ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahudcmscenariosoverview.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="DCM scenarios" />
<meta name="abstract" content="Use this information to review two scenarios that illustrate typical certificate implementation schemes to help you plan your own certificate implementation as part of your iSeries security policy. Each scenario also provides all needed configuration tasks you must perform to employ the scenario as described." />
<meta name="description" content="Use this information to review two scenarios that illustrate typical certificate implementation schemes to help you plan your own certificate implementation as part of your iSeries security policy. Each scenario also provides all needed configuration tasks you must perform to employ the scenario as described." />
<meta name="DC.Relation" scheme="URI" content="rzahurazhudigitalcertmngmnt.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahudcmintaccessscen.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahudcmpublicaccessscen.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzalz/rzalzscenariosoverview.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="dcmscenariosoverview" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>DCM scenarios</title>
</head>
<body id="dcmscenariosoverview"><a name="dcmscenariosoverview"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">DCM scenarios</h1>
<div><p> Use this information to review two scenarios that illustrate typical
certificate implementation schemes to help you plan your own certificate implementation
as part of your <span class="keyword">iSeries™</span> security
policy. Each scenario also provides all needed configuration tasks you must
perform to employ the scenario as described.</p>
<p>Digital Certificate Manager and <span class="keyword">iSeries</span> system
digital certificate support allow you to use certificates to enhance your
security policy in a number of different ways. How you choose to use certificates
varies based on both your business objectives and your security needs. </p>
<p>Using digital certificates can help you improve your security in a number
of ways. Digital certificates allow you to use the Secure Sockets Layer (SSL)
for secure access to Web sites and other Internet services. You can use digital
certificates to configure your virtual private network (VPN) connections.
Also, you can use a certificate's key to digitally sign objects or to verify
digital signatures to ensure the authenticity of objects. Such digital signatures
ensure the reliability of an object's origin and protect the integrity of
the object. </p>
<p>You can further augment system security by using digital certificates (instead
of user names and passwords) to authenticate and authorize sessions between
the server and users. Also, depending on how you configure DCM, you can use
DCM to associate a user's certificate with his or her <span class="keyword">iSeries</span> user
profile or an Enterprise Identity Mapping (EIM) identifier. The certificate
then has the same authorizations and permissions as the associated user profile.</p>
<p>Consequently, how you choose to use certificates can be complicated and
depends on a variety of factors. The scenarios provided in this topic describe
some of the more common digital certificate security objectives for secure
communication within typical business contexts. Each scenario also describes
all necessary system and software prerequisites and all the configuration
tasks that you must perform to carry out the scenario. </p>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzahudcmintaccessscen.htm">Scenario: Use certificates for external authentication</a></strong><br />
In this scenario, you lean when and how to use certificates as an authentication mechanism to protect and limit access by public users to public or extranet resources and applications.</li>
<li class="ulchildlink"><strong><a href="rzahudcmpublicaccessscen.htm">Scenario: Use certificates for internal authentication</a></strong><br />
In this scenario, you to learn how to use certificates as an authentication mechanism to protect and restrict which resources and applications that internal users can access on your internal servers.</li>
</ul>

<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurazhudigitalcertmngmnt.htm">Digital Certificate Manager</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="../rzalz/rzalzscenariosoverview.htm">Object signing scenarios</a></div>
</div>
</div>
</body>
</html>