium to reliably assign the application user to the database activity without requiring changes to the respective applications.
Also available in: Chinese   Russian   Portuguese  
Articles 23 Aug 2012
Opt for flexibility: File-based administration security in IBM Integration Bus V10
IBM Integration Bus v10.0 introduced file-based authorization (file mode) for administration security. This tutorial shows how to configure file-based security to control access to an integration node and its resources. It describes several error scenarios that occur in the web UI when you lack the required permissions for an administration task. Each scenario includes command examples for granting the required permissions and procedures for verifying the results.
Also available in: Chinese  
Tutorial 18 Mar 2016
Sentry 2 and PHP, Part 2: Authentication and access control for PHP
Authentication and access control are critical to keep your web application secure. Sentry 2 is a framework-agnostic authentication and authorization system written in PHP. It provides built-in methods for many common authentication and authorization tasks, allowing you to efficiently and securely develop public-facing PHP web applications.
Also available in: Russian  
Articles 12 Nov 2013
Using Tivoli Access Manager for eBusiness WebSEAL without a user registry
Often customers require a web single sign-on and authorization solution but are unable or unwilling to replace or synchronize their existing user registry with another. This can pose a problem for customers wishing to leverage Tivoli Access Manager for eBusiness (TAMeB) where their existing user registry is not supported natively by TAMeB. This article will demonstrate how to utilize Tivoli Access Manager for eBusiness WebSEAL without requiring the enterprise users to be in the TAMeB directory. This article requires some prior knowledge of Tivoli Access Manager for eBusiness authentication, the TAMeB external authentication interface (EAI), and the Tivoli Federated Identity Manager (TFIM) Security Token Service (STS).
Articles 03 Feb 2009
Enable the Keystone LDAP back end in OpenStack
OpenStack is open source software for building public and private clouds that provide an Infrastructure as a Service (IaaS) platform. Keystone is an OpenStack subproject that provides identity services, including user authentication and authorization, for the OpenStack family of projects. This article shows how to configure Keystone to use a Lightweight Directory Access Protocol (LDAP) server as its back end for identity services, instead of the default SQL back end.
Also available in: Chinese   Russian   Japanese   Portuguese  
Articles 17 Sep 2013
Hadoop data security and Sentry
Given the insights possible with big data, privacy fears have been the primary focus of its detractors. What has been missing from this discussion is protection of data with Apache Hadoop. Sentry is one solution aimed at protecting data within Hadoop by using a fine-grained authorization framework. This article explores Sentry and shows how it can be used to provide controls for big data applications in regulated industries.
Also available in: Russian   Japanese  
Articles 07 Jan 2014
Integrate an application with Facebook Login for Apps
When you integrate social authentication into any application, it requires implementing an OAuth 2.0 client. You then exercise an authorization code flow with the social identity provider, followed by the retrieval of an identity profile resource. This article uses ISAM and the popular social media outlets, Facebook, LinkedIn, and Instagram.
Also available in: Chinese   Japanese  
Articles 11 Jul 2017
IBM Security Access Manager: Protect websites with context-based access
Learn how to secure a website with context-based two-factor authentication by integrating and configuring IBM Security Access Manager (ISAM) for Web and IBM Security Access Manager for Mobile. The authors will demonstrate how to use ISAM for Mobile's context-based authorization and one-time password (OTP) interface to enable security architects to apply intelligent stronger authentication access decisions across an organization's website.
Also available in: Chinese  
Articles 21 Dec 2015
Configuring Secure Network Communication (SNC) between SAP systems and clients using WebSphere Adapter for SAP Software V7.5
Learn how to set up SNC between SAP systems and clients using WebSphere Adapter for SAP Software V7.5. This article describes SNC configuration at the SAP server end and shows you how to exchange the keys between the SAP and client systems.
Also available in: Chinese   Russian  
Articles 23 May 2012
Secure DB2 resources using Tivoli Access Manager for Operating Systems
Learn how to secure your IBM DB2 resources using Tivol Access Manager for Operating Systems (TAMOS). TAMOS is an IBM solution for securing resources on UNIX and Linux operating systems. This article steps you through two real-world scenarios to show you how to use TAMOS to set policies that protect DB2 resources. You can use these scenarios as a foundation for building an enterprise-wide security solution for your database.
Also available in: Portuguese  
Articles 22 Apr 2010
Understanding IBM InfoSphere MDM Server Security, Part 4: Using SAML in MDM Server Security
The IBM InfoSphere Master Data Management (MDM) Server allows you to provide your own security data format to integrate into MDM security framework. This article describes how to use Security Assertion Markup Language (SAML) assertions in MDM security.
Also available in: Chinese  
Articles 18 Dec 2008
Configure secure communications with WebSphere Application Server and WebSphere Message Broker using SAML 2.0 tokens and Tivoli Federated Identity Manager
This article shows you how to configure secure communication using the SAML token profile with WebSphere Application Server V7 hosting a Web service client and server, and WebSphere Message Broker V7 acting as an enterprise service bus to mediate the application communication and ensure that security requirements are met. IBM Tivoli Federated Identity Manager V6.2 acts as the Security Token Service (STS) and issues the SAML tokens.
Articles 13 Apr 2011
Manage RACF better, faster, and easier with zSecure 2.1
IBM Resource Access Control Facility (RACF) provides access control and auditing functions for z/OS and z/VM mainframe systems. IBM Security zSecure suite makes managing RACF easier. Follow along as Mark Hahn, a frontline mainframe support expert with experience in RACF and zSecure, highlights some of his favorite enhancements in the new 2.1 release of zSecure. These enhancements include additional IBM DB2 compliance analysis and reporting, better digital certificate management enhancement, deeper integration with QRadar SIEM, and possibly the best featurezSecure's first concurrent release with z/OS.
Articles 08 Oct 2013
Implementing message flow security in WebSphere Message Broker V7
You can configure a broker in WebSphere Message Broker V6.1 or later to perform access control for individual messages in a message flow by using an external security provider. This article describes security at the message flow level and shows you how to implement message flow security.
Also available in: Chinese  
Articles 24 Feb 2010
Improve web application security with Zend Framework 2
Web applications are vulnerable to attacks from different quarters, including SQL injection, XSS, CSRF, spam, and brute-force password hacking. But it's easy to protect your PHP web application from the majority of common attacks with the security-related components available in Zend Framework 2. This article illustrates how to use these components to make your application more secure by validating form input, filtering bot submissions, rejecting comment spam, and logging unusual events.
Also available in: Chinese   Russian   Japanese  
Articles 04 Mar 2014
Configure an ISAM reverse proxy as a PEP to an OpenID connect provider
IBM Security Access Manager Version 9 added support for OpenID Connect. This protocol builds on OAuth Version 2.0, but the access tokens issued by an OpenID Connect Provider cannot be used out of the box to access protected resources. In this article, I explain how to configure this.
Also available in: Chinese  
Articles 09 May 2017
IBM Cognos Proven Practices: Securing the IBM Cognos 10 BI Environment
A set of proven practices and guidelines to be taken into consideration when securing the IBM Cognos 10 BI environment.
Also available in: Chinese   Russian  
Articles 16 Dec 2011
1 - 33 of 33 results
Show Summaries | Hide Summaries