Securing Your Mobile Business with IBM Worklight

Securing Your Mobile Business with IBM Worklight

Front cover Securing Your Mobile Business with IBM Worklight Apply Worklight security features to your mobile applications Integrate Worklight with IBM Security Access Manager Learn by example with practical scenarios Scott Andrews Juarez Barbosa Junior Virginijus Kaminas Jia Lei Ma Dale Sue Ping Madlin Seidel ibm.com/redbooks International Technical Support Organization Securing Your Mobile Business with IBM Worklight October 2013 SG24-8179-00 Note: Before using this information and the product it supports, read the information in “Notices” on page vii. First Edition (October 2013) This edition applies to Version 6 of IBM Worklight. © Copyright International Business Machines Corporation 2013. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . vii Trademarks . viii Preface . ix Authors. ix Now you can become a published author, too! . xii Comments welcome. xii Stay connected to IBM Redbooks . xii Chapter 1. Overview of IBM MobileFirst and its security offerings . 1 1.1 Business value of mobile technologies . 2 1.2 IBM MobileFirst solution overview. 2 1.2.1 Mobile application development with IBM MobileFirst Platform . 3 1.2.2 Bring your own device with IBM MobileFirst Management . 4 1.2.3 Device and data protection with IBM MobileFirst Security . 5 1.2.4 Optimization of mobile experiences with IBM MobileFirst Analytics . 6 1.2.5 Putting it all together . 6 1.3 Mobile security threats . 9 1.3.1 Loss and theft . 10 1.3.2 Malware . 10 1.3.3 Spam. 10 1.3.4 Phishing . 11 1.3.5 Bluetooth and WiFi . 11 1.4 Mobile application landscape . 11 1.4.1 Mobile application platform . 12 1.4.2 Mobile application types . 12 1.4.3 Putting it all together . 14 1.5 IBM MobileFirst Security solution outline . 14 1.5.1 IBM Worklight platform as the basis for mobile security . 14 1.5.2 User protection with IBM Security Access Manager . 16 1.5.3 Application security testing with IBM Security AppScan . 16 1.5.4 Delivery of services and applications with IBM WebSphere DataPower . 17 1.5.5 Security intelligence with IBM Security QRadar SIEM . 17 1.5.6 VPN software with IBM Mobile Connect . 17 Chapter 2. Business scenario used in this book . 19 2.1 Mobile strategy business drivers. 20 2.1.1 A secure platform foundation . 20 2.1.2 Increased staff productivity . 22 2.1.3 Secure and easy access for customers . 23 2.1.4 Rapid development and deployment . 25 2.2 Conclusion . 26 Chapter 3. IBM Worklight security overview. 27 3.1 Security principles and concepts. 28 3.1.1 Authentication and authorization. 28 3.1.2 Confidentiality, integrity, and nonrepudiation . 29 3.1.3 Other security concepts . 29 3.2 IBM Worklight security capabilities . 30 © Copyright IBM Corp. 2013. All rights reserved. iii 3.2.1 Protect the data on the device . 30 3.2.2 Protect the application . 31 3.2.3 Ensure security updates . 32 3.2.4 Streamline corporate security processes . 32 3.2.5 Provide robust authentication and authorization. 33 3.3 IBM Worklight security framework. 34 3.3.1 Realms and security tests. 36 3.3.2 Worklight protocol and client challenge handlers . 36 3.3.3 Integration with web container security. 37 3.3.4 Integration with web gateways . 38 3.4 Conclusion . 38 Chapter 4. Integrating Worklight with enterprise security . 41 4.1 IBM Worklight security framework. 42 4.1.1 Challenge handlers . 44 4.1.2 Authentication configuration file . 44 4.1.3 Authentication realms . 49 4.1.4 Login modules. 61 4.1.5 Security tests . 68 4.1.6 User registries. 70 4.2 Restricting access to resources with authentication realms . 71 4.2.1 Protecting Worklight applications . 71 4.2.2 Protecting Worklight adapter procedures . 71 4.2.3 Protecting static Worklight web applications. 72 4.2.4 Protecting event sources . 72 4.3 Configuring Worklight for LTPA authentication . 73 Chapter 5. Applying Worklight security features . 77 5.1 Client-side authentication concepts and entities . 78 5.1.1 Challenge handler. 78 5.1.2 Device single sign-on . 79 5.2 Encrypted offline cache and JSONStore. 81 5.2.1 EOC overview . 81 5.2.2 EOC APIs . ..

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    180 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us