1/8
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
1
Services Gatekeeper Security Overview
Basic Security Considerations
Overview of Services Gatekeeper Security
Understanding the Services Gatekeeper Environment
Recommended Deployment Configurations
Securing Services Gatekeeper Components
Operating System Security
Database Security
Oracle Databases
MySQL Databases
WebLogic Server Security
Security Considerations for Relational Database Authentication Providers
Related Applications Security
External Firewall Security
Virtual Environments Security
2
Performing a Secure Services Gatekeeper Installation
Pre-Installation Configuration
Ensuring Services Gatekeeper Performance and Security
Configuring SSL
Security Considerations Related to User Privileges
Security Considerations Relating to Passwords
Installing Services Gatekeeper Securely
Configuring a Secure Domain for Services Gatekeeper
Post-Installation Configuration
Securing Partner Relationship Management Portals
Securing Web Services
Adding Custom Password Validators
Installing Java Cryptography Extension (JCE)
3
Deploying Services Gatekeeper in a Demilitarized Zone
Overview and Recommended Configurations
Securing Services Gatekeeper Components in the DMZ
Securing Traffic Between the Internet and the Access Tier
Encrypting RMI Traffic Between the Access Tier and the Network Tier
Hardening the Operating System
Hardening Oracle Linux 6
Hardening Oracle Solaris 11
Securing Traffic Between the Access and Portal Tiers
Configuring a Firewall to Protect the Access and Portal Tiers
Securing Traffic between the Access Tier and the Network Tier
Configuring a Firewall Between the ATs/Portals and the NTs
Securing the Services Gatekeeper Administration Server
Restricting Administration Server to SSL
Securing the Database
Securing OBIEE in Services Gatekeeper
Securing Node Manager Access to Services Gatekeeper
Configuring Connection Filters Instead of a Firewalls
4
Implementing Services Gatekeeper Security
Securing Communication Services
Authorizing Access to Services with Single Sign-On
Authenticating Service User Requests for Communication Services
Securing SOAP-Based Communication Services
Securing RESTful Communication Services
Securing Native Communication Services
Authorizing Access to Services with SLAs
Authenticating and Authorizing Resources with OAuth
Monitoring Your Services Gatekeeper Implementation
Backing Up and Restoring Services Gatekeeper Configuration Data
Security Considerations for Services Gatekeeper System Administrators
Securing Communication with Service Interceptors
Administering Partners
Setting Up the Partner Relationship Management Portals
5
Security Considerations for Developers
Securing Applications Against Malicious Traffic
Configuring Network Traffic Security
Scripting on this page enhances content navigation, but does not change the content in any way.