You can strengthen the security of your installation by
customizing security settings and setting up user access controls.
Make sure that you know about any security limitations that you might
encounter with this application.
Enabling security during
the installation process
The
IBM® Rational® DOORS® security
model provides a secure connection with certificates and client side
authorization and authentication. When enabled, server security replicates
a set of security checks on the server. To enable server-side security,
you must install and configure the Rational DOORS Web Access server
and the server security version of the
Rational DOORS client
and database server.
To protect against cross-site request forgery (CSRF) security
attacks, administrators can set a property in the Rational DOORS festival.xml file.
See Modifying the core configuration file.
Enabling secure communication
between multiple applications
Security for integrations that use Open
Services for Lifecycle Collaboration (OSLC) is provided by OAuth 1.0a,
which is an open protocol that provides secure API authorization.
Ports, protocols, and
services
You can configure Rational DOORS Web Access
to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
for HTTPS security protocol. You can also configure Rational DOORS
Web Access so that users can access it by using smart cards instead
of logging in with a user name and a password.
You can configure
Rational DOORS so
that users can log on only by using smart cards or certificates.
Your team can use electronic signatures with module baselines
to provide a secure way to review and sign information at various
stages of the development process.
Security standard compliance
Rational
DOORS offers compliance with US encryption standards Federal Information
Processing Standards (FIPS) publication 140-2, NIST Special Publication
(SP) 800 131a, and National Security Agency (NSA) Suite B. To comply
with these standards, you can specify a TLS version for encrypted
communication with Rational DOORS Web Access and the Rational DOORS
database server. If you specify TLS version 1.2, refer to vendor
documentation to determine whether your browser supports that version.
See also the technote Configuring the Rational DOORS database server and
client for compliance with NIST SP800-131a.
Setting up user roles
and access
You can set the login policy that controls
the level of security for the
Rational DOORS database.
You can create users and user groups and configure password
rules for maintaining user security. You can enable system user names
to log in to the Rational DOORS database. System user names are the
names that individuals use to log in to their computers, for example
their Windows user names. The
Rational DOORS database
server can keep a record of every failed login and every successful
login.
You can configure access rights for each item of data
in your Rational DOORS database. Rational DOORS provides
five access rights for user groups: read, modify, create, delete,
and administrative control.
Privacy policy considerations
Depending on the configurations
that are deployed, this software offering might use cookies that can
help enable you to collect personally identifiable information. For
information about this offering’s use of cookies see "Privacy policy
considerations" section in Documentation notices for IBM Rational
DOORS.