Security is a vital consideration for any system accessed by a large number of users over the public Internet. The general security requirements for SunWeb include the following:
Secure access to confidential data
Authentication over SSL
Confidential data captured on SSL
Remote and mobile client access through token-based and mobile access authentication
Enforced role-based access control
Use of appropriate security features in the Access Manager and load balancer
Token-based authentication is used for remote and mobile users accessing SunWeb through the public Internet and the remote access gateways. Corporate LDAP is used for internal users accessing the portal from a computer connected to SWAN. Remote users accessing SunWeb over the public Internet (SRA) first get a login screen in their browser. After authenticating, a customizable desktop is displayed through which they gain access to various back-end applications and services. The specific mechanisms are described in greater detail in Chapter 3, including Analyzing User Interactions with the SunWeb Components.
The following table provides more specific information about security requirements.
Table 2–3 SunWeb Security Requirements
For more information about security strategies, see Choosing Security Strategies for the SunWeb Architecture.