Features and Amenities
Features and Amenities:
Wifi ready study area
Gym and Function Room
Features and Amenities:
2 Lap Pools
Ground Floor Commercial Areas
Features and Amenities:
3 Swimming Pools
Gym and Fitness Center
Outdoor Basketball Court
Contact us today for a no obligation quotation:
Copyright © 2018 SMDC :: SM Residences, All Rights Reserved.
000-884 exam Dumps Source : IBM Tivoli Identity Manager Express V4.6 Specialist
Test Code : 000-884
Test Name : IBM Tivoli Identity Manager Express V4.6 Specialist
Vendor Name : IBM
: 100 Real Questions
can i discover dumps questions trendy 000-884 exam?
I am one among the high achiever in the 000-884 exam. What a fantastic material they provided. Within a short time I grasped everything on all the relevant topics. It was simply superb! I suffered a lot while preparing for my previous attempt, but this time I cleared my exam very easily without tension and worries. It is truly admirable learning journey for me. Thanks a lot killexams.com for the real support.
I want ultra-modern dumps brand new 000-884 exam.
The questions are valid. basically indistinguishable to the 000-884 exam which I passed in just 30 minutes of the time. If notindistinguishable, a extremely good deal of stuff could be very an awful lot alike, so that you can conquer it supplied for you had invested enough making plans energy. i used to be a bit cautious; however killexams.com and examSimulator has became out to be a strong hotspot for exam preparation illumination. Profoundly proposed. thank youso much.
those 000-884 actual check questions work awesome within the real test.
killexams.com question bank turned into truly true. I cleared my 000-884 exam with sixty eight.25% marks. The questions had been honestly suitable. They maintain updating the database with new questions. And guys, go for it - they in no way disappoint you. thanks a lot for this.
How to prepare for 000-884 exam in shortest time?
I passed 000-884 exam. I think 000-884 certification isnt given sufficient exposure and PR, considering that its really accurate but appears to be beneath rated in recent times. that is why there arent many 000-884 braindumps available free of charge, so I had to purchase this one. killexams.com package grew to become out to be just as brilliant as I anticipated, and it gave me exactly what I had to recognise, no misleading or incorrect data. very good revel in, high 5 to the crew of developers. You guys rock.
WTF! 000-884 questions have been precisely the same in relaxation test that I got.
Preparation package has been very beneficial in the course of my exam instruction. I got a hundred% I am not a very good test taker and can move clean on the exam, which isnt always a great issue, specially if this is 000-884 exam, while time is your enemy. I had enjoy of failing IT tests within the past and wanted to avoid it in any respect fees, so I bought this package deal. It has helped me pass with one hundred%. It had everything I had to realize, and due to the fact I had spent infinite hours reading, cramming and making notes, I had no hassle passing this exam with the very best marks feasible.
in which am i able to discover unfastened 000-884 examination dumps and questions?
As im into the IT field, the 000-884 exam modified into important for me to expose up, yet time obstacles made it overwhelming for me to work well. I alluded to the killexams.com Dumps with 2 weeks to strive for the exam. I determined how to complete all of the questions well below due time. The smooth to retain answers make it nicely much less complicated to get geared up. It worked like a whole reference aide and i was flabbergasted with the end result.
Observed maximum 000-884 Questions in Latest dumps that I prepared.
Passing the 000-884 turned into lengthy due as i used to be extraordinarily busy with my office assignments. however, when i found the question & solution by means of the killexams.com, it certainly stimulated me to take on the test. Its been truely supportive and helped clear all my doubts on 000-884 topic. I felt very happy to pass the exam with a large 97% marks. wonderful achievement indeed. And all credit is going to you killexams.com for this terrific help.
Dont forget about to attempt these contemporary dumps questions for 000-884 exam.
It became a very short desire to have killexams.com QA as my have a test associate for 000-884. I couldnt control my happiness as I started out seeing the questions on display; they were like copied questions from killexams.com dumps, so accurate. This helped me to pass with 90 seven% inside sixty five minutes into the exam.
I need dumps of 000-884 exam.
I gave the 000-884 exercise questions handiest as soon as earlier than I enrolled for becoming a member of the killexams.com software. I did now not have achievement even after giving my ample of time to my studies. I did not realize wherein i lacked in getting fulfillment. but after becoming a member of killexams.com i got my solution become missing become 000-884 prep books. It placed all the things within the right guidelines. making ready for 000-884 with 000-884 example questions is really convincing. 000-884 Prep Books of different lessons that i had did assist me as they had been now not sufficient capable for clearing the 000-884 questions. They had been difficult in reality they did now not cover the whole syllabus of 000-884. but killexams.com designed books are simply splendid.
Found an accurate source for real 000-884 actual test questions.
You want to ace your on-line 000-884 tests i have a outstanding and easy way of this and that is killexams.com and its 000-884 test examples papers which is probably a real photograph of final test of 000-884 exam test. My percent in very last check is ninety five%. killexams.com is a product for those who continually want to transport on of their life and want to perform a little factor extra everyday. 000-884 trial test has the capacity to enhance your self warranty degree.
you have 1 new notifications
Malaysia's video game plan: enhancing human lives during the power of tech. study more >>>
in the company of improving other businesses: Malaysia’s video game-changers in the B2B spectrum. read more here >>>
Pitch your solution to the proper! be part of TOP100 APAC 2019 pitching competitors and step onto the regional spotlight!
keen on showcasing your business to fifteen,000 members of the APAC tech ecosystem? Be an exhibitor at Echelon Asia Summit 2019! find out how >>>
study new and imaginative concepts on the ecosystem of housing. Register for Housing of the longer term task Day Singapore. >>>
Radiant good judgment’s pioneering RadiantOne virtualization platform seamlessly integrates identities from across the IBM stack to modernize and lengthen IBM safety access supervisor (ISAM) and IBM Tivoli listing Server (TDS) deployments. As an IBM licensed partner, Radiant good judgment should be highlighting this tightly-integrated relationship at theIBM think conference at the Moscone middle in San Francisco from February 12-15. consult with sales space #128 to find out how the RadiantOne federated identity and listing service (FID) offers standard integration help during the most crucial enterprise initiatives, together with adding new populations, deploying new purposes, and securing access to cloud functions.
RadiantOne customers are Fortune 1000 businesses with complicated identification infrastructures which have grown over time. via mergers and acquisitions, these companies regularly emerge as with an assortment of identification sources, including LDAP, ad, SQL, and web carrier APIs, along with loads of consuming functions, every with its personal particular requirement for id illustration. RadiantOne FID integrates and virtualizes this information from IBM TDS, IBM RACF, and a bunch of different id sources, exposing them as a contemporary API to drinking applications. This creates a world checklist of clients where every person is represented once—enabling faster authentication, plus smarter authorization through attribute-wealthy international profiles.
In 2018, RadiantOne turned into named an authorized associate to be used with IBM’s protection entry management solution (ISAM). in line with Eric Ross, vp of Alliances at Radiant good judgment, “We’ve seen a few shared valued clientele derive huge price from deploying RadiantOne along with ISAM. As part of the already-certified RadiantOne federated identification platform, RadiantOne’s HDAP directory allows for their shared valued clientele to scale to a whole bunch of tens of millions of users and queries, which is simple for the large businesses they serve.”
powerful identification Integration Extends the Usability of ISAM
The RadiantOne federated id and directory provider permits big groups to leverage current legacy investments and repurpose them for current IAM tasks. via virtualization, RadiantOne extracts and integrates identities from disparate identity sources—together with mainframes—and presents it as one supply to the ISAM portal, enabling businesses to respond extra right away to new needs from the enterprise side.
“for many businesses, ISAM has been at the coronary heart of their entry management infrastructure—however now and again enterprise strikes quicker than the infrastructure can accommodate,” mentioned Dieter Schuller, vice president of business building at Radiant logic. “The RadiantOne platform shields ISAM portals from the complexity of the identity backends. in its place of ripping and replacing, RadiantOne enables Fortune a thousand corporations to leverage their present sources and take competencies of the evolving features and performance of ISAM—including guide for web, cellular, IoT, and cloud know-how entry—while heading off months of custom coding.”
be part of the Radiant good judgment group on the Moscone core, February 12-15
Drop through booth #128 to be trained greater in regards to the RadiantOne platform and how it helps businesses to speed deployment of latest functions, clients, and acquisitions, and makes it possible for a hybrid cloud method into Azure advert or Amazon internet functions.
About Radiant common sense
as the market-main company of federated id techniques in response to virtualization, Radiant logic can provide basic, specifications-based mostly entry to all identity within an organization. The RadiantOne FID federated identification and listing carrier permits customizable identity views built from disparate facts silos—together with scalable sync and storage—to force important authentication, authorization, and provisioning choices for WAM, federation, cloud, and cloud listing deployments. Many Fortune 1000 businesses count on RadiantOne FID to deliver quick ROI by decreasing administrative effort, simplifying integration and storage, and building a flexible infrastructure to fulfill altering business demands. For extra counsel, consult with www.radiantlogic.com
View source edition on businesswire.com: https://www.businesswire.com/information/home/20190205005278/en/
supply: Radiant common sense"> <Property FormalName="PrimaryTwitterHandle" value="@RadiantLogic
Heather MacKenziehmackenzie@radiantlogic.com(415) 761-8430
Copyright company Wire 2019
consumers say IBM's identification and entry management utility can examine the credentials of hundreds of clients without breaking a sweat—though some add that installation Tivoli identification supervisor left them sopping wet with perspiration.
United Parcel service all started deploying identity supervisor on the conclusion of 2002, as a way to automatically distribute tips about which techniques every of its 350,000 employees is allowed to access. Paul Abels, supervisor of safety policy and method at UPS, says getting the device into construction required extra work than the company predicted. "it be not a trivial issue to herald," he says. "A product like this takes a significant effort to put in force and integrate."View the PDF -- turn off pop-up blockers!
The main challenge for UPS: setting up the necessary identity manager brokers on lots of of servers, dispensed around the world, on plenty of working methods, together with windows, three styles of Unix and IBM's OS/400.
In 2002, the State of Michigan additionally struggled to roll out id manager. Girish Salpekar, manager of technical support within the state's counsel-know-how department, says the product requires a number of accessories, together with IBM's directory server, WebSphere application server and DB2 database, each a posh piece of software in its personal right. After a few weeks with out success, Salpekar's community enlisted IBM global features to conclude the job. "We couldn't have accomplished it ourselves," he says. "We told IBM they deserve to make it more convenient to install."
IBM says it's labored to enrich id supervisor, which it acquired with the acquisition of privately held Access360 in September 2002. The installing technique "is not as clear as we'd find it irresistible to be today," says Joe Anthony, software director for built-in identification management at IBM.
once installed, each identity manager and entry manager have been extremely good, says Jaime Sguerra, chief architect at Guardian life insurance company of the united states: "We feel very comfy with the safety and performance of the items."
nonetheless, huge Blue has somewhat of labor to do, Sguerra says. For one component, customizing the "regularly occurring" interface of id supervisor requires some further net programming. "it's now not a showstopper," he says. "it be a 'satisfactory-to-have' characteristic." Anthony says IBM is considering the fact that including the capacity to alter pages directly within identity supervisor in future releases.
IBMNew Orchard Rd.,Armonk, new york 10504(914) 499-1900www.tivoli.comTicker: IBM (NYSE)employees: 319,273
Al ZollarGeneral supervisor, TivoliNamed head of Tivoli utility community in July 2004. previously well-known manager of IBM's iSeries server line and its Lotus collaborative utility neighborhood. He joined IBM in 1977 as a programs engineer trainee.
Arvind KrishnaVP, Provisioning and safety building, TivoliResponsible for setting the technical approach for IBM's safety and identity management items. up to now turned into director of internet infrastructure and computing utilities research at IBM's Thomas J. Watson analysis core.
ProductsTivoli entry manager allows for handiest authorized clients to access net purposes, server working methods or middleware. Tivoli identity supervisor stores tips about person entry rights and distributes it to handle features (akin to access supervisor); the application also allows users to reset their personal passwords.
Blue cross and Blue safeguard of MinnesotaDané SmileyDir., business security(651) 662-8000Project: fitness-insurance carrier retailers tips on its 4,500 personnel in identity supervisor.
Knights of ColumbusGeorge DobbsChief Architectgeorge.email@example.comProject: Fraternal society and insurance carrier makes use of entry supervisor to give authentication for its portal, according to IBM WebSphere, for 1,four hundred brokers.
State of MichiganGirish SalpekarMgr., Technical Supportsalpekar@michigan.govProject: The Michigan infant Immunization Registry gives access to twenty separate functions with a single sign-on through entry manager.
Guardian life InsuranceJaime SguerraChief Architectjaime_e_sguerra@glic.comProject: entry supervisor and identity manager give protection to the coverage enterprise's intranet, accessed by means of 5,000 employees, and a portal for consumers to determine claims and different information.
WhirlpoolMichael R. MurphySenior Technical Analystmichael_r_murphy@whirlpool.comProject: domestic home equipment maker outlets suggestions on 30,000 employees in id supervisor.
United Parcel ServicePaul AbelsMgr., security policy and strategy(201) 828-3602Project: package-start company makes use of id manager to give a single point to manage entry rights for 350,000 personnel.
Executives listed listed below are all users of IBM's products. Their willingness to speak has been validated by means of Baseline.2004 2003 2002 salary $ninety six.50B $89.13B $eighty one.19B Gross margin 37.three% 37.0% 37.three% working income $12.03B $10.87B $7.52B web profits $8.43B $7.58B $three.58B internet margin 8.7% 8.5% 4.4% earnings per share $4.ninety three $four.32 $2.06 R&D expenditure $5.67B $5.08B $4.75B
* Fiscal year ends Dec. 31Source: business reviews
total property - $109.18BStockholders' equity - $29.75BCash and equivalents‡ - $10.57BLong-term debt - $14.83BShares striking - 1.69BMarket value, 1/31 - $154.63B
** As of dec. 31, 2004, except as referred to‡ comprises short-time period investments
While it is very hard task to choose reliable certification questions / answers resources with respect to review, reputation and validity because people get ripoff due to choosing wrong service. Killexams.com make it sure to serve its clients best to its resources with respect to exam dumps update and validity. Most of other's ripoff report complaint clients come to us for the brain dumps and pass their exams happily and easily. They never compromise on their review, reputation and quality because killexams review, killexams reputation and killexams client confidence is important to us. Specially they take care of killexams.com review, killexams.com reputation, killexams.com ripoff report complaint, killexams.com trust, killexams.com validity, killexams.com report and killexams.com scam. If you see any false report posted by their competitors with the name killexams ripoff report complaint internet, killexams.com ripoff report, killexams.com scam, killexams.com complaint or something like this, just keep in mind that there are always bad people damaging reputation of good services due to their benefits. There are thousands of satisfied customers that pass their exams using killexams.com brain dumps, killexams PDF questions, killexams practice questions, killexams exam simulator. Visit Killexams.com, their sample questions and sample brain dumps, their exam simulator and you will definitely know that killexams.com is the best brain dumps site.
1Z0-042 test questions | 000-646 braindumps | 9A0-150 braindumps | JK0-U31 brain dumps | 000-799 real questions | 000-Z03 real questions | 000-908 VCE | 920-180 exam questions | NET study guide | HAT-450 Practice test | HP0-M49 free pdf | C2140-839 dump | 920-165 dumps questions | 000-N40 real questions | 1Z0-465 braindumps | 650-369 pdf download | 000-S32 examcollection | 4A0-105 practice test | 9A0-701 practice questions | 70-342 cram |
Simply remember these 000-884 questions before you go for test.
killexams.com exam braindumps offers all of you that you need to take certification exam. Their IBM 000-884 Exam will provide you with exam questions with confirmed answers that replicate the real exam. They at killexams.com are made plans to empower you to pass your 000-884 exam with excessive ratings.
The sole issue that's in any means necessary here is passing the 000-884 - IBM Tivoli Identity Manager Express V4.6 Specialist test. All that you just need will be a high score of IBM 000-884 exam. The simply one issue you have got to try to is downloading braindumps of 000-884 exam homework directs currently. they are not letting you down as they already guaranteed the success. The specialists likewise keep step with the foremost up and returning test thus on provide the larger part of updated dumps. 3 Months free access to possess the capability to them through the date of purchase. every one will bear the price of the 000-884 exam dumps through killexams.com at an occasional value. often there's a markdown for anybody all. We have Tested and Approved 000-884 Exams. killexams.com provides the foremost correct and latest IT braindumps which nearly contain all information points. With the help of their 000-884 study dumps, you dont have to be compelled to waste some time on reading bulk of reference books and simply have to be compelled to pay 10-20 hours to master their 000-884 real Questions and Answers. and that they offer you with PDF Version test Questions and Answers. For Exam Simulator Version dumps, Its offered to relinquish the candidates simulate the IBM 000-884 exam in an exceedingly real atmosphere. killexams.com Discount Coupons and Promo Codes are as under; WC2017 : 60% Discount Coupon for all exams on website PROF17 : 10% Discount Coupon for Orders larger than $69 DEAL17 : 15% Discount Coupon for Orders larger than $99 SEPSPECIAL : 10% Special Discount Coupon for All Orders Click http://killexams.com/pass4sure/exam-detail/000-884
The first-class approach to get accomplishment inside the IBM 000-884 exam is that you have to gather solid braindumps. They guarantee that killexams.com is the most extreme direct pathway toward affirming IBM IBM Tivoli Identity Manager Express V4.6 Specialist exam. You might be certain with full actuality. You can see free questions at killexams.com sooner than you purchase the 000-884 exam contraptions. Their brain dumps are in various decision the same As the actual exam format. The questions and answers made through the certified experts. They think of the delight in of stepping through the actual exam. 100% guarantee to pass the 000-884 actual check.
killexams.com IBM Certification examine distributions are setup by utilizing IT authorities. Clusters of understudies have been whimpering that too much several questions in such colossal quantities of tutoring tests and study helpers, and they're of late exhausted to control the expense of any additional. Seeing killexams.com pros practice session this colossal shape while still certification that all the data is anchored after significant examinations and exam. Everything is to make relief for rivalry on their road to certification.
We have Tested and Approved 000-884 Exams. killexams.com offers the correct and latest IT exam materials which for all intents and purposes involve all data centers. With the guide of their 000-884 brain dumps, you don't ought to waste your plausibility on scrutinizing real piece of reference books and essentially need to consume 10-20 hours to expert their 000-884 actual questions and answers. Additionally, they supply you with PDF Version and Software Version exam questions and answers. For Software Version materials, Its introduced to give indistinguishable experience from the IBM 000-884 exam in a real environment.
We supply free updates. Inside authenticity term, if 000-884 brain dumps that you have purchased updated, they will imply you by electronic mail to down load most current model of . if you don't pass your IBM IBM Tivoli Identity Manager Express V4.6 Specialist exam, They will give you finish discount. You need to send the verified propagation of your 000-884 exam record card to us. Resulting to keeping up, they can quickly think of FULL REFUND.
In the occasion which you prepare for the IBM 000-884 exam utilizing their testing programming program. It is whatever anyway intense to be triumphant for all certifications inside the most essential endeavor. You don't need to deal with all dumps or any free deluge/rapidshare all stuff. They give free demo of every IT Certification Dumps. You can view the interface, question superb and solace of their training evaluations sooner than you purchase.
killexams.com Huge Discount Coupons and Promo Codes are as under;
WC2017: 60% Discount Coupon for all exams on website
PROF17: 10% Discount Coupon for Orders greater than $69
DEAL17: 15% Discount Coupon for Orders greater than $99
DECSPECIAL: 10% Special Discount Coupon for All Orders
000-884 | 000-884 | 000-884 | 000-884 | 000-884 | 000-884
Killexams C2090-461 dumps | Killexams 1Z0-418 questions and answers | Killexams C2050-724 braindumps | Killexams HP0-M14 Practice Test | Killexams BE-100W Practice test | Killexams C9510-317 free pdf | Killexams 00M-651 sample test | Killexams 920-503 brain dumps | Killexams P2050-007 test questions | Killexams 920-464 dump | Killexams 1Z0-041 exam prep | Killexams 200-601 exam prep | Killexams C2180-608 cram | Killexams 156-815-71 braindumps | Killexams 1Z0-429 free pdf download | Killexams EE0-071 practice questions | Killexams HP2-K24 real questions | Killexams 156-515-65 VCE | Killexams 000-M72 free pdf | Killexams HP2-K37 braindumps |
Killexams EE2-181 cram | Killexams CCD-410 test prep | Killexams 1Z0-108 Practice test | Killexams 050-SEPRODLP-01 examcollection | Killexams LOT-406 practice exam | Killexams 9L0-313 brain dumps | Killexams VCPVCD510 dump | Killexams ST0-086 questions and answers | Killexams VCS-276 study guide | Killexams 156-510 dumps questions | Killexams ICGB practice questions | Killexams 300-165 test prep | Killexams 70-356 free pdf download | Killexams 700-260 real questions | Killexams 4A0-104 Practice Test | Killexams P5050-031 bootcamp | Killexams P2050-028 questions answers | Killexams HP0-281 real questions | Killexams HP2-Z29 VCE | Killexams 000-428 test questions |
The cash-less banking initiative created by the Central Bank of Nigeria (CBN) to reduce transaction and currency management costs is threatened by fraud and inefficient technology deployed in banks. The policy, billed for national roll-out on July 1, faces severe backlashes from bank customers, reports COLLINS NWEZE
Nothing forewarned Sunday Chukwu, a Mushin, Lagos tyre merchant of the problem he would soon face. That Saturday, a customer bought goods worth N120,000. The customer said he had no cash and requested his account details to transfer the money. He said: “He typed the number on his phone and within few minutes, I got transaction alert from my bank – First City Monument Bank (FCMB). The alert showed that N120, 000 had been credited to my account. So, he took the goods and went away.
“The next working day, which was Monday, I went to the bank to withdraw the money but it was not there. My account officer showed me my last transaction detail, and informed me that the alert on my phone was not from the bank and that it was a fraud. That was how I lost the money and all efforts to trace the fraudster failed.”
Chukwu released the goods because the alert showed his previous account balance and the new deposit by the customer. That, he said, was an indication that the fraudster was collaborating with an insider from the bank. “Up till today, I have not recovered that money,” he told The Nation.
That horrible experience, Chukwu noted, has made him to always insist on taking cash no matter how well he knew the customer. His verdict was that banks are not ready for cash-less banking, which is set for nationwide roll-out on July 1. He said such policies worked in other countries because there is trust and lenders have taken measures to secure their platforms against fraudsters.
But, Head Corporate Communications at FCMB, Louis Ibe, told The Nation that the hitches could have been caused by a network problem. He said such problems exist everywhere, and promised that the lender would find out what happened. The Managing Director, Park and Carry Limited, Ekwueme Emeka, does not use ATMs because of fear of insecurity.
“I don’t use ATMs. I make my transaction through cheques and withdrawal booklets. It is much quicker and less stressful. Poor network quality remains a major issue that reduces my confidence in e-payment. Sometimes, you go there, slot in your card and nothing comes out but your account is debited,” he said.
Chukwu said the July 1 date for nationwide roll-out should be reconsidered because all parties to the project are not ready. That position came after he lost N120, 000 to fraudsters who bought goods from him and decided to pay through mobile money transfer. In spite of all the arguments in its favour, some bank customers are equally not comfortable using ATM.
Mrs. Olatunji Alima, an egg distributor based in Lagos, is one of such customers. Alima said she has been using ATM since 2012, but does not feel safe with it anymore.
“I own a boutique and I am also a sole distributor of eggs. It has been two years now. I don’t feel secure using the device anymore because robbers are attacking ATM subscribers daily at the point of withdrawal. I am always scared of using my ATM cards,” she said. Alima recounted a time when the ATM card simply refused to work.
“There was a time I came to withdraw money to pay off a debt, as I slotted in my card, it refused to neither slip out nor pay me. It was a bad experience. I am always very careful and time conscious every time I am about to make withdrawals from ATM. That is why I do not withdraw in the night. Anytime past 6:00 pm, I don’t get close to the ATM,” she said.
She called for more security on the part of the banks. “I know they are trying their best but they need to do more in terms of security provided for withdrawers and less technical difficulties should be expected,” she advised.
Like Alima, Damilare Oshibajo, a technician, and Jeremiah Amaukwu, an information technology specialist, are also not comfortable using ATM. Oshibajo conceded that though ATM has made banking easier for Nigerians, but regretted that dispensing error is a major challenge. “The other day, I wanted to withdraw N20, 000 from the ATM. The machine debited my account but did not dispense the cash. I was told it will reverse the transaction within 24 hours. It never did until after 21 days,” he said.
Amaukwu said there were several times when his account was debited and the money was not dispensed, a situation he described as worrisome. “It was N10, 000 they took from my account. I did not get it back until two months after,” he said.
A cashier at SMAT Electronics, Computer Village, Lagos, Maureen Onyekachi, told The Nation that poor network in the use of e-payment channels and the 1.25 per cent charge on merchants’ accounts when PoS is used have depleted some of the benefits that come with the system. She said the merchant fee wouldn’t have mattered if the network were to be seamless and trusted by customers. She narrated that on several occasions, customers got debit alerts after paying through PoS, but at the merchant’s end, the transactions were declined. Onyekachi said although such hitches were always resolved between the customers and their banks, they create doubts on the feasibility of achieving a viable e-payment system in the country.
“Remember they pay 1.25 per cent fee for every successful transaction done via PoS, which translates to N125 for every N10,000 transaction or N1,250 for every N100,000 transaction. Still, that wouldn’t have mattered if the networks are working well,” she said.
The CBN launched the Cash-less Nigeria Project in Lagos State, in January 2012 and extended the policy to the Federal Capital Territory (FCT), Abia, Anambra, Ogun, Kano and Rivers States in June 2013. The policy was initiated against the backdrop of cash dominance in the payments system, a development which encouraged the circulation of huge sums of money outside the banking system and imposed huge currency management cost on the economy.
The policy was meant to ensure price stability through effective monetary policy; sound financial system and efficient payments system. It was a critical part of the payment system modernisation, designed to promote the use of Automated Teller Machines (ATMs), Point of Sale (PoS) terminals, web payment, online transfers and even mobile money in banking transactions instead of relying on cash.
CBN Governor Godwin Emefiele, on June 5, removed the three per cent charge on cash deposits above N500, 000 for individuals and N3 million for corporate customers which are the sanction prescribed for defaulters but said the nationwide rollout will hold.
Former CBN Deputy Governor, Operations Tunde Lemo, who oversaw the cashless policy for the first two years after its introduction, admitted that there are challenges with the epayment system but denied that most of the PoS terminals are not working effectively. He said there are challenges about bandwidth of the telecommunications service providers. “We spoke to the service providers on the need to improve bandwidth which they did and they saw improvement in the Lagos area. They have started talking to NICOMSAT, and they did a test-run in Lagos area and they are satisfied about their proposition.
So within the next few weeks, you will notice improvement in connectivity in Lagos area at least,” he said. Lemo said some supermarket attendants sabotage the system and tell customers that the PoS is not working because paying through the machine denies them the access to tips or free left over cash of N20 or N40 from customers.
“In one of their meetings with the merchants, they have told them to building some reward system that will still allow the attendants access to the free change they get from customers even as tips without compromising the standard of service. When they do that, you will discover that these things work,” he said.
Banking security fears
Such concerns over banking security have put wide embrace of e-payment channels in abeyance. A recent survey by Visa International showed that high net worth account holders neither own nor use ATM cards. The study revealed that people that earn below N500, 000 per annum, which form 47 per cent of its respondents, own and are regular users of debit cards, including for online purchases. It showed that the higher people earn, the less they own and use their debit cards. Majority of the rich, it said, think that avoiding debit cards is the best way to stay protected from online frauds.
Data obtained from the CBN result for 2012 showed the bank received and processed 6,274 complaints, via e-mail on various financial crimes, particularly advance fee fraud. There were 4,527 cases of fraud and forgery involving the sum of N14.8 billion and $1.6 million. The CBN also received and investigated four complaints against the commercial banks even as the issues were promptly reported to the law enforcement agencies such as the Economic and Financial Crimes Commission (EFCC) for investigation.
Globally, estimated credit card fraud stood at $11 billion in 2012, making it one of the most significant criminal developments in modern times. Nevertheless, Managing Director, Happy Man Magnificent Ventures Limited, Celestine Enemuo, is of the view that Nigeria’s evolving cashless policy is good, but he puts the blame for the present skepticism over electronic-based payment squarely on the shoulders of banks and the CBN. He noted that these institutions have not been able to create the right awareness for the policy.
He also lamented the inefficiency associated with the implementation of the policy, adding that fraud and theft are the biggest challenge with the policy.
“Sometimes, the ATMs will send you alert saying, transactions not completed, but you will get alert showing that you have been debited. And for you to go to your bank to reclaim your money, it will take you time, energy and resources,” he lamented, adding: “But if they can emulate practices in other countries, it will be good.”
He said most Nigerians were not fully aware of the need to keep their passwords secret, and going nationwide will worsen the problem. “I want the CBN to give more time during which people will be educated, and banks fortify their technology because of challenges that will follow nationwide rollout,” he advised.
Enemuo said customers whose funds were kept by banks because of poor services, should be paid interest on the money. “I prefer online transactions, but for the security challenge. Again, I have requested for PoS machine from my banks for the past one year from Diamond Bank and Zenith Bank and the banks are yet to supply the device. They said I should wait for them to retrieve PoS from customers who secured them, but are not using them,” he said.
He said these hitches should prompt the CBN to extend the nationwide rollout by one year and monitor banks’ preparatory moves. For him, the real victims of the policy were bank consumers.
How safe are ATMs?
According to experts, Nigerian banks are using an outdated Microsoft Windows operating system, which is vulnerable to hacking, for their operations. This is partly responsible for the frauds associated with their operations. Microsoft Nigeria said 95 per cent of all ATMs which run on Windows XP operating system are vulnerable to hacking. General Manager Microsoft Nigeria, Kabelo Makwane said machines that run on outdated operating systems do not receive security updates are the easiest to hack.
He added that non-migration to the Windows 8 can open the banks up for potential security vulnerability and threats. He said Microsoft stopped issuing security patches and updates for bugs in the Windows XP system from the 8th. The chairman of the Committee of e-Banking Industry Heads (CeBIH), Chuks Iku, said banks were discussing with Microsoft Nigeria to extend security features in Microsoft XP on ATMs. This followed the expiration of the April 8 deadline set by Microsoft for users of Windows XP to migrate to Windows 8 Operating System (OS).
The National Drug Law Enforcement Agency (NDLEA) had in February, arrested a man with 107 ATM cards at the Murtala Mohammed International Airport in Lagos. The ATM cards were discovered in the man’s luggage during the outward screening of passengers travelling to Istanbul, Turkey aboard Turkish Airlines. It was discovered that the man also had two international passports bearing photographs of him, but with different names.
“He had a Nigerian passport with the name Funsho Oladimeji Babatunde and a Turkish passport with the name Kosar Kursat, both bearing his photographs. The cards found in his luggage are 68 Citi MasterCard cards and 39 Citi Visa cards,” The NDLEA Airport Commander, Mr. Hamza Umar, said. The agency said the cards were believed to be used for fraudulent purposes, since he was not an authorized agent.
Also, last year, the EFCC arrested two undergraduates for an alleged N2.05 billion fraud at an old generation bank. They allegedly used Oracle’s ‘flexicube’ software to access a bank’s database and fraudulently transferred various sums of money. Chief Executive Officer, Forenovate Technologies Ltd, Don Okereke said cybercriminals were using skimming and trapping devices to steal credit/ debit card details of individuals without such persons knowing. He said there have also been several cases of online account takeover, where an unauthorised party gains access to an existing account by stealing the access codes and conducting illegal funds transfer to a designated account.
“In today’s increasingly connected world, convenience, speed, technology adoption, and payment options allow people and businesses to conduct online financial activities with ease. Fraudsters are taking advantage of this trend, fleecing customers of their funds. “A leading bank has been bragging of its capacity to open instant bank accounts via Facebook. I advise banks not to sacrifice security and safety of their customers for speed,” he said.
Okereke said a large number of bank customers are illiterates who are yet to be accustomed to the dictates of cashless banking and all the issues associated with it. He said many of these customers lost confidence in their banks after many reported cases of people losing their money to fraudsters. “There is also another category of discerning, security conscious Nigerians who are abreast with the weaknesses inherent in cashless banking. For instance, I am yet to download any of my banks mobile banking Apps because of security concerns,” he said.
The General Manager, IBM Africa, Taiwo Otiti, said these happenings led Visa International and other global payment firms to increase sophistication of technology deployed in Nigeria. He said during an interview at the IBM headquarters in Lagos: “The standard for Visa in Nigeria is the strictest in the whole payment system worldwide. The Visa stipulated a very, very high standard for Nigeria.
“We have seen syndicates work with internal staff of banks to transfer funds to fraudulent accounts. The easiest way is to get a normal card, open an account and get someone internally to transfer funds into the account. The funds are withdrawn mainly through the ATMs.”
Otiti explained that in other cases, online fraudsters could compromise a customer’s account by cunningly demanding his token. “They can send you a mail asking you to generate a token, and you would be unwise to oblige them. Remember, each time you generate a token, the system in the bank waits for further instruction that would come either from the fraudster, or from you,” he said.
The Chief Executive Officer, New Horizons Nigeria, an IT-security and business solutions company, Tim Akano, said these happenings showed that banks are still vulnerable to hacking, nearly two years after migrating to chip-and-pin technology from magnetic stripe cards. He said banks remain in very delicate condition, with high possibility of losing huge sums to fraudsters, especially through the collusion of insiders. Akano said it is the duty of banks and global payment companies to ensure data security and protect cardholders from fraud, while achieving electronic payments that are safe, simple and secure.
Aware of these dangers, the CBN has decided to set up a five-year Information Technology (IT) Standards for banks. CBN’s Director, Information Technology, John Ayoh, said the exercise would help banks identify and adopt global IT standards that address industry problems. He said banks were expected to implement the plan on continuous basis and in accordance with set timelines.
CBN’s Director, Banking Payment and Systems Dipo Fatokun said the introduction of chip-and-pin payment cards have led to drastic drop in ATM card fraud. He said the CBN and other relevant institutions have been able to reduce card frauds considerably by instituting ATM Fraud Prevention Group and the Nigeria Electronic Fraud Forum (NeFF). The groups are to enable banks to collaboratively share data on fraud attempts and proactively tackle them to reduce losses.
According to Fatokun, the CBN, instructed banks to set and implement mandatory daily limits for ATM cash withdrawal, while other related transactions, including PoS and web purchases should be subjected to stringent limit as agreed and documented between the banks and customers. He said it was the responsibility of the banks to ensure that a trigger was automatically initiated when limits were exceeded.
CBN’s Deputy Director, Banking Supervision Ibedu Onyebuchi said banks have to wake up to the realities of cyber fraud and boost their IT formations in a way that hackers would not be able to penetrate, and when they do, their acts would be easily tracked and checked. Onyebuchi said banks have to improve on their IT, ensuring that they were not just rolling out e-payment products and channels, but also protecting their customers who use such platforms. “We cannot continue to roll out echannels without securing them. Transactions have moved from the banking halls to the e-channels. Therefore, they must control all aspects of these channels, both internally and externally,” he advised.
He said by strengthening IT in banks, management would be sure that depositors’ funds were secured and the customers too would be confident that their deposits and online transactions were protected. Phillips Oduoza, Group Managing Director, UBA Plc, says any serious banking institution that wants to succeed in this digital age cannot afford to ignore information security as any major compromise of bank’s system and network has potentials for colossal damage. He says no amount spent on banking security is too much, given the dangerous consequence of inaction.
Biometric Project Manager at NIBSS, Oluseyi Adenmosun, said the introduction of Bank Verification Number (BVN) by the CBN was to frustrate fraudsters. He said the project, which is part of the $50 million biometric contract awarded to Dermalog, a German-based IT firm, would make it extremely difficult for the fraud perpetrators to succeed. “It will not completely eliminate fraud, but it will cut it to the barest minimum,” he said.
What global payment companies have to say
Visa Country Manager in West Africa Ade Ashaye said the firm invests heavily in advanced fraud fighting technologies and continues to develop and deploy new and innovative programmes to mitigate fraud and protect cardholders. Ashaye said in an interview with The Nation that the global payment firm’s efforts have helped keep fraud rates steady near historic lows, enabling account holders to use Visa with confidence. “In fact, with technological innovations and advances in risk management, global fraud rates have declined by more than two-thirds in the past two decades. VisaNet has an enhanced ability to identify fraud on individual accounts and coordinated attacks on multiple accounts across the system, enabling issuers to stop potential fraud at checkout, before it occurs,” he said.
He said the firm’s advanced authorisation tool analyses and scores in real-time, every transaction for fraud potential. Risk scores are based on a global view of fraud and spending patterns across the entire network providing an analysis of fraud trends.
“In less than one second of processing, the Visa network can analyse transactions and provide risk scores accurately. This speed and clarity help issuers prevent fraud from occurring in the first place, rather than just reacting to fraud after it occurs,” he said. Also, Visa, MasterCard and American Express have proposed using “digital tokens” instead of account numbers for processing purchases made online and with mobile devices. Tokens provide an additional layer of security and eliminate the need for merchants, digital wallet operators or others to store account numbers.
Interswitch, owners of Verve card, explained that as a second layer of defence, it has also introduced Scorebridge, a fraud management system that enables Electronic Financial Transaction (EFT) messages to be processed through predefined Artificial Intelligence. This helps determine the transaction’s risk and probability of a fraud. Visa remains biggest payment network, with $4.4 trillion in purchases and 74.4 billion transactions in 2013. It, however, lacks direct hooks to consumers as it has to work through banks. MasterCard recorded $3 trillion in purchases on 45.5 billion transactions.
The Nigeria Interbank Settlement System (NIBSS), collaborating with banks, is working out modalities that will ensure that customers that use their e-payment cards to pay for goods and services on PoS terminals and web platforms get cash refund of 50 kobo for every N100 spent. Iku, who disclosed this, said lenders are serious about the offer, as they look at more ways of rewarding users of e-channels like PoS, Automated Teller Machines (ATMs) or even web payments. The removal of N100 ATM fee on other bank’s machines was also meant to encourage more people to embrace e-channels.
But after these carrots, also comes the stick. In most banks, withdrawing less than N100, 000 across the counter now attracts a surcharge. Customers are expected to use ATMs or make direct online transfer into beneficiaries’ accounts. Iku said despite these approaches, majority of bank customers still prefer cash transactions, mainly because of fear of losing their money in what they see as unsecured platforms.
Vice President, IBM Tivoli Storage, Software Group, Steve Wojtowecz advised banks to adopt efficient and quality banking software despite their high cost to effectively fight fraudsters.
Wojtowecz who spoke at the Edge 2014 conference organized by IBM in United States said that banks should ensure that people responsible for data security are highly efficient to achieve maximum protection.
He said the cost for acquiring software will be upset in a matter of months from efficiency and security benefits. He advised banks to acquire several layers of data security and authentication so that should one layer fail, the other can sustain their operations. “There are many mechanisms a bank can implement to limit fraud, including having several layers of data security and authentication, because preventing fraud is very difficult. Limiting fraud is the best case option at the moment,” Wojtowecz said.
Chief Executive Officer, Primex Background Check Limited, Frank Oyorhigho said most bank fraud takes place with internal connivance. “It is the rat inside that tells the rat outside that there is food in the house” he said proverbially.
He advised banks to ensure that they know their prospective employees beyond the qualifications and abilities. Banks, he said, are also expected to check in-between the lines, their attitudes, pedigree, integrity and where have worked before. “Having enough information about such employee like knowing the guarantor, village among others also serve as a serves as a check. It will check the employer. There are some people who cannot work in a particular industry because of their previous activities. They have been blacklisted,” he said.
Oyorhigho said a situation where the prospective employee is the one that takes the reference letter to the referee is not right because the report will be subjective. He said independent background check brings objective report but regretted that over 80 per cent of the banks do not employ independent verifiers to do the background checks for prospective employees. “Banks do not have the time, and also do not want to spend money conducting accurate background checks, and this is affecting fight against fraud,” he said.
Also, CBN Director, Banking Supervision, Mrs. Tokunbo Martins had in a letter to banks and discount houses titled: “The Need for the CBN Prior Clearance of Prospective Employees of Banks’ directed the lenders to always obtain its written approval before employment. The order was meant to prevent recycling of workers that had been indicted, terminated or dismissed for fraud and other acts of dishonesty within the industry.
Speaking at the 2014 Committee of Chief Compliance Officers of Banks in Nigeria (CCCOBIN) held in Lagos, CBN Deputy Governor, Financial System Stability Adebayo Adelabu said Nigeria has adequate legal and regulatory measures that should address breaches to the Know Your Customer (KYC), Customer Due Diligence (CDD) and Enhanced Customer Due Diligence (EDD) provisions.
“It is the application of these KYC provisions that are meant to reveal illegitimate sources of funds and trigger investigation by relevant stakeholders that matters. Like in many developing countries, compliance has been a major regulatory challenge in Nigeria,” he said. Adelabu said the 2013 Global Fraud Report showed Africa has the largest fraud cases. Among other regions surveyed, Sub-Saharan Africa scored 77 per cent as the zone with the most prevalent fraud problems.
For physical assets thefts, it scored 47; corruption, 30 per cent; regulatory or compliance breaches, 22 per cent; internal financial frauds, 27 per cent and misappropriation of organisational funds, 17 per cent. It also showed that 2.4 per cent of the regions revenues are lost to fraud. He disclosed that Global Economic Crime Survey 2014 by PWC Global showed that fraud, identity and password infringement and accounting fraud have damaged the reputation and integrity of financial institutions and also discouraged honest investors. “These practices have caused loss of jobs, loss of retirement benefits, untimely death and closure of businesses. They continue to affect the stability of financial institutions as well as economic growth of the country,” he said.
Adelabu said the practice of placing high value on the accumulation of wealth without regard to its source, continuous advancement in technology without commensurate emphasis on capacity building; inadequate laws or poor implementation of legal/regulatory provisions and insatiable appetite for wealth among others are fueling fraud, poor staff recruitment processes and weak internal controls are also to blame for rising cases of fraud.
Programme Director, Nigeria Leadership Initiative (NLI) Anthony Ubani said the solution to the e-payment crisis is that people in charge of processes should be rooted in values. That way, he said, it will be difficult for them to compromise the system. “In a society where morals and values have broken down, there is nothing that will work, be it technology or policies because it is the people that will execute them. If you bring someone that lacks values to execute a laudable policy, he will compromise the entire process. Nigeria’s problems have not been lack of ideas or policies, or programmes or plans, but lack of value-based leaders,” he said.
IBM is cultivating increasingly specialized software resellers as part of a broader effort to grow its software business.
The company in January began rolling out its IBM Software Value Plus program, which requires partners to certify themselves in order to sell products in IBM's "authorized portfolio."
Those authorized products include IBM Tivoli Identity Manager, WebSphere Process Server and DB2. The latest addition to the program, announced last month, encourages resellers to pursue authorizations within industry segments and in the IT security space. For partners that meet the criteria, IBM provides sales leads and education in areas such as cloud computing.
The new certification and authorization track gives partners a degree of differentiation in the market, according to industry executives. But it may also serve to weed out resellers unwilling or unable to make the investment in product and industry expertise.
Certifications as investments in channel partnerships
Top partners tend to welcome IBM's steeper channel requirements, said Darren Bibby, program director, IDC Software Channels Research.
"They feel it raises the bar," he said. "It's the kind of investment they would make anyway and it gives them an additional badge or stamp they can show to their customers."
Indeed, some partners' plans are converging with IBM's channel effort. Avnet Technology Solutions has found that its vertical market plans mesh well with IBM's industry thrust.
Fred Cuen, general manager and senior vice president, Avnet Technology Solutions, Americas, IBM Solutions group, cited his company's SolutionsPath program, which helps partners specialize in certain markets. Programs in government and healthcare have been around for a few years. The distributor in October launched three more verticals: banking, retail and energy.
"We're working with IBM on a very specific initiative focused on these five areas," Cuen said.
That initiative, IBM's Smarter Planet program, aims to tackle tough IT challenges across a range of industries.
Avnet also plans to pursue IBM mastery certification within the five industries it currently targets. Mastery tests are among the requirements for the Software Value Plus program's industry authorization.
Acknowledging vertical partnersSteven Gerhardt, chief executive officer of Ixion LLC, an IBM Premier Business Partner in Houston that focuses on Web content management and portal solutions, noted that his company specializes in such markets as energy and utilities. He said IBM's move to cultivate vertical partners reflects a recognition that IBM software, overall, needs to be more industry oriented. That's particularly the case in the midmarket and below, he added, noting that IBM's direct sales force and distributors tend to be more generalized in those sectors.
"That is where they have been vertically challenged," Gerhardt said.
Roger Finney, director of IBM storage, software and System z at Logicalis Inc., an IT and communications solutions integrator and IBM Premier Business Partner, said IBM's industry specializations make sense, noting that his company also focuses on particular markets.
In general, Finney said he believes Software Value Plus has created a closer calibration between a partner's areas of expertise and the software they provide customers. "Overall, I think it did some of what it was intended to do," he said of IBM's program. "It's created competency alignment between what partners are skilled at and the solutions they are presenting."
Partner identification strategySoftware Value Plus makes for a stronger partner ecosystem, Gerhardt said. But the more stringent requirements have caused some companies to cease carrying IBM's software. A couple of IBM hardware partners have contacted Ixion for partnering opportunities after dropping their IBM software business.
"They have decided not to play in the software space," said Gerhardt. "They don't want to manage that side of the business."
IBM doesn't dispute that it's focusing on its most committed partners these days. The company analyzed its partner base prior to launching Software Value Plus and found that many of the 120,000 companies claiming to be partners used the IBM software brand to open doors but sold customers other vendors' software, noted Sandy Carter, vice president of software business partners and midmarket at IBM. Others sold IBM software but had customer satisfaction issues.
Now, 5,000 software resellers worldwide are approved to sell IBM's authorized portfolio. In addition, 40,000 resellers have been okayed for IBM's open portfolio, which includes the company's Express-branded solutions for midmarket customers. The open portfolio products don't require a lot of training to sell, Carter noted.
Despite the winnowing, Software Value Plus has also brought in new resellers to IBM.
Carter noted that 200 ex-Sun partners have come to IBM's software portfolio. IBM also plans to build a channel for Netezza Corp., a business analytics software company IBM acquired last month. She said Netezza has never had a partner channel before.
And the partners joining IBM, Carter said, now have an opportunity to compete on skill in the authorized ecosystem.
"They ... don't have the bottom feeders and those competing on price," she said.
The bigger IBM partner pictureIBM's partner moves come as the company seeks to expand its software operation. In an investor presentation, IBM said its software business is positioned to deliver 49% of the company's profit in 2015. In 2000, software contributed 25% of IBM's pretax income.
"If you look at ... where they are trying to take their business in 2015, software plays a big part of it," Avnet's Cuen said.
While IBM's partner strategy supports its overall software push, it also lines up with broader economic trends. Steve White, program director, Software Alliances Leadership Council, IDC, said the difficult economy over the past couple of years has compelled vendors like IBM to take stock of the partner base.
"They don't have infinite resources," he said. "All vendors want to focus on the best partners."
John Moore is a Syracuse, N.Y.-based freelance writer, reachable at firstname.lastname@example.org.
Let us know what you think about the story; email Barbara Darrow, Senior News Director at email@example.com, or follow us on twitter.
J2EE Security provides a mechanism called EJBRoles that can be used to provide security for applications running in J2EE-compliant application servers, including WebSphere Application Server. Use of EJBRoles requires that users, or groups of users, be mapped to EJBRoles so that WebSphere can perform security checks when applications are running. It is common to find several WebSphere environments in a large organization. Management of EJBRoles across these environments can become complex and expensive.
IBM's Tivoli Access Manager provides a software component that can be integrated with WebSphere Application Server to provide centralized management of EJBRoles. When WebSphere is configured with this component it relies on Tivoli to determine if access to an EJBRole is allowed. This article describes how Tivoli Access Manager (TAM) for WebSphere Application Server works with WebSphere on distributed platforms. For the purposes of this article, I used WebSphere Application Server v4 with Fix Pack 3, and Tivoli Access Manager v4.1 with no fix packs.
IBM provides a range of solutions within the Tivoli Access Manager family that build to form a comprehensive security management and enforcement environment that extends from Web applications to messaging applications and the operating system platforms on which they run. IBM's WebSphere Application Server (WAS) is a high-performance and scalable transaction engine for dynamic e-business applications. Using WAS coupled with Tivoli Access Manager, customers can finally build tightly integrated, centralized identity management solutions that can protect their J2EE, Web, and legacy resources.
More on EJBRoles and J2EE SecurityBefore describing how TAM for WAS works, it is worth spending a few moments to explain EJBRoles in a little more detail.
An EJBRole typically identifies a logical resource of some sort. Using a bank as an example, different types of employees, such as tellers and managers, have different roles. For instance, a manager may be authorized to withdraw larger amounts of money than a teller. In years past, an application would perhaps hard-code some test to determine if the user running the application was a teller or a manager, or instead look up the user in a table.
EJBRoles allow a Java programmer to use a programmatic or declarative approach to security. For example, a programmer could define two EJBRoles, Teller and Manager, and create two different methods in an EJB, called handleLargeAmounts and handleSmallAmounts.
Declarative SecurityThe developer would specify in the deployment descriptor that users have to be authorized to use the "Manager" EJBRole in order to invoke the "handleLargeAmounts" method, and users have to be authorized to use the "Teller" EJBRole to invoke the "handleSmallAmounts" method. This approach is called declarative security. A servlet can also be protected with an EJBRole, meaning that before an authenticated user can invoke a servlet, the user must be authorized to the EJBRole that protects the servlet.
When a method that has been marked with an EJBRole is invoked, it is up to WebSphere to determine if the user running the application is authorized to that EJBRole.
Programmatic SecurityIn the programmatic approach, some sort of logic test in the code is used to determine if the user running the application is authorized to run a section of the code. This can be done by using the statements isUserInRole (for use in a servlet) and isCallerInRole (for use in an EJB).
When these statements are executed, it is up to WebSphere to check if the authenticated user is authorized to a particular EJBRole. WebSphere returns a value of true or false to the application to indicate the result of the authorization check. To enable this programmatic approach, role names need to be mapped to EJBRoles in the deployment descriptor.
Without Tivoli Access ManagerWhen you are running WebSphere alone, it is up to WebSphere to handle the process of checking if an authenticated user is authorized to an EJBRole. WebSphere does this based on which users and groups have been assigned to the EJBRole. Typically, during deployment of an application WebSphere will detect that there are EJBRoles in the deployment descriptor. It will then give you an opportunity to find the users and groups that are defined, and map them to EJBRoles. It is also possible to specify users in the deployment descriptor at application assembly time.
If you are mapping users and/or groups to EJBRoles during deployment of the application, then you are faced with having to do this each time you deploy a new version of the application. To deploy a new version of the application, you have to remove the current version, which also removes the existing mappings.
With Tivoli Access ManagerWith Tivoli Access Manager configured into WebSphere, the process of checking if a user is authorized to an EJBRole is delegated to TAM. In TAM, objects are defined that represent the EJBRoles. Users and/or groups are then assigned to access control lists (ACLs), which are then attached to EJBRoles objects.
When WebSphere needs to check authorization, it calls TAM, which checks the ACLs and objects to determine if the user has access to the EJBRole.
The Deployment Descriptor Always Wins!The key point with regard to the use of EJBRoles in WebSphere is that they have an effect only if your servlet/ EJB is running as authenticated in WebSphere. The only way a servlet can run as authenticated in WebSphere is if it has been marked as such in the application's deployment descriptor.
In an EAR file containing servlets and EJBs, a web.xml file acts as the deployment descriptor for the servlets, and an ejb-jar.xml file acts as the deployment descriptor for the EJBs. These XML files indicate which EJBRoles are used and whether a servlet runs as authenticated. Listing 1 is a snippet from a web.xml file showing a security constraint for a servlet. The listing shows that for any URL containing "secure/", "BASIC" authentication will be required, and the authenticated user will have to be granted access to the "Employee" EJBRole. Listing 2 is an example of XML from an ejb-jar.xml file showing how a method of an EJB is being protected with an EJBRole. The example shows that the "runAsRoleCEO" method of the "EJBSample" EJB requires the user to be authorized to the "CEO" EJBRole in order to invoke it.
Performing some sort of authentication operation outside of WebSphere, such as in WebSEAL or the TAM plug-in for WebSphere Edge Server, has no effect on WebSphere's determination as to whether a servlet is to run as authenticated.
When WebSphere receives a request to run a servlet, it will check the deployment descriptor to determine if a security constraint is configured. If so, then WebSphere will try to determine if authentication information is present in the HTTP object it has received, and if not, it will send back a response to obtain it.
z/OS WebSphere and J2EE Security Handbook, an IBM Redbook, offers detailed information about how to set security constraints in the deployment descriptors. Although this redbook focuses on WebSphere Application Server on z/OS, the concepts it describes for setting security constraints and J2EE security are the same regardless of what platform WebSphere is running on.
Installation of Tivoli Access ManagerInstallation of TAM is described in IBM Tivoli Access Manager for WebSphere Application Server User's Guide (SC32-1136). Follow the instructions carefully! Be sure to use the manual corresponding to the version of the product you are using. Tivoli manuals can be viewed online at: http://publib.boulder.ibm.com/tividd/td/tdmktlist.html.
Defining EJBRoles in TAMTAM supplies a tool called migrateEAR, which takes an application EAR file as input; for each EJBRole defined in the EAR file it defines an object in TAM, and creates an ACL. However, this should be seen as very much a one-off process. When a new version of the application EAR file is delivered, you probably do not want to use the migrateEAR tool. For example, if the application EAR file now no longer uses a particular EJBRole, that EJBRole is no longer defined in the deployment descriptor and migrateEAR will not detect this. The tool will not remove from TAM an EJBRole that is no longer used.
In a situation in which an organization is planning to use EJBRoles in its applications, a process must be developed through which the application area creating EJBRoles passes on this information to an area responsible for managing TAM resources. The organization would also need to identify which users/groups are to have access to the EJBRoles.
Tivoli Access Manager ObjectsIn Tivoli Access Manager, objects that represent an EJBRole are all anchored off what is called the root object "/", and must start with:
The next part of the object name for an EJBRole object is the EJBRole name itself, for example the object for an EJBRole called "Employee" would be:
When TAM is invoked by WebSphere, the object it constructs to be checked follows this format:
When TAM receives this as the object to check authorization against, it searches from the start of the object tree at "/", looking for the most exact match.
You could simply define an object of this form:
This would be sufficient for a match. Tivoli Access Manager searches down the object tree until it finds the object that most closely matches the received object. When TAM finds this object, it then checks the ACL being "enforced" for this object. The ACL will specify the users or groups that have permission to access this object.
Whether or not to use an in the TAM object depends on whether the EJBRole is to be treated as a common EJBRole across the applications it is defined in. For example, a bank may have two applications, AppA and AppB, deployed into WebSphere, with the "Teller" EJBRole defined in both. In such a situation it would make sense to define an object called /WebAppServer/deployed Resources/Teller rather than define two objects, such as /WebAppServer/deployedResources/ Teller/AppA and /WebAppServer/deployedResources/Teller/ AppB. Using the former approach, the ACLs would each be attached to only one object, as opposed to two.
However, consider another company that is running two applications that have different users in the company, but both define the same EJBRole, "Employee". In order to ensure that only the correct sets of users have access to their respective EJBRoles, you would define two objects:
ACLsACLs can be called anything. The migrateEAR tool creates ACLs with names like _WebAppServer_deployed Resources___ACL. However, there is no need for the ACLs to be of this format. For example, an ACL could be called WAS_EJBRole_Employee.
The WebServer Action GroupWhen configuring Tivoli Access Manager, part of the process is to issue these two TAM commands:
action group create WebAppServer
action create i invoke invoke WebAppServer
When giving a group or user access to an ACL, use this type of command:
acl modify _WebAppServer_deployedResources_AdminRole_admin_ACL set grouppdwas-admin T [WebAppServer ]i
The T[WebAppServer]i command breaks down into:
T Traverse bitWebAppServer Action group namei A permission
The Traverse BitWhen WebSphere invokes Tivoli Access Manager to check if a user has access to an EJBRole, TAM constructs an object and then checks for authorization. For example, to determine if a user has access to the object/WebAppServer/deployed Resources/EJB Role, the authorization engine must traverse from the root object "/" down to the "/WebAppServer/deployedResources/EJBRole" object. If at any point the user isn't allowed to traverse beyond a particular object, then regardless of any other permission on subsequent objects, the user is not allowed access to the object.
The traverse bit part of the permission in the ACL command permits this traversing of the object tree.
The WebAppServer Action GroupThe "[WebAppServer]" part of the permission is the action group. It is a value used to denote that the permissions granted by the ACL are for use only by Tivoli Access Manager. When TAM checks authorization it makes its calls using the WebAppServer action group.
It is possible to define any number of action groups to TAM. For example, you could define an action group called "MyApplication". You then could set up two ACLs and control access to WebSphere and MyApplication resources like this:
acl modify _WebAppServer_deployedResources_Employee_ACLset user z12345 T[WebAppServer]iacl modify _MyApplication_Resources_Widgets_ACLset user z123456 T[MyApplication]i
Both ACLs give the same user access to the "i" permission, but map it to two different action groups. The permissions after the action group (the characters that come after the last "]") are relevant only for those applications using that action.
Other applications could call TAM to check authorization, and use the "MyApplication" identifier. This approach allows TAM to support the setting up of ACLs to control access for many different applications.
The "i" PermissionThe "i" permission is a setting defined in the ACL. Typically, permissions in the ACL correspond to an action. For example, ACLs used in conjunction with the TAM WebSEAL or TAM Edge plug-ins have permissions that correspond to HTTP GET or POST requests.
When TAM does its authorization check, it is asked by WebSphere to check if a user has access to an EJBRole. TAM checks if the user has permission for the "i" action for the WebAppServer action group.
acl modify_WebAppServer_deployedResources_Employee_IBMEBiz_ACLset user citizen T[WebAppServer]i
This Tivoli command grants access to the "Employee" EJBRole to the userid "citizen", because the ACL has the WebAppServer action group defined, and has also been assigned the "i" permission.
Application Name and the TAM ObjectPreviously I discussed how the objects in Tivoli that represent EJBRoles can contain the application name. There is another important consideration here to do with the name that an application is called when it is deployed into WebSphere.
Figure 1 is a view of the WebSphere administration console showing an application, "ITSO", which has been deployed. When this application requires an access check on an EJBRole to be performed by WebSphere, TAM will construct object names that contain the value "ITSO" for checking authorization.
Now suppose they have a new version of the application, and when they deploy it they decide to call it ITSOV2, as shown in Figure 2.
When the ITSO application requires WebSphere to perform an EJBRole authorization check via Tivoli Access Manager, the object name will contain the appName "ITSOV2".
If you have defined TAM objects with an application name of ITSO, then those objects will no longer match the new objects being checked for by TAM. Therefore, if you are going to use the application name as part of the TAM objects, the application - regardless of version - must always be deployed into WebSphere with the same name. If you are not going to use the application name as part of the TAM objects, then you can call the application anything when you deploy it into WebSphere.
Note: During testing to confirm the above, I noticed that after deploying the application again with a new name TAM was still testing for objects using the old application name. After restarting the application server, TAM started using objects with the new application name.
Tivoli Access Manager PropertiesChapter 5 of the IBM Tivoli Access Manager for WebSphere Application Server User's Guide describes how TAM runtime properties can be adjusted by modifying the PDWAS.properties file. Figure 3 shows where this file is located on a Windows system.
On an AIX system it is located in the directory where the Tivoli Access Manager software is installed. Properties that can be adjusted are:1. Limit simultaneous connections2. Enable static role caching3. Define static roles4. Configure dynamic role caching5. Specify logging mechanism type6. Specify logging level7. Specify root object space name8. Specify document type definition directory
Incorrect AuthorizationIf, after setting up Tivoli Access Manager, you find that authorization decisions are not what you had expected, you will need to find out what object and userid TAM is using to check authorization.
Tracing of TAM can be enabled by setting values in the PDWAS.properties file, as mentioned previously. However, that approach requires restarting WebSphere to pick up the change in the PDWAS.properties. An alternative is to use the WebSphere admin facility to set and capture a trace.
In the WebSphere admin facility, select the application server you want to trace activity in, and then select the Trace service. Click on "trace specification" and you will get a display similar to that shown in Figure 4.
TAM now shows up under the Components->com headings. Right-click on "PDWASAuthzManager" and select "All". Click OK, then OK on the Trace service panel, and finally the Apply button.
Run the servlet/EJBs, then go back into the Trace service and dump the trace to a file. You can then view the captured trace to determine which object and userid TAM used for the authorization check. The sample trace shown in Listing 3 shows that the object for which TAM is requesting authorization is:
The userid is "wasadmin" and the EJBRole is "Employee". You can then use this information to check what has been defined in TAM, for example:
SummaryThe Tivoli Access Manager component provides centralized management of EJBRole security in WebSphere. Understanding how EJBRoles are mapped by objects in Tivoli Access Manager is the key to how you will set up Tivoli to manage EJBRoles.
3COM [8 Certification Exam(s) ]
AccessData [1 Certification Exam(s) ]
ACFE [1 Certification Exam(s) ]
ACI [3 Certification Exam(s) ]
Acme-Packet [1 Certification Exam(s) ]
ACSM [4 Certification Exam(s) ]
ACT [1 Certification Exam(s) ]
Admission-Tests [13 Certification Exam(s) ]
ADOBE [93 Certification Exam(s) ]
AFP [1 Certification Exam(s) ]
AICPA [2 Certification Exam(s) ]
AIIM [1 Certification Exam(s) ]
Alcatel-Lucent [13 Certification Exam(s) ]
Alfresco [1 Certification Exam(s) ]
Altiris [3 Certification Exam(s) ]
Amazon [2 Certification Exam(s) ]
American-College [2 Certification Exam(s) ]
Android [4 Certification Exam(s) ]
APA [1 Certification Exam(s) ]
APC [2 Certification Exam(s) ]
APICS [2 Certification Exam(s) ]
Apple [69 Certification Exam(s) ]
AppSense [1 Certification Exam(s) ]
APTUSC [1 Certification Exam(s) ]
Arizona-Education [1 Certification Exam(s) ]
ARM [1 Certification Exam(s) ]
Aruba [6 Certification Exam(s) ]
ASIS [2 Certification Exam(s) ]
ASQ [3 Certification Exam(s) ]
ASTQB [8 Certification Exam(s) ]
Autodesk [2 Certification Exam(s) ]
Avaya [96 Certification Exam(s) ]
AXELOS [1 Certification Exam(s) ]
Axis [1 Certification Exam(s) ]
Banking [1 Certification Exam(s) ]
BEA [5 Certification Exam(s) ]
BICSI [2 Certification Exam(s) ]
BlackBerry [17 Certification Exam(s) ]
BlueCoat [2 Certification Exam(s) ]
Brocade [4 Certification Exam(s) ]
Business-Objects [11 Certification Exam(s) ]
Business-Tests [4 Certification Exam(s) ]
CA-Technologies [21 Certification Exam(s) ]
Certification-Board [10 Certification Exam(s) ]
Certiport [3 Certification Exam(s) ]
CheckPoint [41 Certification Exam(s) ]
CIDQ [1 Certification Exam(s) ]
CIPS [4 Certification Exam(s) ]
Cisco [318 Certification Exam(s) ]
Citrix [48 Certification Exam(s) ]
CIW [18 Certification Exam(s) ]
Cloudera [10 Certification Exam(s) ]
Cognos [19 Certification Exam(s) ]
College-Board [2 Certification Exam(s) ]
CompTIA [76 Certification Exam(s) ]
ComputerAssociates [6 Certification Exam(s) ]
Consultant [2 Certification Exam(s) ]
Counselor [4 Certification Exam(s) ]
CPP-Institue [2 Certification Exam(s) ]
CPP-Institute [1 Certification Exam(s) ]
CSP [1 Certification Exam(s) ]
CWNA [1 Certification Exam(s) ]
CWNP [13 Certification Exam(s) ]
Dassault [2 Certification Exam(s) ]
DELL [9 Certification Exam(s) ]
DMI [1 Certification Exam(s) ]
DRI [1 Certification Exam(s) ]
ECCouncil [21 Certification Exam(s) ]
ECDL [1 Certification Exam(s) ]
EMC [129 Certification Exam(s) ]
Enterasys [13 Certification Exam(s) ]
Ericsson [5 Certification Exam(s) ]
ESPA [1 Certification Exam(s) ]
Esri [2 Certification Exam(s) ]
ExamExpress [15 Certification Exam(s) ]
Exin [40 Certification Exam(s) ]
ExtremeNetworks [3 Certification Exam(s) ]
F5-Networks [20 Certification Exam(s) ]
FCTC [2 Certification Exam(s) ]
Filemaker [9 Certification Exam(s) ]
Financial [36 Certification Exam(s) ]
Food [4 Certification Exam(s) ]
Fortinet [13 Certification Exam(s) ]
Foundry [6 Certification Exam(s) ]
FSMTB [1 Certification Exam(s) ]
Fujitsu [2 Certification Exam(s) ]
GAQM [9 Certification Exam(s) ]
Genesys [4 Certification Exam(s) ]
GIAC [15 Certification Exam(s) ]
Google [4 Certification Exam(s) ]
GuidanceSoftware [2 Certification Exam(s) ]
H3C [1 Certification Exam(s) ]
HDI [9 Certification Exam(s) ]
Healthcare [3 Certification Exam(s) ]
HIPAA [2 Certification Exam(s) ]
Hitachi [30 Certification Exam(s) ]
Hortonworks [4 Certification Exam(s) ]
Hospitality [2 Certification Exam(s) ]
HP [750 Certification Exam(s) ]
HR [4 Certification Exam(s) ]
HRCI [1 Certification Exam(s) ]
Huawei [21 Certification Exam(s) ]
Hyperion [10 Certification Exam(s) ]
IAAP [1 Certification Exam(s) ]
IAHCSMM [1 Certification Exam(s) ]
IBM [1532 Certification Exam(s) ]
IBQH [1 Certification Exam(s) ]
ICAI [1 Certification Exam(s) ]
ICDL [6 Certification Exam(s) ]
IEEE [1 Certification Exam(s) ]
IELTS [1 Certification Exam(s) ]
IFPUG [1 Certification Exam(s) ]
IIA [3 Certification Exam(s) ]
IIBA [2 Certification Exam(s) ]
IISFA [1 Certification Exam(s) ]
Intel [2 Certification Exam(s) ]
IQN [1 Certification Exam(s) ]
IRS [1 Certification Exam(s) ]
ISA [1 Certification Exam(s) ]
ISACA [4 Certification Exam(s) ]
ISC2 [6 Certification Exam(s) ]
ISEB [24 Certification Exam(s) ]
Isilon [4 Certification Exam(s) ]
ISM [6 Certification Exam(s) ]
iSQI [7 Certification Exam(s) ]
ITEC [1 Certification Exam(s) ]
Juniper [64 Certification Exam(s) ]
LEED [1 Certification Exam(s) ]
Legato [5 Certification Exam(s) ]
Liferay [1 Certification Exam(s) ]
Logical-Operations [1 Certification Exam(s) ]
Lotus [66 Certification Exam(s) ]
LPI [24 Certification Exam(s) ]
LSI [3 Certification Exam(s) ]
Magento [3 Certification Exam(s) ]
Maintenance [2 Certification Exam(s) ]
McAfee [8 Certification Exam(s) ]
McData [3 Certification Exam(s) ]
Medical [69 Certification Exam(s) ]
Microsoft [374 Certification Exam(s) ]
Mile2 [3 Certification Exam(s) ]
Military [1 Certification Exam(s) ]
Misc [1 Certification Exam(s) ]
Motorola [7 Certification Exam(s) ]
mySQL [4 Certification Exam(s) ]
NBSTSA [1 Certification Exam(s) ]
NCEES [2 Certification Exam(s) ]
NCIDQ [1 Certification Exam(s) ]
NCLEX [2 Certification Exam(s) ]
Network-General [12 Certification Exam(s) ]
NetworkAppliance [39 Certification Exam(s) ]
NI [1 Certification Exam(s) ]
NIELIT [1 Certification Exam(s) ]
Nokia [6 Certification Exam(s) ]
Nortel [130 Certification Exam(s) ]
Novell [37 Certification Exam(s) ]
OMG [10 Certification Exam(s) ]
Oracle [279 Certification Exam(s) ]
P&C [2 Certification Exam(s) ]
Palo-Alto [4 Certification Exam(s) ]
PARCC [1 Certification Exam(s) ]
PayPal [1 Certification Exam(s) ]
Pegasystems [12 Certification Exam(s) ]
PEOPLECERT [4 Certification Exam(s) ]
PMI [15 Certification Exam(s) ]
Polycom [2 Certification Exam(s) ]
PostgreSQL-CE [1 Certification Exam(s) ]
Prince2 [6 Certification Exam(s) ]
PRMIA [1 Certification Exam(s) ]
PsychCorp [1 Certification Exam(s) ]
PTCB [2 Certification Exam(s) ]
QAI [1 Certification Exam(s) ]
QlikView [1 Certification Exam(s) ]
Quality-Assurance [7 Certification Exam(s) ]
RACC [1 Certification Exam(s) ]
Real-Estate [1 Certification Exam(s) ]
RedHat [8 Certification Exam(s) ]
RES [5 Certification Exam(s) ]
Riverbed [8 Certification Exam(s) ]
RSA [15 Certification Exam(s) ]
Sair [8 Certification Exam(s) ]
Salesforce [5 Certification Exam(s) ]
SANS [1 Certification Exam(s) ]
SAP [98 Certification Exam(s) ]
SASInstitute [15 Certification Exam(s) ]
SAT [1 Certification Exam(s) ]
SCO [10 Certification Exam(s) ]
SCP [6 Certification Exam(s) ]
SDI [3 Certification Exam(s) ]
See-Beyond [1 Certification Exam(s) ]
Siemens [1 Certification Exam(s) ]
Snia [7 Certification Exam(s) ]
SOA [15 Certification Exam(s) ]
Social-Work-Board [4 Certification Exam(s) ]
SpringSource [1 Certification Exam(s) ]
SUN [63 Certification Exam(s) ]
SUSE [1 Certification Exam(s) ]
Sybase [17 Certification Exam(s) ]
Symantec [134 Certification Exam(s) ]
Teacher-Certification [4 Certification Exam(s) ]
The-Open-Group [8 Certification Exam(s) ]
TIA [3 Certification Exam(s) ]
Tibco [18 Certification Exam(s) ]
Trainers [3 Certification Exam(s) ]
Trend [1 Certification Exam(s) ]
TruSecure [1 Certification Exam(s) ]
USMLE [1 Certification Exam(s) ]
VCE [6 Certification Exam(s) ]
Veeam [2 Certification Exam(s) ]
Veritas [33 Certification Exam(s) ]
Vmware [58 Certification Exam(s) ]
Wonderlic [2 Certification Exam(s) ]
Worldatwork [2 Certification Exam(s) ]
XML-Master [3 Certification Exam(s) ]
Zend [6 Certification Exam(s) ]
Dropmark : http://killexams.dropmark.com/367904/11785924
Wordpress : http://wp.me/p7SJ6L-1Dh
Dropmark-Text : http://killexams.dropmark.com/367904/12513632
Blogspot : http://killexamsbraindump.blogspot.com/2017/12/pass4sure-000-884-real-question-bank.html
RSS Feed : http://feeds.feedburner.com/WhereCanIGetHelpToPass000-884Exam
Box.net : https://app.box.com/s/pwjipv7r1bhhp2degwbpcz4bvr2g4hf0
zoho.com : https://docs.zoho.com/file/66dp88b69168da9aa4d78999e2f0d3120e72e