Features
..........................................................................................................................................................................

ITAC WS-Guardian® offers a wide range of security policies that enable the configuration of fine-grained security configurations for web services exposed in the organization:

 

Web services security policies classification:

Simple security policies

Composed security policies

Governance

Management

Reports

Keystores management

Users management

Delivery methods
 

The security policies provided by ITAC WS-Guardian® for the consumption of web services can be configured in two different ways:
 

 


Simple policies

     


Composed policies

     


Conditional policies

   

 


Simple policies correspond to the application of configurations that can only be applied autonomously without depending on another filter.

In this case: for consumption of the service the user must send a signed message.

     

The admin user is able to apply more than one simple policy to a service. For example, HTTP header and digital signature, is a policy that would be composed of two single and independent policies.

Example of HTTP header and digital signature: For example, it is necessary to validate the X-Forward-From = Balancer header and also that the message is digitally signed.

     


Conditional policies are two or more policies with an special validation order and dependance. The first policy compliance is validated, and according to the value found in this validation, the second policy can be validated or not.
For example, only if the message comes from the IP 192.168.3.45 (the one that was intended to send the message according to the service policy), then the validation of this message's signature is performed.
Otherwise, this validation is not performed.......................................

   


..........................................................................................................................................................................

According to the table above, the applicable policies are:
 


 


Simple policies

     


Conditional policies

 

 


• Service authorization policies.

• By the validation of the HTTP header content of the SOAP message.

• By the verification of the SOAP message's signature.

• By the verification of the encryption of the entire SOAP message or part of it.

• By the verification of the message's lifetime (Timestamp).

• By the verification of username and password (UsernameToken).

• By the validation of the message's content (Body).

• By IP or IP range validation.

• By schedule validation.

• By calendar validation.

• Support of SOA, JMS and TCP/IP protocols.

     


• P according to content

• Content according to IP

• Digital signature according
  to IP

• Digital signature according
  to content

• Digital signature according
  to HTTP header

• Decryption according HTTP
  header

• Decryption according to IP

• Decryption and Signature

 

 

..........................................................................................................................................................................
 

 

 

 

 

 

 

© Copyright 2018. ITAC. / Diseño y Producción Sitio Web : ITAC : www.itac.co / Todos los derechos reservados. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.