Global Safe - Security Policy

Resource protection

Your resource protection scheme ensures that only authorized users can access objects on the system. The ability to secure all types of system resources is a System strength. You should carefully define the different categories of users that can access your system. Also, you should define what access authorization you want to give these groups of users as part of creating your security policy.

Authentication

The assurance or verification that the resource (human or machine) at the other end of the session really is what it claims to be. Solid authentication defends a system against the security risk of impersonation, in which a sender or receiver uses a false identity to access a system. Traditionally, systems have used passwords and user names for authentication; digital certificates can provide a more secure method of authentication while offering other security benefits as well. When you link your system to a public network like the Internet, user authentication takes on new dimensions. An important difference between the Internet and your intranet is your ability to trust the identity of a user who signs on. Consequently, you should consider seriously the idea of using stronger authentication methods than a traditional user name and password login procedures provide. Authenticated users might have different types of permissions based on their authorization levels.

Authorization

The assurance that the person or computer at the other end of the session has permission to carry out the request. Authorization is the process of determining who or what can access system resources or perform certain activities on a system. Typically, authorization is performed in the context of authentication.

Integrity

The assurance that arriving information is the same as what was sent out. Understanding integrity requires you to understand the concepts of data integrity and system integrity.

• Data integrity:Data is protected from unauthorized changes or tampering. Data integrity defends against the security risk of manipulation, in which someone intercepts and changes information to which he or she is not authorized. In addition to protecting data that is stored within your network, you might need additional security to ensure data integrity when data enters your system from untrusted sources. When data that enters your system comes from a public network, you need security methods so that you can perform the following tasks:

1. Protect the data from being sniffed and interpreted, typically by encrypting it.
2. Ensure that the transmission has not been altered (data integrity).
3. Prove that the transmission occurred (nonrepudiation). In the future, you might need the electronic equivalent of registered or certified mail.

• System integrity: Your system provides consistent and expected results with expected performance. For the i5/OS operating system, system integrity is the most commonly overlooked component of security because it is a fundamental part of i5/OS architecture. i5/OS architecture, for example, makes it extremely difficult for a hacker to imitate or change an operating system program when you use security level 40 or 50.

Nonrepudiation

The proof that a transaction occurred, or that you sent or received a message. The use of digital certificates and public-key cryptography to sign transactions, messages, and documents support nonrepudiation. Both the sender and the receiver agree that the exchange takes place. The digital signature on the data provides the necessary proof.

Confidentiality

The assurance that sensitive information remains private and is not visible to an eavesdropper. Confidentiality is critical to total data security. Encrypting data by using digital certificates and Secure Socket Layer (SSL) or virtual private network (VPN) connection helps ensure confidentiality when transmitting data across untrusted networks. Your security policy should conclude how you will provide confidentiality for information within your network as well as when information leaves your network.

Auditing security activities

Monitoring security-relevant events to provide a log of both successful and unsuccessful (denied) access. Successful access records tell you who is doing what on your systems. Unsuccessful (denied) access records tell you either that someone is attempting to break your security or that someone is having difficulty accessing your system.