80 lines
5.7 KiB
HTML
80 lines
5.7 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="DCM scenarios" />
|
||
|
<meta name="abstract" content="Use this information to review two scenarios that illustrate typical certificate implementation schemes to help you plan your own certificate implementation as part of your iSeries security policy. Each scenario also provides all needed configuration tasks you must perform to employ the scenario as described." />
|
||
|
<meta name="description" content="Use this information to review two scenarios that illustrate typical certificate implementation schemes to help you plan your own certificate implementation as part of your iSeries security policy. Each scenario also provides all needed configuration tasks you must perform to employ the scenario as described." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzahurazhudigitalcertmngmnt.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzahudcmintaccessscen.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzahudcmpublicaccessscen.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../rzalz/rzalzscenariosoverview.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="dcmscenariosoverview" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>DCM scenarios</title>
|
||
|
</head>
|
||
|
<body id="dcmscenariosoverview"><a name="dcmscenariosoverview"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">DCM scenarios</h1>
|
||
|
<div><p> Use this information to review two scenarios that illustrate typical
|
||
|
certificate implementation schemes to help you plan your own certificate implementation
|
||
|
as part of your <span class="keyword">iSeries™</span> security
|
||
|
policy. Each scenario also provides all needed configuration tasks you must
|
||
|
perform to employ the scenario as described.</p>
|
||
|
<p>Digital Certificate Manager and <span class="keyword">iSeries</span> system
|
||
|
digital certificate support allow you to use certificates to enhance your
|
||
|
security policy in a number of different ways. How you choose to use certificates
|
||
|
varies based on both your business objectives and your security needs. </p>
|
||
|
<p>Using digital certificates can help you improve your security in a number
|
||
|
of ways. Digital certificates allow you to use the Secure Sockets Layer (SSL)
|
||
|
for secure access to Web sites and other Internet services. You can use digital
|
||
|
certificates to configure your virtual private network (VPN) connections.
|
||
|
Also, you can use a certificate's key to digitally sign objects or to verify
|
||
|
digital signatures to ensure the authenticity of objects. Such digital signatures
|
||
|
ensure the reliability of an object's origin and protect the integrity of
|
||
|
the object. </p>
|
||
|
<p>You can further augment system security by using digital certificates (instead
|
||
|
of user names and passwords) to authenticate and authorize sessions between
|
||
|
the server and users. Also, depending on how you configure DCM, you can use
|
||
|
DCM to associate a user's certificate with his or her <span class="keyword">iSeries</span> user
|
||
|
profile or an Enterprise Identity Mapping (EIM) identifier. The certificate
|
||
|
then has the same authorizations and permissions as the associated user profile.</p>
|
||
|
<p>Consequently, how you choose to use certificates can be complicated and
|
||
|
depends on a variety of factors. The scenarios provided in this topic describe
|
||
|
some of the more common digital certificate security objectives for secure
|
||
|
communication within typical business contexts. Each scenario also describes
|
||
|
all necessary system and software prerequisites and all the configuration
|
||
|
tasks that you must perform to carry out the scenario. </p>
|
||
|
</div>
|
||
|
<div>
|
||
|
<ul class="ullinks">
|
||
|
<li class="ulchildlink"><strong><a href="rzahudcmintaccessscen.htm">Scenario: Use certificates for external authentication</a></strong><br />
|
||
|
In this scenario, you lean when and how to use certificates as an authentication mechanism to protect and limit access by public users to public or extranet resources and applications.</li>
|
||
|
<li class="ulchildlink"><strong><a href="rzahudcmpublicaccessscen.htm">Scenario: Use certificates for internal authentication</a></strong><br />
|
||
|
In this scenario, you to learn how to use certificates as an authentication mechanism to protect and restrict which resources and applications that internal users can access on your internal servers.</li>
|
||
|
</ul>
|
||
|
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurazhudigitalcertmngmnt.htm">Digital Certificate Manager</a></div>
|
||
|
</div>
|
||
|
<div class="relinfo"><strong>Related information</strong><br />
|
||
|
<div><a href="../rzalz/rzalzscenariosoverview.htm">Object signing scenarios</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|