Security policy planning - web reverse proxy
A corporate security policy identifies web resources that require protection and the level of protection. We can implement the security policy by applying the appropriate security mechanisms to the objects requiring protection. ISAM uses a virtual representation of these web resources, called the protected object space, which contains objects representing actual physical resources in the network. The authorization service permits or denies access to protected objects (resources) based on the user's credentials and the access controls placed on the objects. To successfully implement the security policy, we logically organize the different content types and apply the appropriate ACL and POP policies.
Security mechanisms include:
Access control list (ACL) policies User types that can be considered for access to protected objects Protected object policies (POPs) Conditions governing access, such as privacy, integrity, auditing, and time-of-day. . Extended attributes Values placed on an object, ACL, or POP that can be interpreted by third-party applications, such as an external authorization service.
Parent topic: IBM Security Verify Access WebSEAL overview
Related concepts
- Introduction to IBM Security Verify Access
- WebSEAL introduction
- ISAM appliance
- WebSEAL functionality on the appliance
- Security concepts for a WebSEAL deployment
- Authorization process
- Content types and levels of protection
- WebSEAL authentication
- Standard WebSEAL junctions
- Web space scalability