IBM Streams 4.2.1
Configuring security for IBM Streams
Each IBM®
Streams domain
and instance maintains its own security configuration.
- User authorization for IBM Streams
IBM Streams uses access control lists (ACLs) to manage user authorization for domains and instances. An ACL contains the type of domain and instance objects to secure and the actions that a user or group is authorized to perform against the object. The ACLs are initialized when you create a domain or instance. - User authentication options for IBM Streams
The default user authentication method for IBM Streams domains is PAM or LDAP. For a basic domain, IBM Streams uses PAM. For an enterprise domain, you can specify either LDAP or PAM as the default method when you create the domain, and then customize user authentication after the domain is created. - Linux users and IBM Streams jobs
To determine which Linux user has the authority to run the jobs for an IBM Streams instance, you must first determine which user is running the domain controller services for your domain. The security implications of the instance.runAsUser and instance.canSetPeOSCapabilities property settings also need to be considered. - Changing the cryptographic protocol for IBM Streams services
Many domain and instance services support connections that use Transport Layer Security (TLS) cryptographic protocols. You can specify which cryptographic protocols the services use for secure communication by setting domain and instance properties. The default setting for IBM Streams is TLSv1, which indicates that TLS 1.0 or later protocols are used.
Parent topic: Configuring IBM Streams