tailieunhanh - Mission-Critical Security Planner When Hackers Won’t Take No for an Answer phần 5

Chọn công nghệ rằng bạn sẽ không cản trở đáng kể, qua thời gian, tích hợp kiến trúc xác thực của bạn để chứa một cơ chế xác thực phổ biến ở tất cả các lớp ngăn xếp an ninh (nghĩa là, đăng nhập một ngày qua chồng bảo mật của bạn). Yếu tố dễ sử dụng. | 160 Chapter 3 Specify the nature of the applications as either or some combination of transactional or session-based. Pay close attention to usability and cost parameters as you develop your plan. Nonrepudiation can become difficult and costly. Develop policies and procedures for any required code signing such as Authenticode or Java signing see also the Content and Executable Management security element discussed in Chapter 4 . Operating System Identify any new features available within the operating system that may leverage nonrepudiation such as the digital signing of system files and configurations. Worksheet Security Stack Worksheet for Nonrepudiation. continued Establish the authorship of software implement code signing. Code signing discussed in more detail in several other security elements presented in this book for example Content and Executable Management allows software to be signed digitally. In this way you can be assured that the software you re executing has in fact been written by the software publisher you thought wrote it and has not been tampered with and modified by a hacker. OPERATING SYSTEM Enable nonrepudiation at the operating-system level. This is a new concept. I can imagine many potential benefits to enabling a nonrepudiation feature set within the operating system. As of this writing though no widely available operating systems implement nonrepudiation in a Using the Security Plan Worksheets The Fundamentals 161 particularly interesting way. In terms of future features perhaps a future operating system might force administrators to digitally sign any system configuration changes they make and could attempt to implement some type of secure signature verification mechanism. This may work to restrict the kinds of changes that hackers can make. Furthermore keeping track of administrator changes through digital signatures could also enhance the tracking of changes made to systems as part of the configuration-management process. .

TỪ KHÓA LIÊN QUAN