|
|
|
Among the many functions of system administration is the security of the system and the data it contains. This chapter considers how the administration of security affects the system.
For our purposes, we consider the security policy of the Web server within the DMZ and a user system in the development subnet. This will contrast the manner in which an administrator secures a system that many users use for development of software with the methods used to secure a system that is likely to be attacked and that is not intended for the use of nonadministrative users.
Section 26.3.3.2 discusses the Web server's function in relation to the rest of the Drib's network infrastructure. Briefly, the Web server system provides access to untrusted users through a Web server, and access to trusted users through SSH. Untrusted users can come from any system on the Internet. Trusted users are those users who have access to the trusted administrative host on the internal network. For the purposes of our policy, we assume that any user in that system has been correctly authenticated to that system and is "trusted" as we use the term.
The development system is a standard UNIX or UNIX-like system. A set of developers are allowed to use the system.
|
|
|
| Top |