Table of Contents Introducing ATMI Security What Security Means Security Plug-ins ATMI Security Capabilities Operating System (OS) Security Authentication Authentication Plug-in Architecture Understanding Delegated Trust Authentication Establishing a Session Getting Authorization and Auditing Tokens Replacing Client Tokens with Server Tokens Implementing Custom Authentication Authorization Authorization Plug-in Architecture How the Authorization Plug-in Works Default Authorization Custom Authorization Implementing Custom Authorization Auditing Auditing Plug-in Architecture How the Auditing Plug-in Works Default Auditing Custom Auditing Implementing Custom Auditing Link-Level Encryption How LLE Works Encryption Key Size Negotiation Determining Min-Max Values Finding a Common Key Size Backward Compatibility of LLE Interoperating with Release 6.5 Oracle Tuxedo Software Interoperating with Pre-Release 6.5 Oracle Tuxedo Software WSL/WSH Connection Timeout During Initialization SSL Encryption How the SSL Protocol Works Requirements for Using the SSL Protocol Encryption Key Size Negotiation Determining Min-Max Values Finding a Common Key Size Backward Compatibility of SSL WSL/WSH Connection Timeout During Initialization Supported Cipher Suites SSL Installation Public Key Security PKCS-7 Compliant Supported Algorithms for Public Key Security Public Key Algorithms Digital Signature Algorithms Symmetric Key Algorithms Message Digest Algorithms Message-based Digital Signature Digital Certificates Certification Authority Certificate Repositories Public-Key Infrastructure Message-based Encryption Public Key Implementation Public Key Initialization Key Management Certificate Lookup Certificate Parsing Certificate Validation Proof Material Mapping Implementing Custom Public Key Security Default Public Key Implementation Default Authentication and Authorization Client Naming User-Client Names Application Key User, Group, and ACL Files Optional and Mandatory ACLs Security Interoperability Interoperating with Pre-Release 7.1 Software Interoperability for Link-Level Encryption Interoperability for SSL Encryption Interoperability for Public Key Security Security Compatibility Mixing Default/Custom Authentication and Authorization Mixing Default/Custom Authentication and Auditing Compatibility Issues for Public Key Security Compatibility/Interaction with Data-dependent Routing Compatibility/Interaction with Threads Compatibility/Interaction with the EventBroker Compatibility/Interaction with /Q Compatibility/Interaction with Transactions Compatibility/Interaction with Domain Gateways Compatibility/Interaction with Other Vendors’ Gateways Denial-of-Service (DoS) Defense Limited/Restricted Connection Numbers Setting Up Connection Limitations/Restrictions UBBCONFIG File Messages Message Sanity Check Message Authentication Code (MAC) Usage Performance Impact Setting up Message Authentication Code (MAC) Usage DMCONFIG File Configuration MIB Configuration Password Pair Protection Administering Security What Administering Security Means Security Administration Tasks Setting the Oracle Tuxedo Registry Purpose of the Oracle Tuxedo Registry Registering Plug-ins Configuring an ATMI Application for Security Editing the Configuration File Changing the TM_MIB Using the Oracle Administration Console Setting Up the Administration Environment Administering Operating System (OS) Security Recommended Practices for OS Security Administering Authentication Specifying Principal Names How System Processes Acquire Credentials Why System Processes Need Credentials Example UBBCONFIG Entries for Principal Names Mandating Interoperability Policy Establishing an Identity for an Older Client How the WSH Establishes an Identity for an Older Client How the Domain Gateway Establishes an Identity for an Older Client How the Server Establishes an Identity for an Older Client Summarizing How the CLOPT -t Option Works Example UBBCONFIG Entries for Interoperability Establishing a Link Between Domains Example DMCONFIG Entries for Establishing a Link Setting ACL Policy Impersonating the Remote Domain Gateway Example DMCONFIG Entries for ACL Policy Setting Credential Policy Administering Authorization Administering Link-Level Encryption Understanding LLE min and max Values Verifying the Installed LLE Version How to Configure LLE on Workstation Client Links How to Configure LLE on Bridge Links How to Configure LLE on tlisten Links How to Configure LLE on Domain Gateway Links Administering SSL Encryption Understanding SSL min and max Values Verifying the Installed SSL Version How to Configure SSL on Workstation Client Links How to Configure SSL on Bridge Links How to Configure SSL on tlisten Links How to Configure SSL on Domain Gateway Links Development Process for the SSL Protocol Administering Public Key Security Recommended Practices for Public Key Security Assigning Public-Private Key Pairs Setting Digital Signature Policy Setting a Postdated Limit for Signature Timestamps Setting a Predated Limit for Signature Timestamps Enforcing the Signature Policy for Incoming Messages How the EventBroker Signature Policy Is Enforced How the /Q Signature Policy Is Enforced How the Remote Client Signature Policy Is Enforced Setting Encryption Policy Enforcing the Encryption Policy for Incoming Messages How the EventBroker Encryption Policy Is Enforced How the /Q Encryption Policy Is Enforced How the Remote Client Encryption Policy Is Enforced Initializing Decryption Keys Through the Plug-ins Failure Reporting and Auditing Digital Signature Error Handling Encryption Error Handling Administering Default Authentication and Authorization Designating a Security Level Establishing Security by Editing the Configuration File Establishing Security by Changing the TM_MIB Establishing Security by Using the Oracle Administration Console Configuring the Authentication Server How to Enable Application Password Security How to Enable User-Level Authentication Security Setting Up the UBBCONFIG File Setting Up the User and Group Files Converting System Security Data Files to Oracle Tuxedo User and Group Files Adding, Modifying, or Deleting Users and Groups Enabling Access Control Security How to Enable Optional ACL Security Setting Up the UBBCONFIG File Setting Up the ACL File How to Enable Mandatory ACL Security Setting Up the UBBCONFIG File Setting Up the ACL File Using the Kerberos Authentication Plug-in Kerberos Plug-In Kerberos Supported Platforms Kerberos Plug-in Features Kerberos Plug-In Pre-configuration Kerberos Plug-In Configuration Configure the Kerberos Plug-in Restore Default Plug-in Configure KAUTHSVR Configure Tuxedo Native Client Limitations See Also Using the Cert-C PKI Encryption Plug-in Cert-C PKI Encryption Plug-In Cert-C PKI Encryption Plug-In Pre-configuration Cert-C PKI Encryption Plug-In Configuration Configure Certificate Lookup Configure Key Management decPassword privateKeyDir Configure Certificate Parsing Configure Certificate Validation caCertificateFile crlFile Sample Registry Command File Limitations See Also Programming Security What Programming Security Means Programming an ATMI Application with Security Setting Up the Programming Environment Writing Security Code So Client Programs Can Join the ATMI Application Getting Security Data Joining the ATMI Application Transferring the Client Security Data Calling a Service Request Before Joining the ATMI Application Writing Security Code to Protect Data Integrity and Privacy ATMI Interface for Public Key Security Recommended Uses of Public Key Security Sending and Receiving Signed Messages Writing Code to Send Signed Messages Step 1: Opening a Key Handle for Digital Signature Step 2 (Optional): Getting Key Handle Information Step 3 (Optional): Changing Key Handle Information Step 4: Allocating a Buffer and Putting a Message in the Buffer Step 5: Marking the Buffer for Digital Signature Step 6: Sending the Message Step 7: Closing the Signer’s Key Handle How the System Generates a Digital Signature How a Signed Message Is Received Verifying Digital Signatures Verifying and Transmitting an Input Buffer’s Signatures Replacing an Output Buffer’s Signatures Sending and Receiving Encrypted Messages Writing Code to Send Encrypted Messages Step 1: Opening a Key Handle for Encryption Step 2 (Optional): Getting Key Handle Information Step 3 (Optional): Changing Key Handle Information Step 4: Allocating a Buffer and Putting a Message in the Buffer Step 5: Marking the Buffer for Encryption Step 6: Sending the Message Step 7: Closing the Encryption Key Handle How the System Encrypts a Message Buffer Writing Code to Receive Encrypted Messages Step 1: Opening a Key Handle for Decryption Step 2 (Optional): Getting Key Handle Information Step 3 (Optional): Changing Key Handle Information Step 4: Closing the Decryption Key Handle How the System Decrypts a Message Buffer Examining Digital Signature and Encryption Information What Happens When an Originating Process Calls tpenvelope What Happens When a Receiving Process Calls tpenvelope Understanding the Composite Signature Status Example Code for tpenvelope Externalizing Typed Message Buffers How to Create an Externalized Representation How to Convert an Externalized Representation Example Code for tpexport and tpimport Implementing Single Point Security Administration What Single Point Security Administration Means Single Point Security Administration Tasks Setting up LAUTHSVR as the Authentication Server LAUTHSVR Command Line Interface Setting Up the LAUTHSVR Configuration File Syntax Requirements for LAUTHSVR Configuration File LAUTHSVR Configuration File Keywords Example LAUTHSVR Configuration File Example UBBCONFIG Using LAUTHSVR Using Multiple Network Addresses for High Availability Example LAUTHSVR Configuration of Multiple Network Addresses Configuring the Database Search Order Using tpmigldap to Migrate User Information to WebLogic Server Assigning New Passwords for the tpusr File tpmigldap Command Line Options Adding New Tuxedo User Information Adding New User Information in tpusr or tpgrp Adding New User Information Using the WebLogic Administration Console Setting up GAUTHSVR as the Authentication Server GAUTHSVR Command Line Interface Setting Up the GAUTHSVR Configuration File Syntax Requirements for GAUTHSVR Configuration File GAUTHSVR Configuration File Keywords Example GAUTHSVR Configuration File Example UBBCONFIG Using GAUTHSVR Using tpmigldif to Migrate User Information Using tpmigldif Command Line Options tpusr and tpgrp File Format Creating a Migration Template Supported LDAP Server Template Example
Copyright © 1994, 2017, Oracle and/or its affiliates. All rights reserved.