DOCSLIB.ORG

Securing Your Mobile Business with IBM Worklight

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Securing Your Mobile Business with IBM Worklight Front cover Securing Your Mobile Business with IBM Worklight Apply Worklight security features to your mobile applications Integrate Worklight with IBM Security Access Manager Learn by example with practical scenarios Scott Andrews Juarez Barbosa Junior Virginijus Kaminas Jia Lei Ma Dale Sue Ping Madlin Seidel ibm.com/redbooks International Technical Support Organization Securing Your Mobile Business with IBM Worklight October 2013 SG24-8179-00 Note: Before using this information and the product it supports, read the information in “Notices” on page vii. First Edition (October 2013) This edition applies to Version 6 of IBM Worklight. © Copyright International Business Machines Corporation 2013. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . vii Trademarks . viii Preface . ix Authors. ix Now you can become a published author, too! . xii Comments welcome. xii Stay connected to IBM Redbooks . xii Chapter 1. Overview of IBM MobileFirst and its security offerings . 1 1.1 Business value of mobile technologies . 2 1.2 IBM MobileFirst solution overview. 2 1.2.1 Mobile application development with IBM MobileFirst Platform . 3 1.2.2 Bring your own device with IBM MobileFirst Management . 4 1.2.3 Device and data protection with IBM MobileFirst Security . 5 1.2.4 Optimization of mobile experiences with IBM MobileFirst Analytics . 6 1.2.5 Putting it all together . 6 1.3 Mobile security threats . 9 1.3.1 Loss and theft . 10 1.3.2 Malware . 10 1.3.3 Spam. 10 1.3.4 Phishing . 11 1.3.5 Bluetooth and WiFi . 11 1.4 Mobile application landscape . 11 1.4.1 Mobile application platform . 12 1.4.2 Mobile application types . 12 1.4.3 Putting it all together . 14 1.5 IBM MobileFirst Security solution outline . 14 1.5.1 IBM Worklight platform as the basis for mobile security . 14 1.5.2 User protection with IBM Security Access Manager . 16 1.5.3 Application security testing with IBM Security AppScan . 16 1.5.4 Delivery of services and applications with IBM WebSphere DataPower . 17 1.5.5 Security intelligence with IBM Security QRadar SIEM . 17 1.5.6 VPN software with IBM Mobile Connect . 17 Chapter 2. Business scenario used in this book . 19 2.1 Mobile strategy business drivers. 20 2.1.1 A secure platform foundation . 20 2.1.2 Increased staff productivity . 22 2.1.3 Secure and easy access for customers . 23 2.1.4 Rapid development and deployment . 25 2.2 Conclusion . 26 Chapter 3. IBM Worklight security overview. 27 3.1 Security principles and concepts. 28 3.1.1 Authentication and authorization. 28 3.1.2 Confidentiality, integrity, and nonrepudiation . 29 3.1.3 Other security concepts . 29 3.2 IBM Worklight security capabilities . 30 © Copyright IBM Corp. 2013. All rights reserved. iii 3.2.1 Protect the data on the device . 30 3.2.2 Protect the application . 31 3.2.3 Ensure security updates . 32 3.2.4 Streamline corporate security processes . 32 3.2.5 Provide robust authentication and authorization. 33 3.3 IBM Worklight security framework. 34 3.3.1 Realms and security tests. 36 3.3.2 Worklight protocol and client challenge handlers . 36 3.3.3 Integration with web container security. 37 3.3.4 Integration with web gateways . 38 3.4 Conclusion . 38 Chapter 4. Integrating Worklight with enterprise security . 41 4.1 IBM Worklight security framework. 42 4.1.1 Challenge handlers . 44 4.1.2 Authentication configuration file . 44 4.1.3 Authentication realms . 49 4.1.4 Login modules. 61 4.1.5 Security tests . 68 4.1.6 User registries. 70 4.2 Restricting access to resources with authentication realms . 71 4.2.1 Protecting Worklight applications . 71 4.2.2 Protecting Worklight adapter procedures . 71 4.2.3 Protecting static Worklight web applications. 72 4.2.4 Protecting event sources . 72 4.3 Configuring Worklight for LTPA authentication . 73 Chapter 5. Applying Worklight security features . 77 5.1 Client-side authentication concepts and entities . 78 5.1.1 Challenge handler. 78 5.1.2 Device single sign-on . 79 5.2 Encrypted offline cache and JSONStore. 81 5.2.1 EOC overview . 81 5.2.2 EOC APIs . ..
Load more

Recommended publications
  • International Business Machines Corporation a New York Corporation 1016331 International Business Machines Corporation a New York Corporation
    International Business Trademarks Matching '"International Bu...' by Owner. IPMonitorTrademarks www.ipmonitor.com.au Contents Alerts 3 "International Business" 3 Terms and Conditions 26 General 26 Disclaimer of warranty and limitation of liability 26 Copyright 26 Arbitration 26 www.ipmonitor.com.au Alerts "International Business" 479 results matching '"International B...' by Owner. Number Mark Owner 1033728 IBM POWER International Business Machines Corporation a New York corporation 1016331 International Business Machines Corporation a New York corporation 1016332 International Business Machines Corporation a New York corporation 1011021 OPENCHIP International Business Machines Corporation a New York corporation 1036316 SYMMETRY International Business Machines Corporation a New York corporation 617766 MQSeries International Business Machines Corporation 1015285 OMNIFIND International Business Machines Corporation a New York corporation 1023800 EXPRESS PORTFOLIO International Business Machines Corporation a New York corporation 1024020 THINK EXPRESS International Business Machines Corporation a New York corporation 619418 International Business Machines Corporation 1037390 CATENA International Business Machines Corporation a New York corporation 1037391 CERULEAN International Business Machines Corporation a New York corporation 1037536 GLOBAL INNOVATION OUTLOOK International Business Machines Corporation a New York corporation 1037256 UNICA INTERNATIONAL BUSINESS MACHINES CORPORATION 1020234 International Business Network Pty Ltd ACN/ARBN
    [Show full text]
  • Start Something BIG!
    Start Something BIG! Cool projects IBM offers a world of opportunity with Work on challenging unlimited challenges and endless projects in leading possibilities to start something BIG. If technology areas and hot business trends. you are creative, passionate, and Feature articles: willing to collaborate to transform the Innovative teams way customers do business, the IBM Extreme Blue alumni Intensity, passion, Extreme Blue internship experience comment on their challenge, fun, optimism is for you. Extreme Blue and no boundaries experience. characterize the Extreme The IBM Extreme Blue program is Blue diverse high designed to provide you - one of the Jason Jho performance team spirit. best students from around the world - 2001 Cambridge a memorable internship experience. Alumni Our program draws from the wealth Dynamic places of resources that only IBM can Desired laboratories Daniel Rabinovitz provide, combining challenging carefully selected in 2000 Extreme Blue projects with competitive hotbeds of technology and Alumni compensation, unparalleled technical innovation. expertise and a leading-edge work Royi Ronen and living environment. Recruiting status 2001 Haifa Alumni You will experience the fusion of European labs business and technology in this IBM’s mission challenging internship program. Now underway. You can still apply today if you are interested in applying for one of the European labs. At IBM, we strive to lead However, if you are attending school in the creation, The Netherlands in the United States, note that the development and European schedule starts and ends manufacture of the industry's most advanced New Extreme Blue Lab, Amsterdam several weeks later that may impact information technologies, / Uithoorn, Netherlands.
    [Show full text]
  • CONNECTEDO Received a Second Place Award in ACM Competition
    Kudos Matthew Vail and Qingfent (Frank) He received CISCO schol- ED arships. Also, Jack Frink received ECT an award for developing a new NN software tool, and Lucas Layman CCONNECTEDO received a second place award in ACM Competition. [See page 4.] Nader Moussa, a triple-major A NEWSLETTER FROM THE senior, was an IBM Extreme Blue DEPARTMENT OF COMPUTER SCIENCE intern last fall. MARCH 2005 Bensong Chen, doctoral stu- dent, was named an Outstanding Teaching Assistant by NC State’s Students' Wolfgrid tests strengths Graduate Student Association. Neha Jain, Tyler Johnson and of grid computing software Matthew Vail, all seniors, received CRA’s 2005 Outstanding Under- What if you had a bunch of graduate Award honorable men- computers all over the world, tions. hooked together? That’s a Senior Rich Killian is serving as the Microsoft Ambassador at question that Sammie Carter, NC State for the 2004-05 aca- computer science senior, and demic year. Jon Harris, graduate student Carol Allen, administrative as- in the College of Design, had sistant in the undergraduate advis- in mind when they began to ing offi ce, was recognized for 25 years of service at the university’s build the Wolfgrid across the staff recognition program last NC State community. August. She has been with the Using Apple’s new Xgrid computer science department for software, the two have been her entire NC State career. Dr. Peng Ning, assistant pro- hooking up personal com- Sammie Carter, computer science student, discusses the Wolfgrid with fessor, received an NSF CAREER puters across campus, creating Everette Allen, computing consultant.
    [Show full text]
  • IBM Global Procurement Louis Ferretti Product Environmental Compliance & Supplier Chain Social Responsibility
    What Every Procurement Professional Should Know About Supplier and Supply Chain Risk IBM Global Procurement Louis Ferretti Product Environmental Compliance & Supplier Chain Social Responsibility www.sig.org/eval What Every Procurement Professional Should Know About Supplier and Supply Chain Risk photo of the "Ital Florid by NASIM4248 photo of the "Ital Florid by NASIM4248 Louis Ferretti, IBM Global Procurement Project Executive, Product Environmental Compliance & Supplier Chain Social Responsibility [email protected] October 27-29, 2015 Abstract Businesses today are ever more depend on their supply chain partners for goods and services which make up a significant portion of the solutions they provide to their clients. Correspondingly globalization has introduced the opportunity to do business with suppliers the world over, allowing greater access to a host of untold products and services - that can provide a competitive advantage to the OEM, which enables them delivering increased value to their clients. Nevertheless, a global sourcing strategy has introduced a set of risks well beyond what was typical in the traditional suppler chain. The question is how does a company engage in global sourcing and yet gain the benefits while weighing and managing risks. Beyond assessing the risk of a supplier and their supply, there are opportunities to collaborate and assess a supplier's level of resiliency, and where appropriate engage in actions of remediation. 3 Business Continuity Planning & Supply Chain Risk – An Overview Managing Risk is an imperative for Business Continuity Planning RISK is one of the SIX mega-trends impacting IBM Chief Supply Chain Officer Study Identified The enterprises around the world Top Five Challenges Major factors affecting the enterprise today Risks, both operational and financial, is the #2 1.
    [Show full text]
  • A Reactive Performance Monitoring Framework
    A Reactive Performance Monitoring Framework Katherine ChengLi Directed By: Prof. Liam Peyton Thesis Submitted to the Faculty of Graduate and Postdoctoral Studies in partial fulfillment of the requirements for the degree of Master of Computer Science University of Ottawa Ottawa, Ontario, Canada June 2016 © Katherine ChengLi, Ottawa, Canada, 2016 Abstract With the ascendency of data and the rise of interest in analytics, organizations are becoming more interested in the use of data to make their business processes more intelligent and reactive. BI applications are a common way that organizations integrate analytics in their processes. However, it can be days, weeks or even months before a manual response is undertaken based on a human interpreting a report. Even when information technology supports automatic responses within an organization, it is often implemented in an ad hoc manner without following a systematic framework. In this thesis, we present a reactive performance monitoring (RPM) framework which aims at automating the link from the analytical (how well is the operational achieving the strategic) to the operational (the particular process steps implemented within an organization that determine its behavior) aspects of businesses to bypass the strategic (the high level and long term goals an organization is trying to achieve) as needed and reduce the latency between knowledge and action. Our RPM framework is composed of an architecture, a methodology, and a rule environment which permits the redaction of rules possessing relevant conditions and actions. In addition, we present an OLAP rule engine which is demonstrated to be effective in our framework where events are streamed in, reacted upon in real-time, and stored in an OLAP database.
    [Show full text]
  • The Worker and the Job: Coping with Change. INSTITUTION American Assembly, New York, N.Y
    DOCUMENT RESUME ED 105 137 CE 003 399 AUTHOR Rosow, Jerome M., Ed. TITLE The Worker and the Job: Coping with Change. INSTITUTION American Assembly, New York, N.Y. PUB DATE 74 NOTE 218p. AVAILABLE FROM Prentice-Hall, Inc., Egnlewood Cliffs, New Jersey 07632 ($2.45 paper cover, $6.95 cloth cover) EDRS PRICE MF-$0.76 HC Not Available from EDRS. PLUS POSTAGE DESCRIPTORS Cultural Factors; *Economic Change; Economic Factors; Essays; *Futures (of Society); *Job Satisfaction; *Labor Force; Labor Unions; Negroes; Organizational Change; Policy Formation; *Social Change; Vocational Adjustment; Won.:Attitudes; Work Environment IDENTIFIERS *Job Enrichment ABSTRACT The collection of essays presents the pros and cons of the assertation "improving the place, the organization, and the nature of work can lead to better work performance and a better quality of life in the society." In the overview section, Daniel Yankelovich discusses man and hiJ relationship to his family and society at large, with work as the traditional linchpin of these relationships. Cultural trends and their relationship to the work ethic are discussed, Eli Ginzberg reviews the employment-related dimensions of the American economy over the past several generations, focusing especially on blacks: women, and youth. The contemporary issues section focusses on worker satisfaction from three viewpoints: George Strauss concentrates on the workers themselves; Agis Salpukas considers the future role of the unions in improving the quality in working life; and Peter Henie examines the economic effects of worker satisfaction. The third section consists of two chapters focusing on change and future. Richard E. Walton presents the findings of research on innivative restructuring of work, while Sam Zagoria discusses policy implications and a future agenda for achieving job satisfaction.
    [Show full text]
  • Tunnel Vision RECRUITERS INDUSTRY It’S the Last Train Home and I’M Scribbling Corrections on My Particle-Physics Paper
    Naturejobs Career View GRADUATE JOURNAL Tunnel vision RECRUITERS INDUSTRY It’s the last train home and I’m scribbling corrections on my particle-physics paper. Building an intern the interns& at the cutting its employment pipeline. Out of the corner of my eye I notice the programme edge by assigning them to At the beginning of this man next to me looking over my shoulder projects that have a genuine year, the company at my work. It’s late, he’s probably bored, BM may be viewed by chance of reaching the announced plans to I tell myself. But does he really care what many as a giant in market-place. expand its workforce by I do? Should he care? Do I care whether Iinformation technology, Under the scheme, three some 15,000 people. Many he cares? but it hasn’t always been scientific and technical of these new jobs are likely Yes! If nothing else, his taxes the first choice for interns are teamed with to be based in China or contribute to the millions needed to build jobseekers. As the Internet an MBA student for the India, so it is no surprise the high-tech detectors used in my area boomed in the 1990s, commercial angle, and the that Extreme Blue has now of physics. They pay for me to go to young people who wanted group is then guided by an been implemented in both conferences, for my computer and for the to work at the frontiers of IBM mentor. The 12-week Beijing and Bangalore — hours I sit at the screen fixing broken code.
    [Show full text]
  • Changing the Game with Linux Linux Gets Down to Real Business
    Changing the Game with Linux Linux Gets Down to Real Business Ben Marx Linux Business Development, IBM Iberia San Sebastián, December 2002 What is Linux? The OS at a glance UNIX-like operating system developed by Linus Torvalds Version 2.4 available Developed / tested by the Open Source community Highly disciplined / structured High quality Secure Stable Packaged and shipped by distributors Red Hat SCO SuSE Turbolinux Other regional distributors (ESware, Red Flag, Conectiva, Mandrake, etc...) 2 Linux Distributors Combine their Power UnitedLinux = Open Industry Consortium Concept: Binary-compatible Linux distribution, branded "UnitedLinux" Initial Members: SuSE, SCO, Turbolinux, Conectiva Open to others Business Model: Distributors add software and services Distributors maintain brand names with "UnitedLinux Inside" UnitedLinux promotes the brand, issue memberships, certifications, manages requirements SuSE acts as UnitedLinux systems integrator Implementation: Supported by all IBM eServer platforms, key middleware Worldwide language support, standards based (e.g. LSB 1.1, LI18NUX) 3 Linux Momentum Linux Linux will definitely have the fastest CAGR growth in 2002, at almost 50% over 35% 2001 Gartner Group, December 2001 Linux will have a "breakout year" in 2002. Now it seems clear that Linux has become a viable alternative for enterprise use. IDC, January 2002 Exploring Linux - especially on the server side - should be part of an organization's IT investment portfolio. ...viewed as an insurance policy to hedge against future Microsoft incursions into your wallet. 2003 Linux META Group, August 2001 surpasses Unix in server shipments 4 Linux Value Cost Effective Reliability Performance Open Standards 0% 20% 40% 60% 80% 100% Source: IBM Market Research 2001 "It's going to be almost 30 times cheaper to run and maintain" (than Sun systems) Josh Levine CTO, e*Trade 5 2001 Linux Function Review Strongest UNIX Linux Distributors Weakest UNIX Below Average Above Good Very Average Average Good by D.H.
    [Show full text]
  • IBM Blue-And-Black Template with Image
    Skills for Economic Growth in South East Europe (SEE) Dr Diem Ho Member of the IBM Academy of Technology Improving Skills for the ICT sector in the Western Balkans Human Capital Working Group meeting Zagreb, Croatia September 17, 2009 [email protected] IBM EMEA University Relations © 2002 IBM Corporation Economic Background: examples %GDP Bulgaria Croatia FYR Romania Turkey %Labor Macedonia (2005) Agriculture 9 6 11 8 12 10 16 17 32 34 Industry 31 27 26 31 27 33 30 33 31 23 Services 60 67 63 61 61 57 54 50 37 43 Population 7.72 4.44 2.04 21.61 72.52 (million) Unemployme 9.0 11.1 35.9 7.3 8.4 nt rate % Sources: Manfred Wannöffel, Josef Le and Julia Kramer, Economic structures in south-eastern Europe and Turkey: a view from the metalworking industry, South-East Europe Review, pp.7 – 32, Feb 2007 (2006 data) 2 University Relations September 2009 © 2009 IBM Corporation Higher Education Background -Economy is service and manufacturing dominant •Foreign Direct Investment -Higher Education -Modest or insufficient funding -Significantly state ownership • Curriculum modernization • Governance reform -Understaffing • University-industry- -Lack of EU quality harmonization government partnership -Mismatch: graduate profiles with respect to the economy needs 3 University Relations September 2009 © 2009 IBM Corporation Higher Education vs Economy Economic Growth means Value Creation! 4 University Relations September 2009 © 2009 IBM Corporation Value Creation HowHow toto dodo it?it? -- throughthroughthrough IInnovationnnovation toto dodo thingsthings better:better: -- moremoremore efficientefficient inin processesprocesses -- moremoremore relevantrelevant inin contentscontents -- moremoremore effectiveeffective inin outcomesoutcomes SmarterSmarter Planet.Planet.Planet.
    [Show full text]
  • Transforming a Village Transforming a Village
    NEWSLETTER OF THE FACULTY OF ENGINEERING AND DESIGN W inter 2010 Transforming a village Students take on the Batawa Initiative Students go Extreme Blue Gift creates a new lab Challenging the Wii Message from the dean ngineering and design are disciplines driven by societal needs, so naturally Eengineers and designers must be closely engaged with the communities they serve. Civil engineers are keenly aware of the people their structures must safeguard; biomechanical engineers share the joy of patients whose mobility has been restored; architects create spaces in which the drama of life is played out. Whether working with industry partners, research collaborators, philanthropists, granting agencies, mentors or clients, we are connected to the needs—and dreams— of our community. In this issue of Ingenious, that is most obvious in the work that architecture and industrial design students are doing to revitalize a small Ontario town. The Batawa Initiative is an innovative approach that utilizes the skills of our creative students to enhance both their education and the community. Community connections are also emphasized through the partnerships the Faculty forms to address the pressing needs of society. Tony Bailetti is leading a high-tech community initiative to help fledgling companies commercialize communications-enabled applications (read about Coral CEA on page 12); the interdisciplinary Sustainable Energy Research Centre brings together experts from Message from the dean Message from engineering and design and the Faculty of Public Affairs (page 9); and researchers across Canada, including a Carleton team, are working to harness technology to enhance healthcare (page 10). Over the past months, I have had numerous occasions to be reminded of Carleton’s connection to the community—and the impact our alumni and partners have on the university.
    [Show full text]
  • 1999-Ibm-Annual-Report.Pdf
    www.ibm.com/annualreport/ 1999 1999 Annual Report a quick look back In January of this year, we sampled expert opinion — including IBM employees, via a survey on our intranet — to compile a list of IBM’s most significant contributions to the 20th century. Herewith our top 10 (and three more we couldn’t resist). Relational Database and SQL (Structured Query Language), 1970 This more flexible, standardized way to store and retrieve data became the foundation for Hollerith Tabulating most modern data manage- Machine, 1890 Punch-card ment systems, including tabulating machine first IBM’s hugely popular DB2. Three more for the ages. demonstrated the possibilities SQL is an industry standard They didn’t make the of large-scale automated for database access. computation and came top 10, but we couldn’t of age with U.S. Social RISC (Reduced Instruction exit the 20th century Security accounting in 1937. Set Computer) Architecture, without a bow to: 1980 Boosts computer Disk Storage, 1956 speed by using simplified Beginning with the original machine instructions for RAMAC disk drive, IBM has frequently used functions. introduced every significant It is the basis for most advance in magnetic disk workstations and UNIX- technology. based servers in use today. 1890 1956 1961 1960s - today 1964 1966 1972 1981 1997 FORTRAN (FORmula Manned Space Exploration, IBM Personal Computer, Selectric Typewriter, 1961 TRANslation Language), 1957 1960s-today In a long 1981 Introduced personal Iconic “golf ball” typing The first modern computer partnership with NASA, computing to a mass market element symbolized stunningly language, and still the basis IBM developed systems and helped legitimize elegant product design and for all important numerical for telemetry monitoring, the then-novel PC for the prefigured modern-day word analysis programs.
    [Show full text]
  • Prevail 2020
    IBM Academy Of Technology PREVAIL 2020 Project Title Double Trouble: how Operations Risk Insights with Watson identifies and mitigates risks from the pandemic to global cyclone threats for IBMers and Non-profit Disaster Relief Agencies IBM Academy Of Technology PREVAIL 2020 Agenda 01 02 03 04 05 INTRODUCTION ABOUT US OUR TEAM OUR OFFERING TIMELINE 06 07 08 09 10 USERS and RESILIENCY THE SOLUTION NEW USE CASES and BENEFITS SERVICES ENHANCEMENTS NEXT STEPS IBM Academy Of Technology PREVAIL 2020 Presenters Tom Ward Rahul Nahar Chet Karwatowski STSM, AI Lead and AoT Member, CDO STSM, Cognitive Enterprise, CAO STSM and OCM Lead, Buy@IBM, CIO IBM Academy Of Technology PREVAIL 2020 Highlights Ginni’s first COVID-19 memo to all Released in July – Arvind’s Corporate Social AnthonyTechnology J D’Angelo Helps Non-Profits IBM employees on March 9th : Responsibility report highlights how IBMers Prepare for Disaster Season: “Operations Risk Insights” is available responded to the pandemic: Updates needed by “Day One Disaster Relief, goes to not-for-profit organizations. ” and aid organizations and others coping with COVID-19. wherever the gaps are, and “remember that IBM has successfully The volunteer team, from many IBM locations, recently that has been the supply managed through many global crises built an additional dashboard to deliver up-to-date chain for the COVID-19 response. over its 109-year history, everything COVID-19 data, media insights, social vulnerability from global health issues, to market data, community demographics and more — based crashes, to world wars, to 9/11. on numerous trusted sources IBM Academy Of Technology PREVAIL 2020 Project Summary Initiative Summary: • Executive Champions: Tim Humphrey (CDO), • Operations Risk Insights (ORI) is a Hybrid Cesare Baroni (CIO), Wilson Lowery (CAO) and Cloud and AI based Resiliency Service Andrea Sayles (GTS BRS) available to all IBMers globally.
    [Show full text]