O'Reilly logo

IBM WebSphere V5.0 Security: WebSphere Handbook Series by Stephen Pipes, Rao Maheshwar, David Leigh, Floyd Langley, Piotr Kisielewicz, Paul Creswick, Derek Carpenter, Peter Kovari

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

2.2. Security fundamentals

This section will discuss two fundamental security services also supported by WebSphere Application Server:

  • Authentication

  • Authorization

2.2.1. Authentication

Authentication is the process of establishing whether a client is valid in a particular context. A client can be either an end user, a machine or an application.

Definition

A realm is a collection of users that are controlled by the same authentication policy.

The authentication process involves gathering some unique information from the client.

There are three major groups of secure authentication used to gather this unique information:

  • Knowledge-based - user name and password, for example.

  • Key-based - physical keys, encryption keys, key cards.

  • Biometric - finger ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required