From IBM DataPower ALG Security Technical Implementation Guide
Part of SRG-NET-000345-ALG-000099
Associated with: CCI-001991
Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked certificates).
Search Bar “AAA Policy” >> Select AAA Policy. If no AAA Policy is present, this is a finding. Search Bar “AAA Policy” >> Select AAA Policy >> AAA policy >> Authentication. If cache authentication results “Disabled”, this is a finding. Search Bar “Processing Policy” >> processing policy >> Policy Maps tab processing rule >> Rule Action. If no AAA action exists, this is a finding.
Search Bar “AAA Policy” >> Select AAA Policy >> AAA policy >> Authentication >> Cache authentication results “Absolute” or “Maximum” or “Minimum” >> Cache Lifetime cache value. Search Bar “Processing Policy” >> processing policy >> Policy Maps tab processing rule >> Processing Rule processing rule >> Rule Action AAA policy
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer