This topic provides details on enhanced security features for the Lotus® Expeditor Server.
Lotus Expeditor Server security can be broken down into the following topics:
- Transport layer security
- Enabling secure sockets layer (SSL)
Transport layer security
Transport layer security ensures the privacy of data as it is transferred over public networks. Data encryption techniques prevent outsiders from eavesdropping sensitive data. Data encryption occurs between the client and server. You can use Secure Sockets Layer (SSL) as transport layer security for DB2® Everyplace® and Client Management services. WebSphere® MQ Everyplace has its own encryption capabilities to ensure message security; however, you must configure WebSphere MQ Everyplace to use encryption.
The basis of all access control is to verify that you can identify the person or program requesting access. Lotus Expeditor Server exploits the security infrastructure provided by WebSphere Application Server. DB2 Everyplace and Client Management services rely on WebSphere Application Server to provide a HTTP (401) basic authentication challenge to any request for a secure resource or to validate a supplied LTPA token. Lotus Expeditor services do not perform any additional user authentication, trusting the WebSphere Application Server authentication process. WebSphere Application Server data source service and DB2 Everyplace Synchronization Server subscription definitions provide authentication to back-end databases.
Enabling secure sockets layer (SSL)
To protect data transferred between the Expeditor Server and clients, the HTTP server, the application server, and the Expeditor Server client must be secure. Security is not enabled on your servers by default. You must SSL security on IBM® HTTP Server and WebSphere Application Server. For complete details on enabling secure SSL, see Securing Lotus Expeditor Server
Parent topic: Key features: XPD622