Copyright © Cloud Software Group, Inc. All Rights Reserved

Security Policy

Shared Configuration

The Security Policy shared configuration resource specifies a security policy that can be used for inbound or outbound SOAP messages. The security policy can include any combination of the following characteristics:

•	Authentication — whether messages must be authenticated. Authentication can be performed either with usernames and passwords or by way of X.509 compliant certificates.

•	Integrity — whether messages must be validated with a signature to ensure the message has not been altered since its creation.

•	Confidentiality —whether messages should be encrypted or decrypted.

•	Timeout — whether messages should expire after a certain time.

See TIBCO ActiveMatrix BusinessWorks Process Design for more information about using security policies for web services.

Configuration

The Configuration tab has the following fields.

Field	Global Var?	Description
Name	No	The name to appear as the label for the resource.
Description	No	Short description of the shared resource.
Policy Type	No	Specifies the type of communication this policy applies to. Select one of the following from the list of choices: • inbound • outbound • inbound fault • outbound fault
Authentication	No	Check this box if you want to specify that authentication should be part of this policy. Checking this box makes the fields on the Authentication tab available for editing.
Integrity	No	Check this box if you want to specify that messages should be signed or that signed messages should be verified. Checking this box makes the fields on the Integrity tab available for editing.
Confidentiality	No	Check this box if you want to specify that messages should be encrypted and decrypted. Checking this box makes the fields on the Confidentiality tab available for editing.
Timeout	No	Check this box if you want to add or verify timestamps on messages. Checking this box makes the fields on the Timeout tab available for editing.
Custom Password Lookup	No	Check the box in this field if you want to use your own custom password lookup class. By default, authentication is performed through TIBCO Administrator. This field allows you to specify a class for looking up passwords in your system, such as a database, file system, or LDAP system. See TIBCO ActiveMatrix BusinessWorks Process Design for more information about custom password lookup.
Custom Password Callback Java Class	No	This field specifies an AliasLibrary resource containing your custom password lookup class and any referenced classes (such as third-party libraries to access an LDAP server). Use the Browse button to locate the AliasLibrary resource storing your class, then use the Show Class Browser button in the Class field to locate your class.
Security Header Layout	No	This field is available only when the policy type is outbound or outbound fault. Specifies layout rules to be applied when adding elements to the security header of a SOAP message. The four layouts are: • Lax • Strict • LaxTimeStampFirst - This value is available only if the Timeout field is selected. • LaxTimeStampLast - This value is available only if the Timeout field is selected.

Authentication

The Authentication tab specifies the characteristics for authenticating to the SOAP message server. Inbound messages can be authenticated against a list of trusted certificates. Outbound messages can specify the identity to use to authenticate to the external SOAP server.

The Authentication tab has the following fields.

Field	Global Var?	Description
Inbound or Inbound Fault Policy Type Fields
Supported Security Tokens	No	Specifies the security tokens you want to allow in inbound messages. You can select one or more of the following supported types: • X.509 Token • UsernamePassword Token
Trusted Certificates Folder	No	Specifies the folder containing the trusted certificates for binary security token authentication.
Outbound or Outbound Fault Policy Type Fields
Security Token	No	Specifies the type of security tokens you want to allow in inbound messages. You can select one of the following supported types: • X.509 Token • UsernamePassword Token
X.509 Identity	No	When X.509 Token is selected in the Security Token field, this field specifies the Identity resource containing the X.509 compliant identity file. See TIBCO Designer Palette Reference for more information about Identity resources.
Username Password Identity	No	When UsernamePassword Token is selected in the Security Token field, this specifies the Identity resource that contains the username and password. See TIBCO Designer Palette Reference for more information about Identity resources.
Password Type	No	Specifies whether you want to use text or digest passwords.
Certificate Alias	No	When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, specify the certificate alias in this field to identify the private and public key pair.
Use Password for the Key	No	When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, select the check box to configure a password for the private key. Note: If the check box is not selected, the password has to be the same for the keystore and the private keys stored inside it.
Alias Password	No	This field is enabled when the Use Password for the Key check box is selected. Specify a password for the private key.

Integrity

The Integrity tab specifies the characteristics of the signatures attached to the messages. Signatures can be used to ensure that messages are not altered after creation. The integrity of inbound messages can be checked against the trusted root certificates and public certificates. Outbound messages can specify the certificate to be used to sign the outgoing message.

The Integrity tab has the following fields.

Field	Global Var?	Description
Inbound or Inbound Fault Policy Type Fields
Supported Signature Methods	No	The algorithm used to check the signatures of incoming messages. You can select one or more of the following: • SHA1 • SHA256 • SHA384 • SHA512
Supported Security Tokens	No	Is the security token to use for the signature. You can select one or more of the following: • X.509 Token • UsernameToken
Trusted Certificates Folder	No	Is the folder containing the trusted certificates for signature verification. Note: The certificates in the trusted folder are only necessary when the authenticating user is the same as the user who signed the message. In this case, the message contains the public key, the receiver must verify against the trusted certificate. However, if the authenticating user is not the same as the user who signed the message, the user must define a subject key identity that holds the public key.
Subject Key Identity	No	Specifies an Identity resource containing a keystore that holds an X.509 certificate. The inbound message must match the subject key contained in the certificate.
Outbound or Outbound Fault Policy Type Fields
Signature Method	No	The algorithm used to create signatures for outgoing messages. You can select one of the following: • SHA1 • SHA256 • SHA384 • SHA512
Security Token	No	Is the type of security token to use for the signature. You can select one of the following: • X.509 Token • UsernameToken
Username Password Identity	No	When UsernameToken is selected in the Security Token field, this shows the Identity resource that contains the username and password. See TIBCO Designer Palette Reference for more information about Identity resources.
Password Type	No	Specify whether you want to use text or digest passwords.
X.509 Identity	No	When you select X.509 Token in the Security Token field, this field indicates the Identity resource containing the X.509 compliant identity file. See TIBCO Designer Palette Reference for more information about Identity resources.
Key Identifier Type	No	When you select X.509 Token in the Security Token field, this field specifies all the references to X.509 token types for signing. You can select one of the following: • Direct Reference • Subject Key Identifier • Issuer Serial Note: If the Key Identifier Type selected is of type Subject Key Identifier, ensure that the X509 Certificate used contains the Subject Key Identifier information.
Certificate Alias	No	When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, specify the certificate alias in this field to identify the private and public key pair.
Use Password for the Key	No	When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, select the check box to configure a password for the private key. Note: If the check box is not selected, the password has to be the same for the keystore and the private keys stored inside it.
Alias Password	No	This field is enabled when the Use Password for the Key check box is selected. Specify a password for the private key.

Confidentiality

The Confidentiality tab specifies the encryption characteristics of messages. Inbound messages can be decrypted based on algorithms specified in the message security header and the defined private key. Outbound messages can be encrypted based on algorithms stored in a public key.

The Confidentiality tab has the following fields.

Field	Global Var?	Description
Inbound or Inbound Fault Policy Type Fields
Supported Encryption Algorithm	No	Symmetric key algorithm used to decrypt incoming messages. You can select one or more of the following: • 3DES • AES-128 • AES-256 Note: To use Encryption Algorithm AES-256, refer to Installing Unlimited Jurisdiction Files
Private key Identifier Type	No	Specifies whether the private key is one of the following: • X.509 Token
X.509 Identity	No	When X.509 Token is selected in the Private Key Identifier Type field, this field specifies the Identity resource containing the X.509 compliant private key file to use to decrypt the message. See TIBCO Designer Palette Reference for more information about Identity resources.
Use Password Protected Key	No	When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, select the check box to configure a password for the private key. Note: If the check box is not selected, the password has to be the same for the keystore and the private keys stored inside it.
Certificate Alias	No	When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, specify the certificate alias in this field to identify the private and public key pair.
Alias Password	No	Specify the password for the private key.
Outbound or Outbound Fault Policy Type Fields
Encryption Algorithm	No	Algorithm used to encrypt outgoing messages. You can select one of the following: • 3DES • AES-128 • AES-256 Note: To use Encryption Algorithm AES-256, refer to Installing Unlimited Jurisdiction Files
Public Key	No	Identity resource containing the X.509 compliant public key file to use to encrypt the message. See TIBCO Designer Palette Reference for more information about Identity resources.
Key Identifier Type	No	When you select the X.509 Token in the Security Token field, this field specifies all the references to X509 token types for encryption.You can select one of the following: • Direct Reference • Subject Key Identifier • Issuer Serial Note: If the Key Identifier Type selected is of type Subject Key Identifier, ensure that the X509 Certificate used contains the Subject Key Identifier information.

Installing Unlimited Jurisdiction Files

Java vendors ship a default set of policy files that do not permit unlimited strength cryptography. In countries exempt from these restrictions, you can download and install an unlimited strength set of the policy files.

The default set of policy files restricts usage of 256-bit AES.

Follow these steps to install the unlimited strength policy files:

1.	Download the Java Cryptography Extension(JCE) Unlimited Strength Jurisdiction Policy Files from the JRE vendor.

2.	Create a backup for the files located in TIBCO_HOME/tibcojre/jre_version/lib/security.

3.	Extract the files downloaded in Step 1 to TIBCO_HOME/tibcojre/jre_version/lib/security.

4.	Restart all the running TIBCO applications.

Timeout

The Timeout tab specifies the characteristics of message timeout. Inbound messages can be rejected after the specified number of seconds. Outbound messages can be set to expire after the specified number of seconds.

The Timeout tab has the following fields.

Field	Global Var?	Description
Inbound or Inbound Fault Policy Type Fields
Reject After (seconds)	No	The creation time of incoming messages is compared to the time the message was received. If the difference in time is greater than the number of seconds specified in this field, the message is rejected.
Outbound or Outbound Fault Policy Type Fields
Expire In (seconds)	No	Outgoing and error messages will expire after the specified number of seconds.

Copyright © Cloud Software Group, Inc. All Rights Reserved