Secure Socket Layer (Ssl) Functionality; Storage Authentication Service - IBM TS3500 Introduction And Planning Manual
System storage
Hide thumbs
Also See for TS3500:
- Product manual (8 pages) ,
- Update manual (37 pages) ,
- Manual (191 pages)
Table of Contents
Advertisement
require the Advanced Library Management System (ALMS). The full version (v1.2),
released with code level 8160, requires that ALMS is installed and enabled on your
library.
To learn more about the Tivoli Storage Productivity Center, go to
http://www.ibm.com/systems/storage/software/. To learn more about SMI-S and
SNIA, go to http://www.snia.org/.
Secure Socket Layer (SSL) functionality
The TS3500 Tape Library supports secure socket layer (SSL). SSL is a protocol for
transmitting private documents through the Internet. SSL uses a cryptographic
system that uses these two keys to encrypt data:
v a public key known to everyone
v a private key known only to the recipient of the message
Many Web sites use this protocol to obtain confidential user information, such as
credit card numbers. By convention, URLs that require an SSL connection start
with https: instead of http:.
The TS3500 Tape Library provides the ability to enable or disable SSL for Web
browser communication. The action is performed using the Tape Library Specialist
Web specialist.
Storage Authentication Service
This topic describes the Storage Authentication Service (SAS), which is an option
for web login requests on the TS3500 Tape Library.
Remote authentication is supported on a TS7700 Virtualization Engine or TS3500
Tape Library using the Tivoli Secure Authentication Service client and server, and
the WebSphere
TS3500 Tape Library must connect to a System Storage Productivity Center (SSPC)
appliance or a server using Tivoli Productivity Center (TPC). The SAS client is
integrated into the TS7700 Virtualization Engine microcode or the TS3500 Tape
Library firmware, while the SAS server and the WebSphere Federated Repositories
are integrated into TPC 4.1 and higher. TPC is available as a software-only package
or as an integrated solution on the SSPC appliance.
When SAS is enabled, the TS3500 Tape Library passes user authentication requests
to the SAS server on the SSPC or TPC, where they are forwarded to the customer's
Lightweight Directory Access Protocol (LDAP) or Microsoft Active Directory (AD)
server. The LDAP or AD server then authenticates the user's ID and password; if
they are valid then one or more user groups are assigned. The TS3500 Tape Library
then assigns the user a role based on the LDAP or AD group.
This central repository allows you to accomplish the following security tasks from
a single interface, without logging in to a TS3500 Tape Library:
v Add or remove a user
v Reset or change a password
v Assign, change, or delete the LDAP or AD group of a user
Figure 17 on page 75 shows an overview of the Storage Authentication Service.
74
IBM System Storage TS3500 Tape Library with ALMS: Introduction and Planning Guide
®
Federated Repositories. The TS7700 Virtualization Engine or
Advertisement
Table of Contents
