IBM InfoSphere Streams Version 4.1.1
Configuring security for InfoSphere Streams
Each InfoSphere®
Streams domain
and instance maintains its own security configuration.
- User authorization for InfoSphere Streams
InfoSphere Streams uses access control lists (ACLs) to manage user authorization for domains and instances. An ACL contains the type of domain and instance objects to secure and the actions that a user or group is authorized to perform against the object. The ACLs are initialized when you create a domain or instance. - User authentication configuration options for InfoSphere Streams
The default user authentication method for InfoSphere Streams domains is PAM or LDAP. For a basic domain, InfoSphere Streams uses PAM. For an enterprise domain, you can specify either LDAP or PAM as the default method when you create the domain, and then customize user authentication after the domain is created. - Linux users and InfoSphere Streams jobs
To determine which Linux user has the authority to run the jobs for an InfoSphere Streams instance, you must first determine which user is running the domain controller services for your domain. The security implications of the instance.runAsUser and instance.canSetPeOSCapabilities property settings also need to be considered. - Changing the cryptographic protocol for InfoSphere Streams services
Many domain and instance services support connections that use Transport Layer Security (TLS) cryptographic protocols. You can specify which cryptographic protocols the services use for secure communication by setting domain and instance properties. The default setting for InfoSphere Streams is TLSv1, which indicates that TLS 1.0 or later protocols are used. - Audit logging support for InfoSphere Streams
InfoSphere Streams supports comprehensive, multiple-level auditing of product and user operations. By default, audit logging is not enabled.
Parent topic: Configuring IBM InfoSphere Streams