Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 4 Implementing ActiveSpaces Security : Overview of ActiveSpaces Security

Overview of ActiveSpaces Security
TIBCO ActiveSpaces allows you to secure the information stored in the data grid by protecting both transport data and stored data. TIBCO ActiveSpaces security is provided for metaspaces that use TCP for discovery.
TIBCO ActiveSpaces security provides the following security features:
With TIBCO ActiveSpaces security you can:
ActiveSpaces Security Architecture
TIBCO ActiveSpaces security utilizes the concept of a security domain. A security domain defines specific security behavior for:
You can define different security domains where each domain defines a different set of security-related behaviors. You specify security settings that define the security behavior for a security domain in a security policy file. See Security Policy Files for more information on security policy files.
A security domain also specifies which metaspaces the security behavior of the security domain can be applied to. To apply security to a metaspace:
1.
2.
If you want to apply the same security settings to more than one metaspace, you can associate the same security domain with multiple metaspaces. However, only one security domain can be associated with each metaspace. See Metaspace Access List for more information on associating metaspaces with security domains.
To utilize security within a metaspace, one or more nodes in the metaspace are initialized as a security domain controller for the metaspace. A security domain controller enforces the security domain's defined behavior for a metaspace. A security domain controller can be the manager of a metaspace or just a member of a metaspace. See Security Domain Controllers for more information
Nodes in the metaspace that request security services from the security domain controllers are called security domain requestors. Similar to security domain controllers, a security domain requestor can be a manager of a metaspace or a member of a metaspace. These security components allow you to set up a secured ActiveSpaces cluster.
Figure 2 shows the two node types in the TIBCO ActiveSpaces security architecture.
Figure 2 TIBCO ActiveSpaces Security Architecture
The two node types in the ActiveSpaces security architecture are:
Security Domain Controllers   TIBCO ActiveSpaces nodes that are dedicated to enforcing a security domain's defined security behavior for a metaspace associated with the security domain. Security domain controllers are the only discovery nodes in a metaspace.
For more information, see Security Domain Controllers.
Security Domain Requestors  Nodes that require access to the data in the data grid, such as a seeder or a leech, and which need to be authorized by a controller. Requesters can never be used a discovery nodes.
For more information, see Security Domain Requestors.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved