Find White Papers
Home About Contact Help
Free Membership Member Login
Sep 5, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

Security Design Principles

Nixu
By : Nixu
INFORMATION
Published : Oct 18, 2006
Length : 8
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :
This white paper is an overview of the Nixu Security System and the various security principles it encompasses.  Topics discussed include security design, application security, OS hardening, patch management, and more.
View All Items By This Company
Browse Related Categories :

Application Security

,

Firewalls

,

Hacker Detection

,

Internet Security

,

Intrusion Prevention

,

Security

,

Security Management
 


1
This chapter describes some general security design principles used in Nixu SNS.

Nixu SNS has been built on CentOS 4.3 operating system that has been specifically hardened for DNS use. CentOS is a freely distributable operating system.

The system architecture of Nixu Secure Name Server (SNS) is contained in this whitepaper.

Nixu SNS includes a web-based user-interface implemented using web server (Apache 2.0.52) and PHP-module (4.3.9). The environment has been hardened using Bastille hardening tool (version 3.0.9-1.0).

For intrusion detection (IDS) and prevention (IPS), PSAD version1.4.6-1 has been used. The general functionality of the firewall and the IPS system is depicted in this whitepaper.

1.1 Defense in Depth

Nixu SNS has been designed applying the Principle of Defense in Depth. Defense in Depth has been applied when more than one subsystem has to be compromised to compromise the security of the entire system. Defense in Depth is the concept of protecting a computer network with a series of defensive mechanisms such that if one mechanism fails, another will already be in place to block an attack.

In the case of Nixu SNS, the Principle of Defense in Depth involves the following:

Encrypted connections In-host firewall IPS system ACLs for enabled services

Services are running with secure configurations Web-UI authenticates the users Web UI writes logs of the user actions O/S is hardened and backups are taken periodically If possible, Perimeter firewall for the network is used

1.2 Principle of Least Privilege

Nixu SNS has been designed applying the Principle of Least Privilege. According to the Principle of Least Privilege, every user, process and program should be able to see only such information and resources that are necessary for them to perform a given operation or task. The idea behind the principle is to grant as minimal privileges as possible to permit a legitimate action, thereby enhancing the protection of data and functionality from faults and malicious behaviour.

In the case of Nixu SNS, the Principle of Least Privileged involves the following:

Services are not running as root

There are multiple level user accounts for Web-UI and shell access

User accounts have necessary permissions only, to do only the necessary actions Use sudo when privilege escalation is required

1.3 Principle of Default Deny

Nixu SNS has been designed applying the Principle of Default Deny. When the Principle of Default Deny has been implemented, anything that is not explicitly allowed is denied regardless of whether the function is related to access, privileges, some security-related attribute or other similar function.

In the case of Nixu SNS, the Principle of Default Deny involves the following:

Firewall blocks all but explicitly allowed connections Shell access for users needs to be explicitly permitted All but necessary services are disabled All but necessary packages are removed

2.1 Software Components

CentOS Linux 4.3 i386:

- RPMs have been stripped to the bare minimum. Complete package list can be found at the end of this document - Updates included until May 9 2006

Apache Web Server 2.0.52-28

- Includes security fixes to 2.0.52 CAN-2004-0885, CVE CAN-2004-0942, CVE-2006-3918 - Apache runs as user apache by default

Web server; PHP-module (php 4.3.9-3.12)

- Includes security fixes to 4.3.9 CAN-2004-0958 and other fixes

- As shell_exec() function is used in PHP scripts, the safemode can?t be enabled; the shell_exec() function is disabled in safemode.

BIND 9.2.4-2

- Secure and stable release of ISC BIND

Bastille 3.0.9-1.0 and PSAD 1.4.6-1

- These components form the basis for the IDS/IPS system. Both are the latest releases and have no known security issues

Nixu SNS 1.0.1 (proprietary code by Nixu Software used to integrate software components and in the management utilities) is included in the software package. Both the software architecture and the entire Nixu SNS software package has been audited and tested by independent third-parties; updates will be released and delivered, if and when necessary, by Nixu Software.

2.2 Authentication

An attempt to access any script in the WebUI causes system to authenticate the user. If the user is not authenticated or authentication cannot be performed, the user is redirected to login page. Login prompts user for username and password. Both successful and unsuccessful login attempts will be logged in the Nixu SNS system log.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map