xmlBlaster - Requirement security.introduction

REQUIREMENT

security.introduction

Type NEW

Priority HIGH

Status CLOSED

Topic HOWTO: xmlBlaster Security Introduction

Des
cription
Introduction

Why Security?

Information security became over the years a more and more important topic. First, it was of interest only for military and secret service organisations. But the more information systems like computers concern everybodies life and these systems become interconnected, the higher is the importance of security for everyone. It doesn't matter if it is the army, a commercial organisation or even a private user, security is an essential topic.

What is Security?

After the dozens of books written on the subject, it's hard to understand that a common definition of security doesn't exist.
The attempt to find a definition including all aspect of security results in quiet woolly definition like the following, which we will use now:

Security refers to the possibility of a system, to protect its objects regarding confidentiality and integrity.

In this context confidentiality and integrity are defined as:

Confidentiality:
"The property that information is not made available or disclosed to unauthorized individuals, entities, or processes." [RFC2828]

Integrity:
"The property that data have not been changed, destroyed, or lost in an unauthorized or accidental manner." [RFC2828]

Both are the primary goals of security. To reach them, it is often necessary to reach subsequent goals. These additional goals are often called secondary goals. Examples are:

accountability

non-repudiation

privacy

anonymity

and many more.

Some of them seem to be incompatible (e.g. accountability and anonymity), but all are more or less important for a secure system. This shows two things:

The meaning of security can differ from case to case, because the goals may have a different weight.

A 100% secure system is impossible.

An example:
In an electronic voting system each voter can vote for something / somebody. In this case the voter has the following understanding of security:

The system must ensure that the vote is counted correctly (nothing/nobody else should be able to generate a vote with a wrong identity, to change or hold back a correct vote) [integrity]

Nothing and nobody (even not the voting system) must be able to determine who voted for whom/what. [-> confidentiality (+ anonymity)]

The voting system has a slightly different understanding of security. In addition, it must ensure that everybody has only a single vote. Everybody must be accountable for its actions. But this collides with the voters desire of anonymity. Both are not compatible without lowering one's sights.

Goals

The xmlBlaster security system should address the main aspects of security as mentioned above. But because of the fact that a 100% secure system, covering all issues won't be me more than a nice illusion. A security serving system for the xmlBlaster cannot be more than model and a framework. Its main goal is to support all actions (in general: intercepting the flow of actions and information) required by the real implementation of software components (called 'plugins') to enforce the respective meaning of security.

Terms

(Session, Subject, Right, Role, Group, Security, Identity, Authentication, Authorization, Access Control (AC), Message Protection, ...)

Configure
NOTE: Configuration parameters are specified on command line (-someValue 17) or in the xmlBlaster.properties file (someValue=17). See requirement "util.property" for details.
Columns named Impl tells you if the feature is implemented.
Columns named Hot tells you if the configuration is changeable in hot operation.

See REQ security.development.serverPlugin.howto

See REQ security.htpasswd

See REQ security.ldap

See REQ SOCKET based SSL protection

This page is generated from the requirement XML file xmlBlaster/doc/requirements/security.introduction.xml

Back to overview

Topic	HOWTO: xmlBlaster Security Introduction
Des cription	Introduction Why Security? Information security became over the years a more and more important topic. First, it was of interest only for military and secret service organisations. But the more information systems like computers concern everybodies life and these systems become interconnected, the higher is the importance of security for everyone. It doesn't matter if it is the army, a commercial organisation or even a private user, security is an essential topic. What is Security? After the dozens of books written on the subject, it's hard to understand that a common definition of security doesn't exist. The attempt to find a definition including all aspect of security results in quiet woolly definition like the following, which we will use now: Security refers to the possibility of a system, to protect its objects regarding confidentiality and integrity. In this context confidentiality and integrity are defined as: Confidentiality: "The property that information is not made available or disclosed to unauthorized individuals, entities, or processes." [RFC2828] Integrity: "The property that data have not been changed, destroyed, or lost in an unauthorized or accidental manner." [RFC2828] Both are the primary goals of security. To reach them, it is often necessary to reach subsequent goals. These additional goals are often called secondary goals. Examples are: accountability non-repudiation privacy anonymity and many more. Some of them seem to be incompatible (e.g. accountability and anonymity), but all are more or less important for a secure system. This shows two things: The meaning of security can differ from case to case, because the goals may have a different weight. A 100% secure system is impossible. An example: In an electronic voting system each voter can vote for something / somebody. In this case the voter has the following understanding of security: The system must ensure that the vote is counted correctly (nothing/nobody else should be able to generate a vote with a wrong identity, to change or hold back a correct vote) [integrity] Nothing and nobody (even not the voting system) must be able to determine who voted for whom/what. [-> confidentiality (+ anonymity)] The voting system has a slightly different understanding of security. In addition, it must ensure that everybody has only a single vote. Everybody must be accountable for its actions. But this collides with the voters desire of anonymity. Both are not compatible without lowering one's sights. Goals The xmlBlaster security system should address the main aspects of security as mentioned above. But because of the fact that a 100% secure system, covering all issues won't be me more than a nice illusion. A security serving system for the xmlBlaster cannot be more than model and a framework. Its main goal is to support all actions (in general: intercepting the flow of actions and information) required by the real implementation of software components (called 'plugins') to enforce the respective meaning of security. Terms (Session, Subject, Right, Role, Group, Security, Identity, Authentication, Authorization, Access Control (AC), Message Protection, ...)
Configure	NOTE: Configuration parameters are specified on command line (-someValue 17) or in the xmlBlaster.properties file (someValue=17). See requirement "util.property" for details. Columns named Impl tells you if the feature is implemented. Columns named Hot tells you if the configuration is changeable in hot operation.
See REQ	security.development.serverPlugin.howto
See REQ	security.htpasswd
See REQ	security.ldap
See REQ	SOCKET based SSL protection