SlideShare a Scribd company logo

Mule securing

Download as PPTX, PDF
S
Sindhu VL

Mule securing

Design
1 of 17
Presented By SindhuVL
 Anypoint Enterprise Security  Configuring Security  FIPS 140-2 Compliance Support
 Anypoint Enterprise Security is a collection of security features that enforce secure access to information in Mule applications.  This suite of security features provides various methods for applying security to Mule Service-OrientedArchitecture (SOA) implementations andWeb services.The following security features bridge gaps between trust boundaries in applications:
 Mule SecureToken Service (STS)OAuth 2.0a Provider  Mule CredentialsVault  Mule Message Encryption Processor  Mule Digital Signature Processor  Mule Filter Processor  Mule CRC32 Processor
 Businesses must ensure that the valuable information they store and make available through software applications andWeb services is secure. Locked away and protected from unauthorized users and malicious attackers, protected resources — such as credit card information or Social Security numbers — must still be accessible to authorized legitimate users and systems in order to conduct business transactions.  To provide secure access to information, applications and services can apply a variety of security measures.The suite of security features inAnypoint Enterprise Security enables developers to protect applications according to security requirements, prevent security breaches and facilitate authorized access to data.
 Anypoint Enterprise Security adds new features on top of of Mule ESB Enterprise’s existing security capabilities. Mule ESB already provides the following security features:  Mule Security Manager, client authentication and authorization on inbound requests as well as credential mapping for outbound calls  LDAP and third party identity management system integration  Validation of inbound requests through the SAML 2.0 federated identity standard  Secure FTP (SFTP)Transport that enables Mule flows to read and write to remote directories over the SSH protocol.
 Mule can encrypt properties in a .properties file. The .properties file in Mule stores data as key- value pairs. Mule flows may access this data — usernames, first and last names, credit card information — as the flow processes messages. In the context ofAnypoint Enterprise Security, Mule refers to the .properties file in which it safely stores encrypted properties as the Mule CredentialsVault.  Encrypt a properties file
 Mule can encrypt an entire payload or several fields of data within a message.Where sensitive information must move between users, yet remain hidden from them, a developer can encrypt message content to prevent unauthorized access.Typically, you may need to encrypt data such as a password, credit card number or social security number (SSN).  Encrypt a message payload Decrypt a message payload
 Mule uses digital signatures to ensure that messages maintain integrity and authenticity. Mule can verify that an incoming Web service request originates from a valid source, and can sign an outgoingWeb service response to ensure its contents. Digital signatures ensure that a sender is valid, that a message is not modified in transit betweenWeb services, and that no unauthorized user has tampered with a message.  Add a digital signature to a message in Mule Sign part of a message payload Verify a digital signature in Mule
 Mule can filter messages it receives to avoid processing invalid ones.With a filter processor in place, Mule discards any message it receives that does not match the filter’s parameters — a message from outside a set range of IP addresses, for example.  Filter unsecure messages
 Mule can apply a cyclic redundancy check (CRC) to messages to ensure message integrity. CRC uses an algorithm to apply a check value to a message when it enters a system, and verifies the value when the message leaves the system. If the entry and exit values do not match, CRC marks the message as changed. Generally, CRC32 (32 indicates the 33-bit polynomial length in the algorithm) detects unintentional changes to messages, such as the accumulation of “noise” between transmission points, but it can also detect unauthorized intentional changes – for instance, flagging a message that has been tampered with during transmission to change it into aTrojan horse.  Apply a CRC to a message
 Mule ESB allows you to authenticate requests via connectors using transport-specific or generic authentication methods. It also allows you to control method-level authorization on your components.The Security Manager is responsible for authenticating requests based on one or more security providers.  For information on the elements you can configure for the Security Manager, seeSecurity Manager Configuration Reference.The following sections provide links to information on configuring different types of security managers.
 Spring Security is the next version of Acegi and provides a number of authentication and authorization providers such as JAAS, LDAP, CAS (Yale Central Authentication service), and DAO.The following topics will help you get started securing your flows using Spring Security:  Configuring the Spring Security Manager  Component Authorization Using Spring Security  Setting up LDAP Provider for Spring Security
 WS-Security is a standard protocol for applying security toWeb services. It contains specifications on how integrity and confidentiality in a SOAP message can be enforced via XML signatures and binary security tokens such as X.509 certificates and Kerberos tickets as well as encryption headers. It ensures end- to-end security by working in the application layer as opposed to the transport layer. Mule provides the following resources forWS- Security:  EnablingWS-Security - Describes how to secure your CXF connectors with WS-Security.  SAML Module - Mule now supports the SAML standard for exchange of security information between systems.This module is available in the enterprise edition of Mule as of version 2.2.3
 Mule also supports the following security technologies:  Encryption Strategies - Secure your messages by encrypting them.  PGP Security - Secure your messages by encrypting them with PGP.  Jaas Security
 As of Mule 3.5.0, Mule ESB can be configured to run in a FIPS 140-2 certified environment. Note that Mule does not run in FIPS security mode by default.There are two requirements:  Have a certified cryptography module installed in your Java environment  Adjust Mule ESB settings to run in FIPS security mode
ThankYou!!!!!!

Recommended

Securing mule
Securing muleSecuring mule
Securing muleSindhu VL
 
Mule esb
Mule esbMule esb
Mule esbcharan teja R
 
Mule for beginners
Mule for beginnersMule for beginners
Mule for beginnersSindhu VL
 
Anypoint enterprise security overview
Anypoint enterprise security overviewAnypoint enterprise security overview
Anypoint enterprise security overviewdanishsm84
 
Mule security
Mule securityMule security
Mule securitycharan teja R
 
Mule ESB
Mule ESBMule ESB
Mule ESBBui Kiet
 
Mule architecture
Mule architectureMule architecture
Mule architectureKhasim Saheb
 
Mule architecture
Mule architectureMule architecture
Mule architectureD.Rajesh Kumar
 

Recommended

Securing mule
Securing muleSecuring mule
Securing muleSindhu VL
 
Mule esb
Mule esbMule esb
Mule esbcharan teja R
 
Mule for beginners
Mule for beginnersMule for beginners
Mule for beginnersSindhu VL
 
Anypoint enterprise security overview
Anypoint enterprise security overviewAnypoint enterprise security overview
Anypoint enterprise security overviewdanishsm84
 
Mule security
Mule securityMule security
Mule securitycharan teja R
 
Mule ESB
Mule ESBMule ESB
Mule ESBBui Kiet
 
Mule architecture
Mule architectureMule architecture
Mule architectureKhasim Saheb
 
Mule architecture
Mule architectureMule architecture
Mule architectureD.Rajesh Kumar
 
Mule esb-connectors
Mule esb-connectorsMule esb-connectors
Mule esb-connectorshimajareddys
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSindhu VL
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layerPraneethchampion
 
Mule esb-architecture
Mule esb-architectureMule esb-architecture
Mule esb-architecturehimajareddys
 
Overview of Mule Esb
Overview of Mule EsbOverview of Mule Esb
Overview of Mule Esbjaveed_mhd
 
Mulesoft at a glance
Mulesoft at a glance Mulesoft at a glance
Mulesoft at a glance mdfkhan625
 
Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gatewayPraneethchampion
 
Mule security
Mule securityMule security
Mule securityD.Rajesh Kumar
 
4. mule real-world-old
4. mule real-world-old4. mule real-world-old
4. mule real-world-oldAbdulImrankhan7
 
Mule enterprise security
Mule enterprise securityMule enterprise security
Mule enterprise securitykeshav Naidu
 
Mule connectors
Mule connectorsMule connectors
Mule connectorsD.Rajesh Kumar
 
Mule anypoint b2 b
Mule anypoint b2 bMule anypoint b2 b
Mule anypoint b2 bD.Rajesh Kumar
 
Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaascharan teja R
 
SOAP Service in Mule Esb
SOAP Service in Mule EsbSOAP Service in Mule Esb
SOAP Service in Mule EsbAnand kalla
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agentD.Rajesh Kumar
 
Mule Esb Fundamentals
Mule Esb FundamentalsMule Esb Fundamentals
Mule Esb Fundamentalsmdfkhan625
 
2. muleesb
2. muleesb2. muleesb
2. muleesbAbdulImrankhan7
 
Mule soft
Mule softMule soft
Mule softFrancesca Della Corte
 
Mule execution
Mule executionMule execution
Mule executionPraneethchampion
 
Mule security
Mule securityMule security
Mule securityPraneethchampion
 
Data weave documentation
Data weave documentationData weave documentation
Data weave documentationSindhu VL
 
Mule - error handling
Mule - error handling Mule - error handling
Mule - error handling Sindhu VL
 

More Related Content

What's hot

Mule esb-connectors
Mule esb-connectorsMule esb-connectors
Mule esb-connectorshimajareddys
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSindhu VL
 
Mule esb-architecture
Mule esb-architectureMule esb-architecture
Mule esb-architecturehimajareddys
 
Overview of Mule Esb
Overview of Mule EsbOverview of Mule Esb
Overview of Mule Esbjaveed_mhd
 
Mulesoft at a glance
Mulesoft at a glance Mulesoft at a glance
Mulesoft at a glance mdfkhan625
 
Mule enterprise security
Mule enterprise securityMule enterprise security
Mule enterprise securitykeshav Naidu
 
Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaascharan teja R
 
SOAP Service in Mule Esb
SOAP Service in Mule EsbSOAP Service in Mule Esb
SOAP Service in Mule EsbAnand kalla
 
Mule Esb Fundamentals
Mule Esb FundamentalsMule Esb Fundamentals
Mule Esb Fundamentalsmdfkhan625
 

What's hot (20)

Mule esb-connectors
Mule esb-connectorsMule esb-connectors
Mule esb-connectors
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layer
 
Mule esb-architecture
Mule esb-architectureMule esb-architecture
Mule esb-architecture
 
Overview of Mule Esb
Overview of Mule EsbOverview of Mule Esb
Overview of Mule Esb
 
Mulesoft at a glance
Mulesoft at a glance Mulesoft at a glance
Mulesoft at a glance
 
Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gateway
 
Mule security
Mule securityMule security
Mule security
 
4. mule real-world-old
4. mule real-world-old4. mule real-world-old
4. mule real-world-old
 
Mule enterprise security
Mule enterprise securityMule enterprise security
Mule enterprise security
 
Mule connectors
Mule connectorsMule connectors
Mule connectors
 
Mule anypoint b2 b
Mule anypoint b2 bMule anypoint b2 b
Mule anypoint b2 b
 
Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaas
 
SOAP Service in Mule Esb
SOAP Service in Mule EsbSOAP Service in Mule Esb
SOAP Service in Mule Esb
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agent
 
Mule Esb Fundamentals
Mule Esb FundamentalsMule Esb Fundamentals
Mule Esb Fundamentals
 
2. muleesb
2. muleesb2. muleesb
2. muleesb
 
Mule soft
Mule softMule soft
Mule soft
 
Mule execution
Mule executionMule execution
Mule execution
 
Mule security
Mule securityMule security
Mule security
 

Viewers also liked

Data weave documentation
Data weave documentationData weave documentation
Data weave documentationSindhu VL
 
Mule - error handling
Mule - error handling Mule - error handling
Mule - error handling Sindhu VL
 
Mule batch processing
Mule batch processingMule batch processing
Mule batch processinghimajareddys
 
Mule esb parts
Mule esb partsMule esb parts
Mule esb partsSindhu VL
 
Mule testing
Mule testingMule testing
Mule testingSindhu VL
 
Mule debugging
Mule debuggingMule debugging
Mule debuggingSindhu VL
 
Content based routing tutorial in mule
Content based routing tutorial in muleContent based routing tutorial in mule
Content based routing tutorial in muleSindhu VL
 
Using maven with mule
Using maven with muleUsing maven with mule
Using maven with muleSindhu VL
 
Debugging mule
Debugging muleDebugging mule
Debugging muleSindhu VL
 
Groovy component
Groovy componentGroovy component
Groovy componentSindhu VL
 
Component bindings in mule
Component bindings in muleComponent bindings in mule
Component bindings in muleSindhu VL
 
Error handling with respect to mule
Error handling with respect to muleError handling with respect to mule
Error handling with respect to muleSindhu VL
 
Mule core concepts
Mule core conceptsMule core concepts
Mule core conceptsSindhu VL
 
Mule fundamentals
Mule fundamentalsMule fundamentals
Mule fundamentalsSindhu VL
 
Mule requestor component
Mule requestor componentMule requestor component
Mule requestor componentSindhu VL
 
File connector mule
File connector muleFile connector mule
File connector muleSindhu VL
 
Bindings of components in mule
Bindings of components in muleBindings of components in mule
Bindings of components in muleSindhu VL
 
Enterprise service bus mule
Enterprise service bus muleEnterprise service bus mule
Enterprise service bus muleSindhu VL
 

Viewers also liked (20)

Data weave documentation
Data weave documentationData weave documentation
Data weave documentation
 
Mule - error handling
Mule - error handling Mule - error handling
Mule - error handling
 
Mule batch processing
Mule batch processingMule batch processing
Mule batch processing
 
Data weave in Mule
Data weave in MuleData weave in Mule
Data weave in Mule
 
Mule esb parts
Mule esb partsMule esb parts
Mule esb parts
 
Mule testing
Mule testingMule testing
Mule testing
 
Mule debugging
Mule debuggingMule debugging
Mule debugging
 
Content based routing tutorial in mule
Content based routing tutorial in muleContent based routing tutorial in mule
Content based routing tutorial in mule
 
Using maven with mule
Using maven with muleUsing maven with mule
Using maven with mule
 
Debugging mule
Debugging muleDebugging mule
Debugging mule
 
Groovy component
Groovy componentGroovy component
Groovy component
 
Component bindings in mule
Component bindings in muleComponent bindings in mule
Component bindings in mule
 
Mule errors
Mule errorsMule errors
Mule errors
 
Error handling with respect to mule
Error handling with respect to muleError handling with respect to mule
Error handling with respect to mule
 
Mule core concepts
Mule core conceptsMule core concepts
Mule core concepts
 
Mule fundamentals
Mule fundamentalsMule fundamentals
Mule fundamentals
 
Mule requestor component
Mule requestor componentMule requestor component
Mule requestor component
 
File connector mule
File connector muleFile connector mule
File connector mule
 
Bindings of components in mule
Bindings of components in muleBindings of components in mule
Bindings of components in mule
 
Enterprise service bus mule
Enterprise service bus muleEnterprise service bus mule
Enterprise service bus mule
 

Similar to Mule securing

Flowsinmule 160517130818
Flowsinmule 160517130818Flowsinmule 160517130818
Flowsinmule 160517130818ppts123456
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise securityD.Rajesh Kumar
 
Uunit 5-xml&web security
Uunit 5-xml&web securityUunit 5-xml&web security
Uunit 5-xml&web securityssuser3a47cb
 
Designing A Logical Security Framework for E-Commerce System Based on SOA
Designing A Logical Security Framework for E-Commerce System Based on SOA Designing A Logical Security Framework for E-Commerce System Based on SOA
Designing A Logical Security Framework for E-Commerce System Based on SOA ijsc
 
Designing a logical security framework
Designing a logical security frameworkDesigning a logical security framework
Designing a logical security frameworkijsc
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLcscpconf
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocolcsandit
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloudSudheer Y
 
What is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfWhat is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfAngelicaPantaleon3
 
Secure Your Messages with IBM MQ Advanced Message Security
Secure Your Messages with IBM MQ Advanced Message SecuritySecure Your Messages with IBM MQ Advanced Message Security
Secure Your Messages with IBM MQ Advanced Message SecurityMorag Hughson
 
IT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsIT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsPalani Kumar
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 

Similar to Mule securing (20)

Mule Security
Mule SecurityMule Security
Mule Security
 
Flowsinmule 160517130818
Flowsinmule 160517130818Flowsinmule 160517130818
Flowsinmule 160517130818
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise security
 
Mule security
Mule securityMule security
Mule security
 
Mule security
Mule securityMule security
Mule security
 
Mule security - pgp
Mule security - pgpMule security - pgp
Mule security - pgp
 
Uunit 5-xml&web security
Uunit 5-xml&web securityUunit 5-xml&web security
Uunit 5-xml&web security
 
Designing A Logical Security Framework for E-Commerce System Based on SOA
Designing A Logical Security Framework for E-Commerce System Based on SOA Designing A Logical Security Framework for E-Commerce System Based on SOA
Designing A Logical Security Framework for E-Commerce System Based on SOA
 
Designing a logical security framework
Designing a logical security frameworkDesigning a logical security framework
Designing a logical security framework
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloud
 
What is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdfWhat is Advanced Web Servicels.pdf
What is Advanced Web Servicels.pdf
 
Secure Your Messages with IBM MQ Advanced Message Security
Secure Your Messages with IBM MQ Advanced Message SecuritySecure Your Messages with IBM MQ Advanced Message Security
Secure Your Messages with IBM MQ Advanced Message Security
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommerce
 
Unit 6
Unit 6Unit 6
Unit 6
 
Web Service Extensions | Torry Harris Whitepaper
Web Service Extensions | Torry Harris WhitepaperWeb Service Extensions | Torry Harris Whitepaper
Web Service Extensions | Torry Harris Whitepaper
 
IT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsIT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_Channels
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
 

More from Sindhu VL

Mule - beginners guide
Mule - beginners guideMule - beginners guide
Mule - beginners guideSindhu VL
 
Core concepts - mule
Core concepts - muleCore concepts - mule
Core concepts - muleSindhu VL
 
Core concepts in mule
Core concepts in muleCore concepts in mule
Core concepts in muleSindhu VL
 
Basics of mule for beginners
Basics of mule for beginnersBasics of mule for beginners
Basics of mule for beginnersSindhu VL
 
Service orchestration by using flows
Service orchestration by using flowsService orchestration by using flows
Service orchestration by using flowsSindhu VL
 
Configuration patterns in mule
Configuration patterns in muleConfiguration patterns in mule
Configuration patterns in muleSindhu VL
 
Using mule configuration patterns
Using mule configuration patternsUsing mule configuration patterns
Using mule configuration patternsSindhu VL
 
Using flows for service orchestration
Using flows for service orchestrationUsing flows for service orchestration
Using flows for service orchestrationSindhu VL
 
Encrption in mule
Encrption in muleEncrption in mule
Encrption in muleSindhu VL
 
Concepts in mule
Concepts in muleConcepts in mule
Concepts in muleSindhu VL
 
Working of mule
Working of muleWorking of mule
Working of muleSindhu VL
 
Mule esb for beginners
Mule esb for beginnersMule esb for beginners
Mule esb for beginnersSindhu VL
 
Design flows in mule
Design flows in muleDesign flows in mule
Design flows in muleSindhu VL
 
Connectors in mule
Connectors in muleConnectors in mule
Connectors in muleSindhu VL
 
Flows and subflows in mule
Flows and subflows in muleFlows and subflows in mule
Flows and subflows in muleSindhu VL
 
Choice router mule
Choice router muleChoice router mule
Choice router muleSindhu VL
 

More from Sindhu VL (17)

Mule - beginners guide
Mule - beginners guideMule - beginners guide
Mule - beginners guide
 
Core concepts - mule
Core concepts - muleCore concepts - mule
Core concepts - mule
 
Core concepts in mule
Core concepts in muleCore concepts in mule
Core concepts in mule
 
Basics of mule for beginners
Basics of mule for beginnersBasics of mule for beginners
Basics of mule for beginners
 
Service orchestration by using flows
Service orchestration by using flowsService orchestration by using flows
Service orchestration by using flows
 
Configuration patterns in mule
Configuration patterns in muleConfiguration patterns in mule
Configuration patterns in mule
 
Using mule configuration patterns
Using mule configuration patternsUsing mule configuration patterns
Using mule configuration patterns
 
Using flows for service orchestration
Using flows for service orchestrationUsing flows for service orchestration
Using flows for service orchestration
 
Encrption in mule
Encrption in muleEncrption in mule
Encrption in mule
 
Concepts in mule
Concepts in muleConcepts in mule
Concepts in mule
 
Working of mule
Working of muleWorking of mule
Working of mule
 
Mule esb for beginners
Mule esb for beginnersMule esb for beginners
Mule esb for beginners
 
Design flows in mule
Design flows in muleDesign flows in mule
Design flows in mule
 
Xslt mule
Xslt muleXslt mule
Xslt mule
 
Connectors in mule
Connectors in muleConnectors in mule
Connectors in mule
 
Flows and subflows in mule
Flows and subflows in muleFlows and subflows in mule
Flows and subflows in mule
 
Choice router mule
Choice router muleChoice router mule
Choice router mule
 

Recently uploaded

NATA 2024 SYLLABUS, full syllabus explained in detail
NATA 2024 SYLLABUS, full syllabus explained in detailNATA 2024 SYLLABUS, full syllabus explained in detail
NATA 2024 SYLLABUS, full syllabus explained in detailDesigntroIntroducing
 
How to Be Famous in your Field just visit our Site
How to Be Famous in your Field just visit our SiteHow to Be Famous in your Field just visit our Site
How to Be Famous in your Field just visit our Sitegalleryaagency
 
SD_The MATATAG Curriculum Training Design.pptx
SD_The MATATAG Curriculum Training Design.pptxSD_The MATATAG Curriculum Training Design.pptx
SD_The MATATAG Curriculum Training Design.pptxjanettecruzeiro1
 
Chapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdfChapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdfParomita Roy
 
VIP Call Girl Amravati Aashi 8250192130 Independent Escort Service Amravati
VIP Call Girl Amravati Aashi 8250192130 Independent Escort Service AmravatiVIP Call Girl Amravati Aashi 8250192130 Independent Escort Service Amravati
VIP Call Girl Amravati Aashi 8250192130 Independent Escort Service AmravatiSuhani Kapoor
 
call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
PORTAFOLIO 2024_ ANASTASIYA KUDINOVA
PORTAFOLIO 2024_ ANASTASIYA KUDINOVAPORTAFOLIO 2024_ ANASTASIYA KUDINOVA
PORTAFOLIO 2024_ ANASTASIYA KUDINOVAAnastasiya Kudinova
 
Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,
Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,
Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,bhuyansuprit
 
Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
A level Digipak development Presentation
A level Digipak development PresentationA level Digipak development Presentation
A level Digipak development Presentationamedia6
 
NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...
NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...
NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...Amil baba
 
Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`
Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`
Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`dajasot375
 
Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...
Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...
Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...Yantram Animation Studio Corporation
 
Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...
Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...
Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...Pooja Nehwal
 
VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130
VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130
VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130Suhani Kapoor
 
SCRIP Lua HTTP PROGRACMACION PLC WECON CA
SCRIP Lua HTTP PROGRACMACION PLC WECON CASCRIP Lua HTTP PROGRACMACION PLC WECON CA
SCRIP Lua HTTP PROGRACMACION PLC WECON CANestorGamez6
 
3D Printing And Designing Final Report.pdf
3D Printing And Designing Final Report.pdf3D Printing And Designing Final Report.pdf
3D Printing And Designing Final Report.pdfSwaraliBorhade
 
ARt app | UX Case Study
ARt app | UX Case StudyARt app | UX Case Study
ARt app | UX Case StudySophia Viganò
 
Cosumer Willingness to Pay for Sustainable Bricks
Cosumer Willingness to Pay for Sustainable BricksCosumer Willingness to Pay for Sustainable Bricks
Cosumer Willingness to Pay for Sustainable Bricksabhishekparmar618
 

Recently uploaded (20)

NATA 2024 SYLLABUS, full syllabus explained in detail
NATA 2024 SYLLABUS, full syllabus explained in detailNATA 2024 SYLLABUS, full syllabus explained in detail
NATA 2024 SYLLABUS, full syllabus explained in detail
 
How to Be Famous in your Field just visit our Site
How to Be Famous in your Field just visit our SiteHow to Be Famous in your Field just visit our Site
How to Be Famous in your Field just visit our Site
 
SD_The MATATAG Curriculum Training Design.pptx
SD_The MATATAG Curriculum Training Design.pptxSD_The MATATAG Curriculum Training Design.pptx
SD_The MATATAG Curriculum Training Design.pptx
 
Chapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdfChapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdf
 
VIP Call Girl Amravati Aashi 8250192130 Independent Escort Service Amravati
VIP Call Girl Amravati Aashi 8250192130 Independent Escort Service AmravatiVIP Call Girl Amravati Aashi 8250192130 Independent Escort Service Amravati
VIP Call Girl Amravati Aashi 8250192130 Independent Escort Service Amravati
 
call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Harsh Vihar (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
 
PORTAFOLIO 2024_ ANASTASIYA KUDINOVA
PORTAFOLIO 2024_ ANASTASIYA KUDINOVAPORTAFOLIO 2024_ ANASTASIYA KUDINOVA
PORTAFOLIO 2024_ ANASTASIYA KUDINOVA
 
Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,
Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,
Bus tracking.pptx ,,,,,,,,,,,,,,,,,,,,,,,,,,
 
Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Okhla Delhi 💯Call Us 🔝8264348440🔝
 
A level Digipak development Presentation
A level Digipak development PresentationA level Digipak development Presentation
A level Digipak development Presentation
 
NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...
NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...
NO1 Famous Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Add...
 
Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`
Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`
Abu Dhabi Call Girls O58993O4O2 Call Girls in Abu Dhabi`
 
Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...
Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...
Captivating Charm: Exploring Marseille's Hillside Villas with Our 3D Architec...
 
Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...
Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...
Kurla Call Girls Pooja Nehwal📞 9892124323 ✅ Vashi Call Service Available Nea...
 
VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130
VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130
VIP Call Girls Service Mehdipatnam Hyderabad Call +91-8250192130
 
SCRIP Lua HTTP PROGRACMACION PLC WECON CA
SCRIP Lua HTTP PROGRACMACION PLC WECON CASCRIP Lua HTTP PROGRACMACION PLC WECON CA
SCRIP Lua HTTP PROGRACMACION PLC WECON CA
 
3D Printing And Designing Final Report.pdf
3D Printing And Designing Final Report.pdf3D Printing And Designing Final Report.pdf
3D Printing And Designing Final Report.pdf
 
ARt app | UX Case Study
ARt app | UX Case StudyARt app | UX Case Study
ARt app | UX Case Study
 
Cosumer Willingness to Pay for Sustainable Bricks
Cosumer Willingness to Pay for Sustainable BricksCosumer Willingness to Pay for Sustainable Bricks
Cosumer Willingness to Pay for Sustainable Bricks
 

Mule securing

  • 2.  Anypoint Enterprise Security  Configuring Security  FIPS 140-2 Compliance Support
  • 3.  Anypoint Enterprise Security is a collection of security features that enforce secure access to information in Mule applications.  This suite of security features provides various methods for applying security to Mule Service-OrientedArchitecture (SOA) implementations andWeb services.The following security features bridge gaps between trust boundaries in applications:
  • 4.  Mule SecureToken Service (STS)OAuth 2.0a Provider  Mule CredentialsVault  Mule Message Encryption Processor  Mule Digital Signature Processor  Mule Filter Processor  Mule CRC32 Processor
  • 5.  Businesses must ensure that the valuable information they store and make available through software applications andWeb services is secure. Locked away and protected from unauthorized users and malicious attackers, protected resources — such as credit card information or Social Security numbers — must still be accessible to authorized legitimate users and systems in order to conduct business transactions.  To provide secure access to information, applications and services can apply a variety of security measures.The suite of security features inAnypoint Enterprise Security enables developers to protect applications according to security requirements, prevent security breaches and facilitate authorized access to data.
  • 6.  Anypoint Enterprise Security adds new features on top of of Mule ESB Enterprise’s existing security capabilities. Mule ESB already provides the following security features:  Mule Security Manager, client authentication and authorization on inbound requests as well as credential mapping for outbound calls  LDAP and third party identity management system integration  Validation of inbound requests through the SAML 2.0 federated identity standard  Secure FTP (SFTP)Transport that enables Mule flows to read and write to remote directories over the SSH protocol.
  • 7.  Mule can encrypt properties in a .properties file. The .properties file in Mule stores data as key- value pairs. Mule flows may access this data — usernames, first and last names, credit card information — as the flow processes messages. In the context ofAnypoint Enterprise Security, Mule refers to the .properties file in which it safely stores encrypted properties as the Mule CredentialsVault.  Encrypt a properties file
  • 8.  Mule can encrypt an entire payload or several fields of data within a message.Where sensitive information must move between users, yet remain hidden from them, a developer can encrypt message content to prevent unauthorized access.Typically, you may need to encrypt data such as a password, credit card number or social security number (SSN).  Encrypt a message payload Decrypt a message payload
  • 9.  Mule uses digital signatures to ensure that messages maintain integrity and authenticity. Mule can verify that an incoming Web service request originates from a valid source, and can sign an outgoingWeb service response to ensure its contents. Digital signatures ensure that a sender is valid, that a message is not modified in transit betweenWeb services, and that no unauthorized user has tampered with a message.  Add a digital signature to a message in Mule Sign part of a message payload Verify a digital signature in Mule
  • 10.  Mule can filter messages it receives to avoid processing invalid ones.With a filter processor in place, Mule discards any message it receives that does not match the filter’s parameters — a message from outside a set range of IP addresses, for example.  Filter unsecure messages
  • 11.  Mule can apply a cyclic redundancy check (CRC) to messages to ensure message integrity. CRC uses an algorithm to apply a check value to a message when it enters a system, and verifies the value when the message leaves the system. If the entry and exit values do not match, CRC marks the message as changed. Generally, CRC32 (32 indicates the 33-bit polynomial length in the algorithm) detects unintentional changes to messages, such as the accumulation of “noise” between transmission points, but it can also detect unauthorized intentional changes – for instance, flagging a message that has been tampered with during transmission to change it into aTrojan horse.  Apply a CRC to a message
  • 12.  Mule ESB allows you to authenticate requests via connectors using transport-specific or generic authentication methods. It also allows you to control method-level authorization on your components.The Security Manager is responsible for authenticating requests based on one or more security providers.  For information on the elements you can configure for the Security Manager, seeSecurity Manager Configuration Reference.The following sections provide links to information on configuring different types of security managers.
  • 13.  Spring Security is the next version of Acegi and provides a number of authentication and authorization providers such as JAAS, LDAP, CAS (Yale Central Authentication service), and DAO.The following topics will help you get started securing your flows using Spring Security:  Configuring the Spring Security Manager  Component Authorization Using Spring Security  Setting up LDAP Provider for Spring Security
  • 14.  WS-Security is a standard protocol for applying security toWeb services. It contains specifications on how integrity and confidentiality in a SOAP message can be enforced via XML signatures and binary security tokens such as X.509 certificates and Kerberos tickets as well as encryption headers. It ensures end- to-end security by working in the application layer as opposed to the transport layer. Mule provides the following resources forWS- Security:  EnablingWS-Security - Describes how to secure your CXF connectors with WS-Security.  SAML Module - Mule now supports the SAML standard for exchange of security information between systems.This module is available in the enterprise edition of Mule as of version 2.2.3
  • 15.  Mule also supports the following security technologies:  Encryption Strategies - Secure your messages by encrypting them.  PGP Security - Secure your messages by encrypting them with PGP.  Jaas Security
  • 16.  As of Mule 3.5.0, Mule ESB can be configured to run in a FIPS 140-2 certified environment. Note that Mule does not run in FIPS security mode by default.There are two requirements:  Have a certified cryptography module installed in your Java environment  Adjust Mule ESB settings to run in FIPS security mode