Apple developer keys hosted in hardware security modules

Similar Messages

• How can I turn off the WLS 6.1 security in order to develop my own application-based security module?

  Dear Colleagues,
  I am currently developing a J2EE application using WLS 6.1.
  My team and I have to implement a security requirement to suit our company's needs.
  The security requirements are that, users' password need to be aged (30 days maximum) and we need to provided a GUI front-end (JSP) to allow users to change their password when these expire after 30 days.
  Our internal contacts in the company, have already taken the lead to find out about whether we will be able to use the WLS 6.1 platform to do this and the answer we got back, was.
  Now we need to develop our own security module.
  I have 2 questions:
  1. How can we turn off the WLS security in order develop our own application-based security module?
  2. How can we develop a security module that allows us to age users' password and provide them with facilities to change their passwords when these expire?
  At the moment, we are using the default BEA WebLogic login.jsp page and there some configuration in the web.xml for this. I will be grateful if you could advise me on how to turn this default security off so that we can write our own security module.

  hi,
  1.You can write your own realm in 61 which can plugged for your security
  calls.
  2. once you write your ownrealm.. you can access it through weblogic
  api/ur api..
  thanks
  kiran
  "Richard Koudry" <[email protected]> wrote in message
  news:3dd0d081$[email protected]..
  Dear Colleagues,
  I am currently developing a J2EE application using WLS 6.1.
  My team and I have to implement a security requirement to suit ourcompany's needs.
  >
  The security requirements are that, users' password need to be aged (30days maximum) and we need to provided a GUI front-end (JSP) to allow users
  to change their password when these expire after 30 days.
  >
  Our internal contacts in the company, have already taken the lead to findout about whether we will be able to use the WLS 6.1 platform to do this and
  the answer we got back, was.
  >
  Now we need to develop our own security module.
  I have 2 questions:
  1. How can we turn off the WLS security in order develop our ownapplication-based security module?
  >
  2. How can we develop a security module that allows us to age users'password and provide them with facilities to change their passwords when
  these expire?
  >
  At the moment, we are using the default BEA WebLogic login.jsp page andthere some configuration in the web.xml for this. I will be grateful if you
  could advise me on how to turn this default security off so that we can
  write our own security module.

• Hardware Security Modul (HSM) - SAP PI 7.0

  One of my customers want to use a HSM with PI. Did anyone of our partners develop a SAP adapter that supports such an integration?

  Hi Bart,
    I have read somewhere that HSM used secure webservices served through HTTPS.
  So, you might want to check the SOAP adapter.
  See also: [SAP Security Guide XI|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/0097e5ce-8216-2a10-4ea3-a3ff32c071c8], [HTTP and SSL|http://help.sap.com/saphelp_nw04/helpdata/EN/14/ef2940cbf2195de10000000a1550b0/frameset.htm].
  Regards,
  Ravi

• Apple should make a server hardware/OS with iOS level security. This could compete well with the breach infested pre secure OS/hardware server systems like Windows Linux OSX.  It should be structurally immune to phishing etc

  Apple should make a server hardware/OS with iOS level security. This could compete well with the breach infested pre secure OS/hardware server systems like Windows Linux OSX.  It should be structurally immune to phishing etc and could be sold easily as a secure alternative.  It should be based on structural hardware based security as has been demonstrated in the iOS operating system and the hardware should be made in secure facilities in the US.  Those Chinese put weaknesses into the hardware they make as has been documented on 60 minutes.

  Apple's entry in the server market has come and gone - is there a question in there somewhere?

• Hardware security processor, certificate security

  I have spent some time researching this and have been unable to satisfy my questions in sufficient detail.
  I am interested in utilizing a certificate authenticated VPN to connect iPads to my enterprise's network.  Obviously as the certificate will be used for authentication to connect the VPN the handling of this certificate is of great import. 
  Additionally, with the addition of soft token S/MIME PKI email support in iOS 5, the functionality of iOS's certificate store deserves a more thorough study.
  Presumably I will utilize a configuration profile to transfer both my private key and VPN connection profile settings to the device.  This will be done via the iphone configuration utility in testing, and in pilot/production phase a MDM solution.
  So with the certificate transferred, it is saved in the devices keychain, which as I understand is accessed by a separate hardware security processor on the device.  This hardware security processor will allow access to the keychain via the device password.  Obviously a strong complex password will be desired here due to this device password not only protecting the device, but also the certificate necessary for VPN authentication to my network.
  Presuming a rouge entity obtained the device and device password, is there an opportunity to export a certificate?  From my initial attempts, it does not seem like there is an obvious way to do this.  However, could an app be written to do so?  As I understand it, it is alluded to that perhaps it works similar to a smart card where the security processor does all crypto functions, never exposing the keys to the system CPU, and therefor never allowing the export of the key outside of the security processor jail.  What I want to have confirmed, specifically from Apple, Does the hardware security processor ever, even programmatically allow the export of the certificate?
  Is there currently, or is there planned in the future, allowance for additional security measures protecting certificate usage?  For example in my Windows environment I can set group policy which will force security policies over top of certificates placed in my cert store.  If I set to medium, the cert store will warn me anytime an application attempts to use my certificate.  If set to High, I must set a password which is entered upon every use of the certificate.  These functions are useful not only for protection of the certificates, but also in obtaining an additional instance of user affirmation at the exact point that they are performing a cryptographic operation.
  Additional detail surrounding these topics would be most helpful.  The enterprise PDFs area great start, but do not get down to a level that I need.

  When you setup a device password, it is used as a seed to create a filesystem encryption key which is then used to encrypt the file system. This way when you send a device wipe command, they just blow away the encryption key from the crypto processor and you are done, instead of having to wipe upto 32Gb of Flash memory with crap.
  You cannot get certs back out of the device.
  You need to take a leap of faith here and assume this is protecting everything.
  I can bet your  Security team can't get squat out of the device with a physically connection and no access to the device password. They will just get photos.
  Ashish

• Development key after db export

  Hi all
  i made an export DB, i've created another instance and all it's working fine.
  I've a problem with the user that was supposed to be a developer.
  While trying to create z program it asks for the development key. The new installation has been licensed on the old installation number so i was not expecting this request.
  Anybody can give me more explanations. Should i put the same access key got for the old system? Do i've to pay some license fee to SAP for that?
  Thanks
  Carmine

  Hi,
  Have transferrred to a different database or the same database?
  If a different database, you may need to check the memory parameters on both the instances and the overall user activity on both the databases. You will need to tune the second instance as needed with the new user activity.
  If you have transferred to a new host, then you may need to check that host's hardware configuration as well.
  HTH
  Regards,
  Badri.

• Questions about the Apple Developer Enterprise Program

  Hi there,
  i got some questions about the Apple Developer Enterprise Program:
  - is there a way a company can create their own "AppStore" with only the APPs the employees should use?
  - when I developed the enterprise app are the install files on a apple hosted server or do i need my own infrastructure to distribute my app?
  Thanks in advance for answers!

  Google: MDM

• Dear , please help me to solve my problem in activating my iPhone Where I lost it since 3 months and when found it cannot activating my ID Where give me (Your Apple ID has been disabled for security reasons. To enable your account, reset your password at

  Dear , please help me to solve my problem in activating my iPhone
  Where I lost it since 3 months and when found it cannot activating my ID
  Where give me (Your Apple ID has been disabled for security reasons. To enable your account, reset your password at applied.apple.com)
  And try to reset my password but cannot please help me where am a poor man and cannot pay another money to solving this problem to any one
  My iPhone data
  Ime:  ****
  Model: A1332
  FCC  ID : BCG-E2380A
  IC: 579C-E2380A
  MY id at cloud   ****
  Password    ( ****)
  My country : Egypt
  MY EMAIL : ****
  Tell no: ****
  <Personal Information Edited By Host>

  The following may help:
  Apple ID: 'This Apple ID has been disabled for security reasons' alert appears - Apple Support
  If you didn't receive your Apple ID verification or reset email - Apple Support

• How can I give me the access to create a developer key in the market?

  Hi!
  I'm new in the basis area and I don't have access to create a developer key. A consultant need a developer key.
  How can I give me the access in the market place to create it?
  Thanks!

  Hi
  You need to get the access key from SAP.
  Refer to the procedure of obtaining access keys from SAP in BASIS.
  Security
  Regards,
  Raj

• FaceTime HD webcam not working correctly ONLY in Apple-developed applications?

  My sister just bought a refurbished 13" MacBook Pro, the one shown here: http://store.apple.com/us/product/FD313LL/A
  We've run into a very strange issue, and I hope someone here is able to help.
  The built-in camera is "flickering," but it appears to only be happening in applications made by Apple, or at least ones preinstalled on the computer.  The applications affected that I have tested are: iMovie, FaceTime, Photo Booth, and iChat.  It's not really a "flicker," per se, but large horizontal chunks of the video will displace and often show up as green -- it all moves very rapidly -- very hard to explain, but it is definitely not normal behavior.
  iChat takes the issue a step further: the camera preview in iChat Preferences shows nothing but a blank screen.
  The camera works flawlessly in Skype, and also in web browers thorugh Adobe Flash. So, I am very certain this is not a hardware issue.  It also worked perfectly during the setup walkthrough when the computer was first turned on and it had her take a photo for her user account.
  I've tried resetting application preferences by deleting the preference files, resetting PRAM and SMC, shutting down/restarting the computer, and I've applied all possible Software Updates.  System Information (formerly System Profiler) shows the camera under USB, so the computer is recognizing it.  Finally, we called Apple and they said to reinstall OS X, which my sister just did. The problem's still there.  It wasn't a "clean" install though, because all of her files and preferences were kept in-tact, so maybe that is why.
  I don't know what else to do. I've tried researching this issue, but it seems more people have problems with the camera in non-Apple/third-party apps, whereas our problem is just with Apple-developed apps.
  I'm hoping someone else may have had this same problem and was able to fix it. Or, maybe someone knows something else I can try.  As a last resort, we'll take it to the Apple Store.

  Spinnn: We ended up taking it to an Apple store. They couldn't figure it out. The Geniuses there had never encountered this problem. They booted into Snow Leopard and the problem was still there. So I'm guessing it was either a hardware issue, or like you said, more likely a firmware issue.
  Since they couldn't fix it in store (and I'm pretty sure they tried everything except ripping the thing apart), we had to do an online exchange because it was a refurbished product. The new one came and had no issue, even after doing all software updates and updating the firmware.

• Fail to Configure Java Security Module. JPS-10902:Enrollment Server Error.

  I am unable to configure my Java Security Module Client in Controlled Mode. Everytime, I attempt to run the config command, I get an JPS-10902:Enrollment Server Error.
  Note that, while I run the configure Client command, the OES Administration Server is running on the same machine listening at 7002 with the default username password "weblogic/welcome1" (tested to work as expected on the Server console).
  Any help on this issue is appreciated. Below are the values in the smconfig.prp file, the command at the console and the error message.
  Values in the smconfig.java.controlled.prp:
  ==========================
  oracle.security.jps.runtime.pd.client.policyDistributionMode=controlled-push
  oracle.security.jps.runtime.pd.client.RegistrationServerHost=localhost [I also tried using my hostname]
  oracle.security.jps.runtime.pd.client.RegistrationServerPort=7002
  oracle.security.jps.runtime.pd.client.sm_name=MySM_Java
  # >>>>>>>>>>>>OPTIONAL PARAMETERS<<<<<<<<<<<<<<<<<
  # ------------ Only for Java SM, WS SM, and RMI SM in controlled-push mode --------------------
  # port to listen for policy distribution. Picked automatically by SM config tool if not specified
  #Port value set by Premal. It a random number
  oracle.security.jps.runtime.pd.client.DistributionServicePort=
  oracle.security.jps.runtime.pd.client.sm_type=java
  The Config command issued at the console:
  ===========================
  C:\Oracle\Middleware\oes_client\oessm\bin>config.cmd -smConfigId MySM_Java -prpFileName C:\Oracle\Middleware\oes_client\oessm\SMConfigTool\smconfig.java.controlled.prp
  The resulting error message:
  ======================
  C:\Oracle\Middleware\oes_client\oessm\bin>config.cmd -smConfigId MySM_Java -prpFileName C:\Oracle\Middleware\oes_clien
  t\oessm\SMConfigTool\smconfig.java.controlled.prp
  Configuring for Controlled Policy Distribution Mode
  Security Module configuration is created at: C:\Oracle\MIDDLE~1\OES_CL~1\oes_sm_instances\MySM_Java_3
  Enter password for key stores:
  Enter password for key stores again:
  Passwords are saved in credential store.
  Keystores are initialized successfully.
  Please enter a value for OES Admin Server User name:weblogic
  Please enter a value for OES Admin Server Password:
  Please re-enter a value for OES Admin Server Password:
  oracle.security.jps.service.policystore.PolicyStoreException: JPS-10902: Enrollment server error.
  at oracle.security.oes.enroll.EnrollmentClient.readFromSocket(EnrollmentClient.java:236)
  at oracle.security.oes.enroll.EnrollmentClient.enroll(EnrollmentClient.java:166)
  at oracle.security.oes.enroll.EnrollmentClient.main(EnrollmentClient.java:491)
  at oracle.security.oes.tools.EnrollmentTool.doEnroll(EnrollmentTool.java:103)
  at oracle.security.oes.tools.SMConfigTool.doEnrollment(SMConfigTool.java:610)
  at oracle.security.oes.tools.SMConfigTool.run(SMConfigTool.java:381)
  at oracle.security.oes.tools.SMConfigTool.main(SMConfigTool.java:346)
  JPS-10902: Enrollment server error.
  Enrollment is not proceeded successfully.

  Hi,
  Perhaps oracle.oes.admin.enroll, oracle.oes.admin.psl.ssl are not successfully deployed to the admin server or both are not in active state.
  Please try to redeploy the oracle.oes.admin.enroll, oracle.oes.admin.psl.ssl to the admin server, and make sure these two are active state. Then the SM couls be configured without issues hopefully.
  Thanks,
  Cris

• Removal of  Developer Key entry from DEVACCESS Table.

  Hi,
  On table DEVACCESS, in QTY/DEV/Prod there is one person with Developer Key listed that I would like to remove,  User is no more working and now we want to delete the entry from this table which has the User name followed by the Developer key assigned.
  Could any one guide me in deleting the Developer Key access from the DEVACCESS table.
  Satish.

  Another alternative is to use SE11 to create a maintenance view (ex: ZV_DEVACCESS).  Secure the maintenance view with a custom authorization group.  With the maintenance view you have the ability to use SM30 to maintain the DEVACCESS data.
  That keeps the DEVACCESS table from changing and thus no need to register the change with SAP.
  Cheers,
  Brian

• ABAP developer key help

  Here is the Developer Key for the BCUSER.
  29671482393151224771
  Now a windows pops up in which I have to register an object, instead of registering a user (BCUSER) as explained in the PDF document. When I insert the developer key a message appears stating I inserted a wrong key.
  Dont work other tips in forum.....
  im install license key -ok,restart sap service and etc into doc.....
  What am I doing wrong??
  Message was edited by: Lubomir Mravec

  Just to enforce what Dirk said,  All objects that you create in your sneak preview, must be in the customer name space, meaning that it begins with "Z" or "Y".   Any object needs to be like this.  So if you are creating a program in SE38 and you want to call it MYTESTPROGRAM,  it really must be ZMYTESTPROGRAM.  Otherwise you will get the message that you are getting about registering objects.  Rememeber always use the customer name space, when creating dictionary objects, function modules, classes, and report programs.
  Regards,
  Rich Heilman

• List of Developer Keys in the production enviroment

  Can anybody tell me how to obtain a correct list of users with developer keys. There are currently two ways of getting a list of users with developer Keys
  (1)Generate a list through the SAP support portal.
  (2)Obtain a list of names in the DEVACCESS table.
  Which is the correct method to use? my understanding was that all developer keys are on the "SAP support portal", and once a user uses their developer key the entry is added to the DEVACCESS table, is this correct?

  Hi Karl
  I do not think that there is one "correct" way on getting this, it depends on your requirement.
  If you take it from the SAP support Portal, it will give you the users id's who potentially would have the possibility to do development in your system. But it will not tell you, if they have received it, or if they have access to your system at all.
  If you take it from DEVACCESS, these developers have been doing some development in your system - <i>"The Guilty ones "</i>, (or at least has tried to enter a workbench object in create/change mode). But based on this list you can't be sure that new developers won't popup, but again this should be controlled by your security setup / the authorizations granted
  Regards
  Morten Nielsen

• Satellite M70-164 PSM71E - SD Secure Module does not work

  My laptop was installed in all new
  Currently have Windows XP Professional with SP3
  I can not install the SD Secure Module
  They can help me.
  Thank you

  Hi
  The SD Secure Module version 1.0.2; this software is an *update* for your TOSHIBA Secure Digital-Host controller.
  So you have to install firstly the Cardbus Driver 2.0.0.1.
  Cheers