Security best practices

Scope and purpose of this content

This guide is for Airlock IAM integrators and aims to help to achieve a good level of security when deploying and configuring Airlock IAM.

Note: Security best practices for OAuth 2.0 and OIDC can be found in a separate article.

Notice

The guide does not claim to be self-explanatory. The operator and configurator still has to understand the security requirements of the project and must understand the security implications of deploying and configuring Airlock IAM.

Chapter content

Sensitive information

Separation of IAM modules

Requirements for a secure configuration

Privilege escalation prevention

Operating system, Java runtime, network

Security considerations Docker container usage

Auditability

Selection and parametrization of hash functions

Custom extension development