Page 1 of 1
Security strategy
Posted: Tue Nov 05, 2013 3:41 pm
by RICHARD RUTA
We are rolling out an application that will be very lightly used by 65 remote users. I guess I will call the application anonymously. But I need a security strategy. Does anyone have a suggestion?
Re: Security strategy
Posted: Tue Nov 05, 2013 3:55 pm
by Scott Klement
Can you explain a little bit more about the situation?
What is it that you need to secure? Why are you using anonymous, and how does it assist you in this situation?
Re: Security strategy
Posted: Wed Nov 06, 2013 10:59 am
by RICHARD RUTA
I would not like to create 65 profiles on the Iseries. But I would also like to have some security for people accessing the system.
Re: Security strategy
Posted: Wed Nov 06, 2013 1:27 pm
by Scott Klement
Sorry, when I asked for more information I didn't explain what I wanted to know. From your last message, I'm guessing that by "security" you're referring to the sign-on (as opposed to something like encryption).
Can you tell me which of these types of applications you're trying to secure?
- 5250 application running in Genie
- Rich Display application running in Genie
- Rich Display application running in a Profound UI session
- Rich Display application running in Atrium
- Genie macro session running in Atrium
- RPGsp application
Will the application be used from 'public' (or shared) devices or PCs?
Do you plan to use browser authentication?
What would be your ideal method of user authentication? A validation list containing the users? Kerberos? LDAP? A physical file containing the users/passwords? This might give me some insight into what you're looking to do.
Re: Security strategy
Posted: Fri Nov 08, 2013 5:20 pm
by RICHARD RUTA
It's going to be a pui application running in a web browser. Up to this point, I've created profiles on the Iseries for a limited number of users.