From IBM WebSphere Traditional V9.x Security Technical Implementation Guide
Part of SRG-APP-000428-AS-000265
Associated with: CCI-002475
The encryption of authentication information that is exchanged between servers involves the Lightweight Third-Party Authentication (LTPA) mechanism. LTPA utilizes encryption keys, if LTPA is utilized, the LTPA keys must be regenerated on a regular basis. The time period must be defined, documented and accepted by the ISSO but must be performed at least annually.
If LTPA is not utilized, this is not applicable. Request the documented process to manually regenerate the LTPA keys. The time period for regeneration must be defined, documented and accepted by the ISSO but must be performed at least annually. Review documented process for LTPA key regeneration. If there is no process to regenerate LTPA keys periodically, this is a finding.
These steps must be documented and then executed during the down time scheduled for periodic LTPA key regeneration. The time period must be defined, documented and accepted by the ISSO but must be performed at least annually. Navigate to Security >> SSL Certificate and Key Management >> Key set groups. Check "CellLTPAKeySetGroup". Click "Generate Keys". Click "Save". Then synchronize the changes to all nodes.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer