Security Hardening for SAS® 9.3 Enterprise BI Web Applications
نویسنده
چکیده
Web configuration for SAS 9.3 Enterprise BI Web applications need to be secured according to an organization's security policy. This paper examines the Web configuration security enhancement options and the protection of Web applications from security vulnerability attacks. Security enhancements for the configuration include single sign-on, integration with a reverse proxy security server, setting up a firewall, the use of SSL, and building a FIPS 140-2 compliant configuration. Implementation of SAS 9.3 Web application protection mechanisms for vulnerability attacks is explained along with the testing process based on the OWASP Top 10 list and the IBM AppScan penetration testing tool.
منابع مشابه
"Ins" and "Outs" of Installing and Configuring the SAS® Enterprise BI Server at Blue Cross & Blue Shield of Minnesota
This paper discusses the implementation of SAS Enterprise BI Server at BlueCross BlueShield of Minnesota (BCBSM). It provides an overview of the hardware and software architecture and the deployment of SAS Enterprise BI Server within a mature enterprise-wide and external web-facing infrastructure in a multi-tier UNIX environment. This paper also provides highlights of the installation and confi...
متن کاملایجاد نیمه خودکار مشاپ های سازمانی با استفاده از توصیفات معنایی
Mashups are next generation of web applications. A mashup is a lightweight web application that is created by combining information or capabilities from more than one existing resources to deliver a new and integrated experience to the user. Mashups introduce a new class of integration techniques in enterprises for implementing situational applications (i.e. applications that come together to s...
متن کاملSAS ® Business Intelligence Web Application Security Configuration Primer
Securing Web-based resources is one of the biggest challenges for IT today. Almost all IT organizations use security measures through authentication and authorization to protect their Web resources. Thus, it is vital for SAS Business Intelligence Web applications to integrate within a secure Web environment. This paper explores just that. SAS Business Intelligence Web applications are implement...
متن کاملEnd-to-End Security for Enterprise Mashups
Mashups are gaining momentum as a means to develop situational Web applications by combining different resources (services, data feeds) and user interfaces. In enterprise environments, mashups are recently used for implementing Web-based business processes, however, security is a major concern. Current approaches do not allow the mashup to securely consume services with diverse security require...
متن کاملSee ya CLIST: Migration of SAS Applications from the IBM Mainframe to the Web
This paper discusses the conversion and consolidation of several mainframe SAS applications to UNIX using a single Web-based front end. The Web interface enables end-users to generate raw data listings and statistical summary reports from their laboratory data with no assistance from colleagues trained in SAS or the native operating system, as previously had been required when the analysis appl...
متن کامل