Broker 10.5 | webMethods Broker Documentation | Administering webMethods Broker | webMethods Broker | Broker Security Model
Broker Security Model
You can secure webMethods Broker using basic authentication and SSL authentication. With basic authentication, clients must present the user name and password. With SSL authentication, clients must present digital certificates that verify their identity.
For additional security, you can encrypt the following connections configured with:
*Two-way SSL authentication
*One-way SSL authentication
*Basic authentication over one-way SSL
When you use SSL for encryption, Broker Server uses standard public/private key protocol to encrypt communications between it and the client, which ensures data confidentiality and integrity.
Broker supports certificate revocation checking by using certificate revocation lists (CRLs). A certificate revocation check against a list of revoked certificates provides a mechanism for protecting against using certificates that are compromised or no longer in effect.
Broker supports Federal Information Processing Standards (FIPS). In accordance with FIPS 140-2 Implementation Guidance, Section G.5, webMethods Broker uses an embedded FIPS 140-2-validated cryptographic module (Certificate #1051) running on all platforms that it supports.
Broker also supports access control lists (ACLs) which enable you to restrict access to resources on the Broker to specified clients. To enforce ACLs, you must enable basic authentication or SSL authentication, and clients must present credentials to prove their identity.
For information about configuring security, see Managing Broker Security.