Security Requirements

Security is a vital consideration for any system accessed by a large number of users over the public Internet. The general security requirements for SunWeb include the following:

• Secure access to confidential data

• Authentication over SSL

• Confidential data captured on SSL

• Remote and mobile client access through token-based and mobile access authentication

• Enforced role-based access control

• Use of appropriate security features in the Access Manager and load balancer

Token-based authentication is used for remote and mobile users accessing SunWeb through the public Internet and the remote access gateways. Corporate LDAP is used for internal users accessing the portal from a computer connected to SWAN. Remote users accessing SunWeb over the public Internet (SRA) first get a login screen in their browser. After authenticating, a customizable desktop is displayed through which they gain access to various back-end applications and services. The specific mechanisms are described in greater detail in Chapter 3, including Analyzing User Interactions with the SunWeb Components.

The following table provides more specific information about security requirements.

For more information about security strategies, see Choosing Security Strategies for the SunWeb Architecture.