wtorek, 20 listopada 2007

Security model... what sould be done, to make a secure enviroment

The first: Authentication

This is the main point of every implementation. It links users identity with a level of privileges. Identity by definition is unique, there can be only one! If you want two users to have the same access - remember to make them a group.

The second: Authorization

It usually happens after the authentication. It checks the rights with the access controller. Once a subject is authenticated, it may be authorized to perform different types of access.

The third: Integrity

Integrity means you do not have to check if the data has not been modified. In the context of a single message it means that the content is exactly the same as was sent by the author, this is typically achived through digital signatures. In the context of message exchange it also means that all the messages were received exactly in the same order as they were sent.

The fourth: Confidentialy

Confidentialy is the property that data is not made available to unauthorized individuals, entities, or processes. Typically confidentiality is achieved through the encryption and authorization.

The fifth: Accountability

It's the only aspect that happens after the event took place. Sometimes it is too late to review situation after it happend. So better prevent it, and has all data in the event log.

To be continued...

0 komentarze: