SlideShare a Scribd company logo

Mule enterprise security

Download as PPTX, PDF
K
keshav Naidu

The document discusses Mule Enterprise Security features including an introduction to Mule STS OAuth 2.0 Provider, Mule Credential Vault, and Mule Security Filter Processors. It then provides overviews of each of these features, describing how the Mule STS OAuth 2.0 Provider enables Mule to act as an OAuth provider, how the Mule Credential Vault stores credentials encrypted, and how security filter processors allow filtering of messages.

Education
1 of 11
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
Agenda Introducing Mule Enterprise Security Drill-down into – Mule STS OAuth 2.0 Provider – Mule Credential Vault – Mule Security Filter Processors Brief Overview of other New Mule Enterprise Security Features Wrap-up and Q&A All contents Copyright © 2011, MuleSoft Inc. 2
Mule Enterprise Security - Benefits All contents Copyright © 2011, MuleSoft Inc. 3 1 - Protect access to your Mule application end-points and the services they access 2 - Maintain the confidentiality of data used and emitted by your mule flows 3 - Guard your Mule interfaces against security attacks SOA Mobile APIs SaaS Integration
Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 4
Mule STS OAuth 2.0 Provider - Why Protect your APIs with OAuth Enables credentials to only be shared with a single, central entity All contents Copyright © 2011, MuleSoft Inc. 5 Applications (OAuth Clients) APIs Exposed by Mule Application (OAuth Service Provider) Application End-Users Mobile Apps Web Apps Mule Cloud Connector Apps OAuth Protected
Mule STS OAuth 2.0 Provider - What Mule can act as an OAuth 2.0 provider OAuth element protects flow Supports for all OAuth 2.0 grant types Supported end-points – HTTP/S, Jetty, Servlet, Web Services All contents Copyright © 2011, MuleSoft Inc. 6
Mule Credential Vault - Why Access external end-points without exposing their access credentials – Store credentials in encrypted format All contents Copyright © 2011, MuleSoft Inc. 7
Mule Credential Vault - What Encrypt content of Mule application property files Mule Studio provides property value encryption tool Values decrypted upon access from Mule Flows All contents Copyright © 2011, MuleSoft Inc. 8
Mule Security Filter Processors - Why Whitelist a specific set or range of IP addresses Enable expiry policy using message time-stamp All contents Copyright © 2011, MuleSoft Inc. 9
Mule Security Filter Processors - What Use Mule security filter processors to – Set filtering needs and parameters Support for – IP filtering (single, range, and CIDR) – Message expiry filtering All contents Copyright © 2011, MuleSoft Inc. 10
Mule Enterprise Security – Features Overview All contents Copyright © 2011, MuleSoft Inc. 11 Feature Description Mule Secure Token Service (STS) – OAuth 2.0 Provider Enables a Mule server to act as an OAuth 2.0 authentication provider to protect specific mule flows. Mule Credential Vault Encrypt sensitive values (e.g. passwords) in your Mule message flows. Mule Security Filter Processors Allow filtering of messages based on security criteria: IP based and expiry based. Mule Digital Signature Processors Simplifies the signing and verification of XML Signatures within Mule flows. Mule Message Encryption Processors Easily encrypt and decrypt sensitive data in Mule messages.
Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 12 1 - Protect access to your Mule application end-points and the services they access 2 - Maintain the confidentiality of data used and emitted by your mule flows 3 – Guard your Mule interfaces against security attacks SOA Mobile APIs SaaS Integration

More Related Content

What's hot (20)

PPTX
Mule Security
Shanky Gupta
 
PPT
Mule mule agent
D.Rajesh Kumar
 
PPT
Mule salesforce integration patterns
D.Rajesh Kumar
 
PPTX
Mule securing
Sindhu VL
 
PPT
Mule oracle connectors
D.Rajesh Kumar
 
PPT
Mule esb-connectors
himajareddys
 
PPT
Mule architecture
Khasim Saheb
 
PPT
Mule anypoint data gateway
D.Rajesh Kumar
 
PPT
Mule security
D.Rajesh Kumar
 
PPT
Mule esb-architecture
himajareddys
 
PPT
Mule connectors
D.Rajesh Kumar
 
ODP
Anypoint platform security components
D.Rajesh Kumar
 
PPT
Mule esb–api layer
charan teja R
 
PPTX
Flows in mule
Sindhu VL
 
PPT
Mule cloud hub
D.Rajesh Kumar
 
PPT
Mule security-jaas
Praneethchampion
 
PPTX
SOAP Service in Mule Esb
Anand kalla
 
PPTX
Mule introduction
rajalbhatt03
 
PPTX
Mule ESB Tutorial Part 3
Srikanth N
 
PPT
.Net architecture with mule soft
Bui Kiet
 
Mule Security
Shanky Gupta
 
Mule mule agent
D.Rajesh Kumar
 
Mule salesforce integration patterns
D.Rajesh Kumar
 
Mule securing
Sindhu VL
 
Mule oracle connectors
D.Rajesh Kumar
 
Mule esb-connectors
himajareddys
 
Mule architecture
Khasim Saheb
 
Mule anypoint data gateway
D.Rajesh Kumar
 
Mule security
D.Rajesh Kumar
 
Mule esb-architecture
himajareddys
 
Mule connectors
D.Rajesh Kumar
 
Anypoint platform security components
D.Rajesh Kumar
 
Mule esb–api layer
charan teja R
 
Flows in mule
Sindhu VL
 
Mule cloud hub
D.Rajesh Kumar
 
Mule security-jaas
Praneethchampion
 
SOAP Service in Mule Esb
Anand kalla
 
Mule introduction
rajalbhatt03
 
Mule ESB Tutorial Part 3
Srikanth N
 
.Net architecture with mule soft
Bui Kiet
 

Similar to Mule enterprise security (20)

PPTX
Mule soft Meetup #3
Gaurav Sethi
 
PPTX
Flowsinmule 160517130818
ppts123456
 
PPTX
Anypoint enterprise security
Krishna_in
 
PDF
Stockholm MuleSoft Meetup - Albin Kjellin, 15 Feb 2018
Ana Chiriţescu
 
PPTX
Flows in mule
Son Nguyen
 
PPTX
Baltimore jan2019 mule4
ManjuKumara GH
 
PDF
Anypoint platform cloud
Sudheer Y
 
PPTX
API Security: Securing Digital Channels and Mobile Apps Against Hacks
Akana
 
ODP
Anypoint platform security components
D.Rajesh Kumar
 
PDF
Whats new in was liberty security and cloud readiness
sflynn073
 
PPTX
Meet up slides_mumbai_21032020_final
Akshata Sawant
 
PPTX
Best Practices for API Security
Bui Kiet
 
PPTX
Best Practices for API Security
MuleSoft
 
ODP
Security in mulesoft
akshay yeluru
 
PPT
Mule security
himajareddys
 
PPT
Mule security - pgp
D.Rajesh Kumar
 
PPT
Mule security
vishnukanthro45
 
PPT
Mule security
charan teja R
 
PPTX
OAuth 2 Spring Boot 3 Integration Presentation
Knoldus Inc.
 
PPTX
MuleSoft Meetup Charlotte 2019
Subhash Patel
 
Mule soft Meetup #3
Gaurav Sethi
 
Flowsinmule 160517130818
ppts123456
 
Anypoint enterprise security
Krishna_in
 
Stockholm MuleSoft Meetup - Albin Kjellin, 15 Feb 2018
Ana Chiriţescu
 
Flows in mule
Son Nguyen
 
Baltimore jan2019 mule4
ManjuKumara GH
 
Anypoint platform cloud
Sudheer Y
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
Akana
 
Anypoint platform security components
D.Rajesh Kumar
 
Whats new in was liberty security and cloud readiness
sflynn073
 
Meet up slides_mumbai_21032020_final
Akshata Sawant
 
Best Practices for API Security
Bui Kiet
 
Best Practices for API Security
MuleSoft
 
Security in mulesoft
akshay yeluru
 
Mule security
himajareddys
 
Mule security - pgp
D.Rajesh Kumar
 
Mule security
vishnukanthro45
 
Mule security
charan teja R
 
OAuth 2 Spring Boot 3 Integration Presentation
Knoldus Inc.
 
MuleSoft Meetup Charlotte 2019
Subhash Patel
 
Ad

Recently uploaded (20)

PPTX
Cybersecurity: How to Protect your Digital World from Hackers
vaidikpanda4
 
PPTX
Introduction to pediatric nursing in 5th Sem..pptx
AneetaSharma15
 
PPTX
Top 10 AI Tools, Like ChatGPT. You Must Learn In 2025
Digilearnings
 
PPTX
Unlock the Power of Cursor AI: MuleSoft Integrations
Veera Pallapu
 
PDF
The Minister of Tourism, Culture and Creative Arts, Abla Dzifa Gomashie has e...
nservice241
 
PDF
EXCRETION-STRUCTURE OF NEPHRON,URINE FORMATION
raviralanaresh2
 
PPTX
Artificial Intelligence in Gastroentrology: Advancements and Future Presprec...
AyanHossain
 
PPTX
Digital Professionalism and Interpersonal Competence
rutvikgediya1
 
PPTX
K-Circle-Weekly-Quiz12121212-May2025.pptx
Pankaj Rodey
 
PPTX
PROTIEN ENERGY MALNUTRITION: NURSING MANAGEMENT.pptx
PRADEEP ABOTHU
 
PPTX
LDP-2 UNIT 4 Presentation for practical.pptx
abhaypanchal2525
 
PPTX
Translation_ Definition, Scope & Historical Development.pptx
DhatriParmar
 
PDF
My Thoughts On Q&A- A Novel By Vikas Swarup
Niharika
 
PPTX
Python-Application-in-Drug-Design by R D Jawarkar.pptx
Rahul Jawarkar
 
DOCX
Modul Ajar Deep Learning Bahasa Inggris Kelas 11 Terbaru 2025
wahyurestu63
 
PPTX
INTESTINALPARASITES OR WORM INFESTATIONS.pptx
PRADEEP ABOTHU
 
PPTX
Gupta Art & Architecture Temple and Sculptures.pptx
Virag Sontakke
 
PPTX
The Future of Artificial Intelligence Opportunities and Risks Ahead
vaghelajayendra784
 
PPTX
20250924 Navigating the Future: How to tell the difference between an emergen...
McGuinness Institute
 
PPTX
Command Palatte in Odoo 18.1 Spreadsheet - Odoo Slides
Celine George
 
Cybersecurity: How to Protect your Digital World from Hackers
vaidikpanda4
 
Introduction to pediatric nursing in 5th Sem..pptx
AneetaSharma15
 
Top 10 AI Tools, Like ChatGPT. You Must Learn In 2025
Digilearnings
 
Unlock the Power of Cursor AI: MuleSoft Integrations
Veera Pallapu
 
The Minister of Tourism, Culture and Creative Arts, Abla Dzifa Gomashie has e...
nservice241
 
EXCRETION-STRUCTURE OF NEPHRON,URINE FORMATION
raviralanaresh2
 
Artificial Intelligence in Gastroentrology: Advancements and Future Presprec...
AyanHossain
 
Digital Professionalism and Interpersonal Competence
rutvikgediya1
 
K-Circle-Weekly-Quiz12121212-May2025.pptx
Pankaj Rodey
 
PROTIEN ENERGY MALNUTRITION: NURSING MANAGEMENT.pptx
PRADEEP ABOTHU
 
LDP-2 UNIT 4 Presentation for practical.pptx
abhaypanchal2525
 
Translation_ Definition, Scope & Historical Development.pptx
DhatriParmar
 
My Thoughts On Q&A- A Novel By Vikas Swarup
Niharika
 
Python-Application-in-Drug-Design by R D Jawarkar.pptx
Rahul Jawarkar
 
Modul Ajar Deep Learning Bahasa Inggris Kelas 11 Terbaru 2025
wahyurestu63
 
INTESTINALPARASITES OR WORM INFESTATIONS.pptx
PRADEEP ABOTHU
 
Gupta Art & Architecture Temple and Sculptures.pptx
Virag Sontakke
 
The Future of Artificial Intelligence Opportunities and Risks Ahead
vaghelajayendra784
 
20250924 Navigating the Future: How to tell the difference between an emergen...
McGuinness Institute
 
Command Palatte in Odoo 18.1 Spreadsheet - Odoo Slides
Celine George
 
Ad

Mule enterprise security

  • 1. Agenda Introducing Mule Enterprise Security Drill-down into – Mule STS OAuth 2.0 Provider – Mule Credential Vault – Mule Security Filter Processors Brief Overview of other New Mule Enterprise Security Features Wrap-up and Q&A All contents Copyright © 2011, MuleSoft Inc. 2
  • 2. Mule Enterprise Security - Benefits All contents Copyright © 2011, MuleSoft Inc. 3 1 - Protect access to your Mule application end-points and the services they access 2 - Maintain the confidentiality of data used and emitted by your mule flows 3 - Guard your Mule interfaces against security attacks SOA Mobile APIs SaaS Integration
  • 3. Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 4
  • 4. Mule STS OAuth 2.0 Provider - Why Protect your APIs with OAuth Enables credentials to only be shared with a single, central entity All contents Copyright © 2011, MuleSoft Inc. 5 Applications (OAuth Clients) APIs Exposed by Mule Application (OAuth Service Provider) Application End-Users Mobile Apps Web Apps Mule Cloud Connector Apps OAuth Protected
  • 5. Mule STS OAuth 2.0 Provider - What Mule can act as an OAuth 2.0 provider OAuth element protects flow Supports for all OAuth 2.0 grant types Supported end-points – HTTP/S, Jetty, Servlet, Web Services All contents Copyright © 2011, MuleSoft Inc. 6
  • 6. Mule Credential Vault - Why Access external end-points without exposing their access credentials – Store credentials in encrypted format All contents Copyright © 2011, MuleSoft Inc. 7
  • 7. Mule Credential Vault - What Encrypt content of Mule application property files Mule Studio provides property value encryption tool Values decrypted upon access from Mule Flows All contents Copyright © 2011, MuleSoft Inc. 8
  • 8. Mule Security Filter Processors - Why Whitelist a specific set or range of IP addresses Enable expiry policy using message time-stamp All contents Copyright © 2011, MuleSoft Inc. 9
  • 9. Mule Security Filter Processors - What Use Mule security filter processors to – Set filtering needs and parameters Support for – IP filtering (single, range, and CIDR) – Message expiry filtering All contents Copyright © 2011, MuleSoft Inc. 10
  • 10. Mule Enterprise Security – Features Overview All contents Copyright © 2011, MuleSoft Inc. 11 Feature Description Mule Secure Token Service (STS) – OAuth 2.0 Provider Enables a Mule server to act as an OAuth 2.0 authentication provider to protect specific mule flows. Mule Credential Vault Encrypt sensitive values (e.g. passwords) in your Mule message flows. Mule Security Filter Processors Allow filtering of messages based on security criteria: IP based and expiry based. Mule Digital Signature Processors Simplifies the signing and verification of XML Signatures within Mule flows. Mule Message Encryption Processors Easily encrypt and decrypt sensitive data in Mule messages.
  • 11. Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 12 1 - Protect access to your Mule application end-points and the services they access 2 - Maintain the confidentiality of data used and emitted by your mule flows 3 – Guard your Mule interfaces against security attacks SOA Mobile APIs SaaS Integration

Editor's Notes

  • #2: Slide 2: Housekeeping items   Just a couple of housekeeping items before we get started: This session is being recorded and will be available immediately following the webinar You can download the slides right now from the “attachments” tab If you have content or technical questions, please feel free to ask them at any time by typing them into and sending them via the question button above the slides. We will answer questions at the end of the session but please feel free to send over questions as they arise. If we don’t get to your question or if you have any detailed use-case specific questions, you can submit them to our team of experts at tinyurl.com/askmulesoft  
  • #4: Go over the MES benefits Then mention the fact that these benefits span solution areas
  • #6: Safe Access as per OAuth: - Allows you to protect any HTTP based interface for access – usually used for REST APIs Temporary and restricted access – Access is controlled through OAuth tokens which can have an expiry date and limited scope to allow for RBAC Often consumed and used by Mobile apps
  • #9: Key for decrypting the properties is provided as a system property: <secure-property-placeholder:config key="${runtime.property}" location="test.qa.properties"/> ./mule -D-Mruntime.propery=mySecretKey
  • #10: Useful for security gateway scenarios
  • #13: Go over the MES benefits Then mention the fact that these benefits span solution areas
  • #14: Slide 2: Housekeeping items   Just a couple of housekeeping items before we get started: This session is being recorded and will be available immediately following the webinar You can download the slides right now from the “attachments” tab If you have content or technical questions, please feel free to ask them at any time by typing them into and sending them via the question button above the slides. We will answer questions at the end of the session but please feel free to send over questions as they arise. If we don’t get to your question or if you have any detailed use-case specific questions, you can submit them to our team of experts at tinyurl.com/askmulesoft