WA1392 WebSphere Portal v5 Security Training and Courseware Course Outline

WA1392 WebSphere Portal v5.1 Security Training and Courseware Course Outline

1. Introduction to the WebSphere Portal Server
	Objectives What is a Portal General Portal Architecture WebSphere Portal Components WebSphere Portal Components – cont’ WebSphere Portal Enable A Typical Network Architecture for WebSphere Portal WebSphere Portal Server Architecture Portal Engine Architecture Relationship Between WAS and WPS Relationship Between WAS and WPS … Summary

2. Security Concepts
	Objectives Security Types of Security Security Policy Security Policy for different types of attack Security Policy - Example Security Functionality Authentication Single Sign-On (SSO) Authorization Authorization -- Access Control List (ACL) Authorization -- Capability List Delegation Encryption Encoding and Encryption Kerberos Firewalls Features of Firewalls Summary

3. WebSphere Portal Server Roles and Authorization
	Objectives J2EE Security Goals Roles and Authorization J2EE Authorization Model WebSphere Application Server Authorization Model Authorization - WebSphere Portal Server How Does Authorization Work? Roles Role Membership More on Authorization Resources Common Access Rights Managing Users and Groups User Group Permissions Portlet Resource Permissions Portlet Manage Users and User Groups Portlet Access Control List (ACL) Support for J2EE Security Model Summary

4. WebSphere Portal Security - Authentication
	Topics Web Servers Using an external web server Web Request Processing Plugin Configuration User Registries LDAP Security Basics LDAP Data Structure Example Distinguished Name (DN) DN and RDN Example Searching Public Key Cryptography Cryptography in WebSphere Portal Certificates Authentication Lightweight Third Party Authentication (LTPA) Using LTPA Configuring SSO in WebSphere WebSphere SSL Configuration SSL Configuration Repertoire SSL Repertoires Creating an SSL Repertoire Dummy Certificates Key File Trust File Default Key Stores Obtaining a Certificate Generate a Self-Signed Certificate Getting a CA Signed Certificate Specify the Key Store Different SSL Interactions Web Client to Web Server Enable SSL For IBM HTTP Server Web server to WebSphere Web server to WebSphere (cont.) Java Client to WebSphere Summary

5. Document Manager
	Objectives What is Portal Document Manager (PDM)? Configuring the PDM Portlet Management Functions Access Control Approval Workflow Summary

6. Configuration Management
	Objectives Configuration Utilities Configuration Utilities & Security WPSconfig Utility ANT Script File How WPSConfig Uses ANT? More on Properties Property Precedence What Can You Do With WPSConfig? Migrating Database Migrate to DB2 Migrate to DB2… Migrate to Oracle Migrate to Oracle… Summary

7. Security
	Objectives Key Concepts Authentication Portal User Registry WebSphere Member Manager The Member Manager Configuring Member Manager Enabling Security with Member Manager Database WebSphere Security Changes Enabling Security with LDAP Security with LDAP… Single Sign On (SSO) Enabling SSL Credential Vault Credential Components of Credential Vault Structure of the Credential Vault Slot Scope Credential Access Level Active Credentials Passive Credentials Credential Vault Application Programming Interface (API) Credential Vault Application Programming Interface (API) Single Sign-on Scenario Vault Administration Vault Administration… Summary

8. TAM Implementation with WPS V5
	Objectives External Authentication Tivoli Access Manager (TAM) Protected Object Space Security Policy Access Control List (ACL) Access Control List (ACL).. Protected Object Policy (POP) Authorization Rules Implementing security in Tivoli Access Manager Administration Users and Groups Advantages of TAM Tivoli Access Manager Tivoli Access Manager Security Administration Tivoli Access Manager WebSEAL WebSEAL Junction Policy Server TAM - Complete authorization Picture Trust Association Interceptor (TAI) Trust Association Interceptor (TAI) Interfaces Supported TAIs in WPS Trust Association Interceptor (TAI) - Functioning Trust Association Interceptor… Using TAI for Single Sign On Summary

9. Risks & Controls in Web-based & Distributed Systems
	Objectives SANS Top 10 Internet Security Vulnerabilities for Windows SANS Top 10 Internet Security Vulnerabilities for Unix Risk Control in Web Application Security Vulnerabilities in Authentication Risk Control Checklist Best Practices for Reducing Vulnerabilities Vulnerabilities of Access Control Forceful Browsing Risk Control Checklist and Best Practices Vulnerabilities of Sensitive Data Protection Risk Control Checklist and Best Practices Summary of Risks and Risk Control Best Practices Summary of Risks and Risk Control Best Practices – cont’ Do this now.... Summary

WA1392 WebSphere Portal v5.1 Security Training and Courseware Course Outline

1. Introduction to the WebSphere Portal Server

2. Security Concepts

3. WebSphere Portal Server Roles and Authorization

4. WebSphere Portal Security - Authentication

5. Document Manager

6. Configuration Management

7. Security

8. TAM Implementation with WPS V5

9. Risks & Controls in Web-based & Distributed Systems