Security Design

Similar Messages

• ADF Security Design Question

  Hi All,
  I am developing an ADF web application. The security design is such that user authentication is mapped to database users. The design I see several pros and cons
  1) Different database users means I cannot take advantage of connection pooling.
  2) The architect argues SQL querying can be controlled at database level for each user.
  I have never been involved in such a web application. Can anybody please guide me if this is the way to go for ADF web application, any other pros and cons. The database is Oracle 11g. I still believe that application security should not be tied to the database security.
  Worst case if I have to go with this design, How to implement ADF security using database users.
  Thanks

  I blogged a use case for using Proxy Authentication with JPA here http://blogs.oracle.com/olaf/2010/04/using_oracle_proxy_authenticat.html. (Being a sample it includes a setter for user name, but a case with a JAAS Subject and Principal is easily adaptable).
  I'll dig out an ADF BC example and blog about it, too.
  --olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

• Role of SAP security design consultant

  Hi All,
  what role does a  SAP HR (SAP Security Design) Consultant play?
  how different is it from a regular SAP HR?
  pls let me know
  regards,
  Pratik

  What i assume is you will have to understand different roles of users in that company who will need access to Hr system, and classify under catogories, set up roles and define authorisation profiles, set up structural authorisations based on clients requirements.
  as far as HR is concerned you need to understand different authorisation objects,roles, profiles available in standard SAP ystem and set up new ones add some additional privileges etc whereever required. get your self familiar with various HR authorisation Objects etc.
  Also lil bit of user management, reporting on Infoytpes, tracking changes, modiufication to business critical transactions etc.

• Need help with security design!

  Hi,
  I haven't worked with security design very much. Currently I'm about to develop an application to my father which should implement some sort of security.
  One of the reasons for this application besides making my father happy is educating myself.
  The application is an online image album.
  The security could be divided in role-based security and instance level security.
  Role-based (NO PROBLEM):
  A user cannot delete another user, an administrator can delete users.
  Instance-level (DON'T KNOW HOW):
  A user can load other users image albums if he/her is allowed/granted to view the album and its images. Note that the user could be granted to view the album, but not all of its images.
  My problem is how I should design the "instance-level" security? Should I keep a ACL (Access Control List) with each instance of album and image?
  This seems to be a common functionality to add view/load/read/write permissions to an instance in runtime to let a certain user to operate on an asset?
  Have searched the Internet but haven't found any nice framework to help me.
  Could anyone with some experience please help me out?!
  Kind regards, Andreas

  Hi,
  I ran into the same problem. Could you resolve it?
  please give me your feedback.

• Security design issue

  Hi Folks,
  I've a security design issue using J2EE architecture framework in my
  project..
  Proj Requirement:
  i) User Logs-into a health b2b/b2c portal website...
  ii) Check the user exist in the database or LDAP directory service.
  iii) If exist user then check the role Patient/Insurance Provider/Physician?
  iv)If Patient then display his personal health record history.
  else Insurance Provider then display about Insurance Policy information,
  which he can update/create insurance for entered patient id. If patient has
  granted access to Insurance Provider
  and if Physician then display about hospital information like
  waiting patients,sending appointments,etc..
  The above security access control role & policy has to be implemented
  very strong. so that other user cannot view/update someone health records..
  Development tool:WebLogic Server/Oracle/LDAP.. on Linux
  Security Problem:
  i)What is the best security solution for the above requirement?
  ii)How do I authenticate/validate user using J2EE security framework?
  Can anyone explain in details or steps to implement?
  Thanks,
  -raj-

  I'm assuming that your using WLS 6, if so check out (I know we cover this in
  the documentation but I'm guessing at the title) the "securing your site"
  guide. Some of what you're planning the WLS server can protect through good
  ACL usage. I'd recommend creating at least three groups (patient, provider,
  physician), clearly the danger lies in having a user who is a member of more
  than one group. I'd recommend implementing your own role checking at both
  the servlet and EJB levels to fully enforce information access, using
  servlet state and stateful session beans should help.
  Alex
  Raj <[email protected]> wrote in message
  news:[email protected]..
  Hi Folks,
  I've a security design issue using J2EE architecture framework in my
  project..
  Proj Requirement:
  i) User Logs-into a health b2b/b2c portal website...
  ii) Check the user exist in the database or LDAP directory service.
  iii) If exist user then check the role Patient/InsuranceProvider/Physician?
  iv)If Patient then display his personal health record history.
  else Insurance Provider then display about Insurance Policy information,
  which he can update/create insurance for entered patient id. If patienthas
  granted access to Insurance Provider
  and if Physician then display about hospital information like
  waiting patients,sending appointments,etc..
  The above security access control role & policy has to be implemented
  very strong. so that other user cannot view/update someone healthrecords..
  >
  Development tool:WebLogic Server/Oracle/LDAP.. on Linux
  Security Problem:
  i)What is the best security solution for the above requirement?
  ii)How do I authenticate/validate user using J2EE security framework?
  Can anyone explain in details or steps to implement?
  Thanks,
  -raj-

• BI data level security design

  Hello we have a requirement to restrict data at sales office which is part of customer hierarchy node.
  User is an employee master data record which will have Sales Office as an attribute.
  Sales office will be part of transaction data.
  So if a User executes a report it should show only those reports that belong to his Sales Office.
  User is not mandated to select Sales office as part of filter.  So even if he runs with no restriction in filter it should restrict to only those transactions with his sales office.
  There are more than 250 sales offices.  To create a role for each may be cumbersome.
  What is the best way to design and maintain BI Security for this. 
  I would really appreciate if anyone can give Step By Step appraoch.
  I tried to search in forums but was not clear.
  Thanks in advance.

  Hi Ravi,
  I think you already know that you can achieve this with an anlysis authorizations setup where you create a different one for each sales office. Much of the task can be automated using SECATT. If you do not want to create separate roles for each user, the analysis authorizations can be directly assigned to the users as well through RSECADMIN transaction. But ensuring the correct security would certainly need some maintenance effort.
  You can also investigate the use of customer exit variables in your design but will need some coding effort. First step is to create a variable of type customer exit for Sales Office and use itrestrict Sales Office in your query. You need to implement the enhancement RSR00001 and supply appropriate code in the EXIT_SAPLRRS0_001 to read the user master record for each user and restrict by sales area. As long as Sales Office is authorization relevant you would need  to create a analysis authorization with this characteristic and insert the customer exit variable that you just created. You have to also ensure that users do not have access to change the parameters in their user master.
  There are quite a few resources in SDN itself which talk at length on the subject. Since I have personally not used customer exit variables for security, some of the details in the process might be incorrect but this should get you started.
  Regards,
  Aninda

• CRM Security Design Concepts

  Hello Gurus,
  My Client is in a process of CRM implementation, as a security consultant , I am gathering the data from the business for CRM Role Design.
  Can Anybody share their design methodology in CRM Security.
  Best practices..
  Thanks in Advance
  -Thanks
  Sam

  Hi Sam,
  In CRM CIC, mostly users will be accessing the CRM system via Web client. Generally an ECC or R/3 system would exist as the backend. In CRM 2007/7.0, there is a concept of Business roles (BR) & PFCG roles as described in my earlier post.
  Every end user in the CRM would be assigned a Business role. Business role is created by CRM Functional Consultant & is assigned at Oranizational model/level via transaction PPOMA_CRM and corresponding PFCG role would be assigned via transaction PFCG
  To create the Business role, matrix for the same would be provided by some Business Consultant in your Project. That will describe the kind of access would be given to the end-user-meaning: Work Centers, Navigational links, logical links etc. You then need to create the corresponding PFCG role for a Business role. If your Organizational model is in such a way that only one Business role is created & assigned to all users, then you need to create several PFCG roles & you need restrict access based on the requirement in these roles. Else if there are several Business roles, then mostly Business roles will take care on the access restriction, then you may need to have only one PFCG role - it depends on how the Organizational model is set up & depends on whether the maintenance burden is on the Functional Team or Security Team
  Also if ECC is your backend system, roles need to be created for ECC also & they would be mapped with CRM roles as all backend work will be done in ECC system, so role matrix of both systems need to be mapped by the Business Consultant in your Project, you would then create roles for CRM & ECC system

• Server 2012 R2 Remote Desktop Gateway. Most Simple and Secure Design For Small Environment?

  We would like users to be able to connect remotely over the Internet from their personal devices to their primary Windows 7 workstation (a physical box on their desk) by using the Microsoft RDP Client For Windows, Mac, iOS and Android.  There is no
  plan to use RDWeb or Remote Apps, or VDI.  Just plain remote access to their desktop PC without VPN plus a third party 2nd factor authentication product that can text them back a code to enter with their AD credentials (AuthAnvil or Duosecurity)
  We do not have TMG or ISA.
  We would like to get these services all running in a single server and be as simple as possible while still being very secure.
  The recommendations I see seem to suggest putting the RDG in a DMZ with either a domain controller on a new domain with a one-way trust to your internal domain or else a read-only domain controller on your domain and then RD Session Host and License server
  located on different servers on your internal LAN.
  http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment-in-a-perimeter-network-firewall-rules.aspx
  That sounds like a lot of separate servers and cost for not a lot of users in our environment.
  Do we even need a separate session host server if there are no RDP sessions being hosted directly on the servers because  the users are only being redirected to connect to their workstations and will never be using terminal sessions on the server?
  Can the RODC or the Domain controller on new domain with the one-way trust be the same server as the Remote Desktop Gateway server and not separate servers?
  What is the most minimalist way to set this up with good security when opening all the ports needed to authenticate with internal DC is not secure enough?

  #2 sounds like we would need 2 Essentials servers and we will not have that.
  We currently have Server 2008 R2 and have 2012 Standard licenses that are not yet used.
  We have much more than 75 users total, but 75 is more than the number of users that will probably take advantage of using RD Gateway any time soon.  It will probably take time to catch on.
  If RD Gateway usage was to get super popular and more than 75 users were depending on access to it, then we could financially justify paying to buy all the CALs needed to run RD Gateway without Essentials.  Right now, they are skeptical that it will
  be worth spending much money on this and don't want to invest a lot  of money up front.
  My understanding is that if we have 75 or fewer users using RD Gateway then we need to by no CALs, just apply a Server Standard Edition License to the server, but if we had 76, we would need to turn off Essentials and buy 76 new CALs.
  Or would we need to add 50 CALs to the 25 that automatically come with Essentials?
  Also does "turning off" Essentials mean we would have to reinstall and redeploy the RDG or is it just a matter of enabling the RD license server and adding purchased CALs?
  No, when you buy essentials you get the right to create 25 users that access the server, when you create the 26th user you will need to have 26 CAL and RDS CAL. 

• Wireless Authentication/Security Design questions

  Wireless newbie here...I was required to quicky stand up a wireless deployment at a new warehouse/office building. I have the basic network up and working. My remote AP's have associated with the 2106 in the main office and users can associate and authenticate with the 1130G AP's and can access the office network. I did the basic configs and am now looking to tighten up security. My questions are as follows:
  1) The user clients are Dell Laptops with integrated wireless. They authenticate using LEAP..how do I migrate to EAP or do I need to. I have a Cisco ACS doing RADIUS authentication now.
  2) Should I be using some kind of supplicant client on the laptops?
  3) How do I filter mac's so rogue AP's and rogue clients cant try and associate.
  4) Am I correct in assuming the connections between the 1130 AP's and 2106 are secured and if so do I need to tweak anything to tighten them up?
  5) I have an AP in the main office building that I want to setup to detect rogue AP's. Do I have it associate as a regular AP and push some kind of policy to turn it into a detector?
  I have attached a diagram to help explain. Any help would be appreciated.
  v/r
  Chad

  1. LEAP is a form of EAP, so you must already have something terminating your EAP sessions. The WLC can do this to some extent, or ACS. Which one you chose will be based upon your requirements for manageability, scalability and feature-richness. I would suggest that PEAP-MSCHAPv2 provides a good balance of usability and security, and is significantly better than LEAP.
  2. No, stick with Windows XP SP2 supplicant. This can be configured using domain policy (2k3 SP1 or better) and is pretty good. Just make sure your laptops have new Intel drivers on them. Dell in particular have been quite bad with sending out old drivers in the builds.
  3. MAC authentication is now lergely regarded as a waste of time. It is so easy to spoof a MAC address it's ridiculous, and it's a fair amount of work for the admin(s).
  4. The LWAPP tunnel encrypts all management / config / security related traffic between the AP and WLC, while user data is simply encapsulated in LWAPP, so it can potentially be read if packets are captured.
  5. All APs will do rogue detection, don't really need to have dedicated APs unless you're REALLY paranoid. Main benefit is quicker detection, but drawback is that the 'detector' AP won't serve clients.
  Regards,
  Richard

• 4 tiered security vs. task based security design

  I have recently joined a company that has only FICO implemented.  They are currently ramping up to implement all modules globally.
  The current security model is 4 tiered security approach, in other words, there are 4 single roles which are roled up into a composite depending on what your position is in the hierarch.  For example, an end user AP Clerk will get the basic role and probably one other.  The AP clerks boss would get those 2 roles plus one other role and so on.   Because the security is not very granular,  they have a huge amount of mitigating controls in GRC to pass the yearly audits.
  Most companies I have worked at are changing to a task based security approach to make the security more granular and therefore easier to manage and manipulate (for want of a better word) and possibly eliminate having to create and maintain a huge number of mitigating controls.  Task single roles would be added to a composite per job position.
  My question is, which version would be the SAP best practice approach?  The 4 tiered approach is easier up front but a lot more maintenance going forward.  The task based approach is a lot of work up front but less maintenance going forward.
  No matter what road we take, there may also be derived roles thrown into the mix!

  @Lovin_JV_941794
  The welcome page is public available since it does not have appropriate PageDef file.
  Login page comes not from the welcome page, it comes after attempt to access the test page. So after the login succeeded the test page appears, because redirect to welcome page after successful login is not configured. I do not need to return the welcome page at this moment, I need to go to the test page.
  It seems the task flow call stack to be destroyed after redirect to login page.
  Edited by: user13307311 on Apr 17, 2013 12:45 AM

• Security Design Question Role/ code

  Hi ,
       we are developing a J2EE based application. I've a dilemma
  and couldn;t deceide on which security method to use.
       i. Role based ( using descriptor)
       ii. Code based ( hard coding secruity in program)
  All help appreciated and thanx !
  Venki

  Thanks Cameron, we've figured out our way , sorry for late response.
  Venki
  Cameron Purdy wrote:
  If you can get away with simple role-based security, do it. Depending on how
  complex and configurable the security has to be, you are better off going
  with a specialized security solution. We always suggest Entegrity's
  AssureAccess 2.0 product since they are a partner of ours ;-).
  Peace,
  Cameron Purdy
  Tangosol, Inc.
  Clustering Weblogic? You're either using Coherence, or you should be!
  Download a Tangosol Coherence eval today at http://www.tangosol.com/
  "Venki Seshaadri" <[email protected]> wrote in message
  news:[email protected]..
  Hi ,
  we are developing a J2EE based application. I've a dilemma
  and couldn;t deceide on which security method to use.
  i. Role based ( using descriptor)
  ii. Code based ( hard coding secruity in program)
  All help appreciated and thanx !
  Venki

• Does InDesign have any security features that can be used in a design?

  Our client would like us to create some certificiates which are to be printed using holograms, guilloche and security design patterns, micro text, etc, etc.  I'm of the understanding that this is a specialist field and we would need specific software are there any plugins available for InDesign?

  It's specialised printing equipment.
  You should source your printers first and talk to them about any concerns and design requirements.

• Design for a small but secure installation

  Good afternoon, all!
  My company is starting a migration from dovecot on Linux using OpenLDAP to Microsoft Exchange using Active Directory.  We have fewer than 10 employees,  want to self-host and want a secure design that won't break the bank.  I originally thought
  to have the mailbox server running on one of the two domain controllers and the client access running on a separate server in the DMZ.  I've started to re-think this in favor of two independent servers.
  Is there a design document out there on options for where to place which server in different scenarios? I see lots of information about large enterprise installations but nothing much for the small but secure installation.  Management is set on having
  Exchange in-house, so hosted Exchange, no matter how much "more better" that would be, is not an option.
  May thanks for looking into this!
  Gregg

  Hi Gregg,
  According to your description, I know that you want to migrate to Exchange server on AD from IMAP server.
  If it is the case, I suggest check following articles:
  1. CSV files for mailbox migration 
  http://technet.microsoft.com/en-us/library/dn170437(v=exchg.150).aspx
  Please notice "IMAP migration" session.
  2. CSV files for IMAP migration batches
  http://technet.microsoft.com/en-us/library/jj200730(v=exchg.150).aspx
  Please notice "Dovecot" session of "Format for the administrator credentials for different IMAP severs" session.
  These links applied to both Exchange Online and Exchange On-Premises.
  Exchange Online is held on Cloud by Microsoft. If you want to hold Exchange server by yourself, On-Premises server will be the best choice.
  Hope it is helpful
  Thanks
  If you have feedback for TechNet Subscriber Support, contact
  [email protected] 
  Mavis Huang
  TechNet Community Support

• Proper security structure for Single Sign on Server

  We are all used to how we design security structure for vCenter Server if you have had an existing VMware environment prior to 5.1.  Who should have administrative privileges in vCenter Server, what roles, permissions, and so on should be assigned to what users and groups - these questions have already been addressed in our current configuration.
  Now Single Sign on introduces a significant new point of consideration for determining issues of access and authentication.
  I'd like to get some ideas on how this should be handled.  For example, should previous VMware administrators by definition become Single Sign on Administrators? Should the administrators of the Active Directory domain now start to get involved with the Single Sign on Server?
  For example, Single Sign on now forces VMware administrators to configure things like:
  -Password Complexity Policy for SSO
  -Password Expiration for SSO
  -Lockout Policy
  We already probably have these things tightly controlled in AD and locked down with group policy, but you can't apply group policy directly to an SSO server and make it receive a GPO from Active Directory.  (You can make the Windows OS that SSO is running on have a GPO applied, but it won't configure SSO itself, just the OS).
  VMware admins are looking at a new set of questions relating to authentication and authorization.  Someone has to have written something or will be writing something to help us get the big picture of what is changing with SSO if anything and how we need to look at SSO from a security design and best practices.
  Should we just make existing vCenter Server admins SSO admins or do we need to take a step back and reconsider?

  Hello,
  Actually, yes. SSO is fairly robust in 5.5. It has a few limitations around email of expired passwords, but that is mainly because some people do not use them. I use SSO to provide the usernames and passwords for all my VMware vCenter and related product service accounts. I.e. an account for vdp, Horizon, vCops, Log Insight, etc.  This is more about keeping systems segregated once more with no real need for AD for services. But AD via SSO is used by users.
  Read the documentation, and determine how SSO fits into your current password policy and take a long hard look at your virtualization management environment. Is there a 1 service account per service talking directly to vCenter? If not, SSO can help you implement that. The key is to match its functionality to your security policy.
  Best regards,
  Edward L. Haletky
  VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
  Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
  Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

• How do I change security encryption name on WiFi network so computer will stop kicking me off Internet?

  My Internet provider, Verizon, recently had me update my router to WPA2 encryption.  It was previously WEP.  Now, each time my computer goes to sleep it drops off the Internet and when I click on the Network icon on the top menu bar it asks again which network.  I select it and then a box pops up that says this was previously a WEP network and not a WPA2 - do I want to join.  I click "join" and then get on the Internet, but it is very annoying to keep doing this over and over.  I went into the settings menu for "Network" and tried a number of things to change the network security designation to WPA2 w/o success.  I also tried deleting the current network, restarting my computer and reselecting a network, but that didn't work either.  Verizon walked me through their methods to correct this and it didn't work.  The problem seems to be my computer has not recognized the change.  How can I fix the change to my router?  It seems as though it should be simple, but I can't find it.  I have OSX 10.9.5, Memory 4 GB and Processor 2.5 GHz Intel Core i5.  Thanks for any assistance you can provide.

  Thank you Eric.  This seems to have solved the problem.  Now the only network that shows is my WiFi with the new encryption name.  I appreciate your  help.
  Carol G