Chapter 20: Configuring Enterprise Security

Overview

Computer security is one issue that routinely makes the news and keeps administrators busy. Particularly when managing web servers, security needs to be a constant theme because of the increased vulnerability of systems connected to the Internet. Failure to properly secure your system will, sooner or later (probably sooner), result in someone getting into it. If you're "lucky," the hacker will just snoop around. If the hacker is criminal or malicious, he can steal your data, rob your company and customers, use your system as a launching pad for attacking other systems, and ultimately corrupt or destroy your system.

In this chapter we'll outline the fundamentals of running a secure server and the preventative actions the administrator can take to improve security. You'll look at security fundamentals at both a total systems and web-application-server level. Concepts regarding a layered system defense, firewall security, and responding to new security threats will be covered.

Finally, you'll learn some 10g AS-specific security improvements and tools. We'll show you how to secure the powerful Application Server Control (ASC) utility. Next we'll explain Secure Sockets Layer (SSL) and examine how to set up SSL using the Oracle Wallet Manager (OWM) to allow for HTTPS traffic. Finally, we'll provide an overview of Oracle's Identity Management tools including Oracle Internet Directory (OID).

In this chapter, we'll cover the following:

  • Threats and impacted parties. What are the potential threats and who is impacted?

  • Web security fundamentals. Fundamental practices for securing a system at all levels.

  • Securing application server control. How to make the powerful administrator's ASC tool secure.

  • Secure Sockets Layer (SSL) and Oracle Wallet Manager (OWM). How to set up SSL and learning the role of OWM.

  • Identity Management. The role of OID, Delegated Administration Service (DAS), and Single Sign-On (SSO).



Oracle Application Server 10g. J2EE Deployment and Administration
Oracle Application Server 10g: J2EE Deployment and Administration
ISBN: 1590592352
EAN: 2147483647
Year: 2004
Pages: 150

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net