Stepping stone (computer security)
- Stepping stone (computer security)
A stepping stone (StSt) is a type of computer security measure which consists of placing several logical security systems used as authentication servers in a serial disposition to emulate a physical narrow channel like a physical path formed by stones used to cross a river. Using this system it is possible to apply a granular control over each system acting as a 'stone' establishing so different risk levels as so many systems which it have been placed. I.e. If we need grant to a user access to an OpenSSH server to execute an application in a high security environment we could put a front-end system such as a Sun Solaris with Citrix Metaframe in the 1st security layer. Behind a MS Terminal Services with a SSH Client. thirdly, the last layer based on a Linux System with an OpenSSH Server which will grant access to the final application. Every system could to have a common secure system to log on as RSA SecureID, X.509 certificates based, challenge/response systems, etc. or a mixture of them. It will depends on the risk analysis over the environment treated. This computer security practices makes difficult the system usability and is hard to maintain so only should be implemented in high security environments. This practices could be considered as part of well known security principle:Security In-Depth, in this case, applied to the access control, adding logical barriers and trenches, composed by diverse authentication systems.
Wikimedia Foundation.
2010.
Look at other dictionaries:
Stepping stone — Stepping stone(s) can refer to: * Stones placed across a shallow river to form a step stone bridge so people can step from each to the next and so cross the river without getting their feet wet: see * Stones or shaped concrete blocks (aka pavers… … Wikipedia
computer — computerlike, adj. /keuhm pyooh teuhr/, n. 1. Also called processor. an electronic device designed to accept data, perform prescribed mathematical and logical operations at high speed, and display the results of these operations. Cf. analog… … Universalium
Glossary of contract bridge terms — These terms are used in Contract bridge[1][2] , or the earlier game Auction bridge, using duplicate or rubber scoring. Some of them are also used in Whist, Bid whist, and other trick taking games. This glossary supplements the Glossary of card… … Wikipedia
education — /ej oo kay sheuhn/, n. 1. the act or process of imparting or acquiring general knowledge, developing the powers of reasoning and judgment, and generally of preparing oneself or others intellectually for mature life. 2. the act or process of… … Universalium
ancient Greek civilization — ▪ historical region, Eurasia Introduction the period following Mycenaean civilization, which ended in about 1200 BC, to the death of Alexander the Great, in 323 BC. It was a period of political, philosophical, artistic, and scientific… … Universalium
Sony BMG — Music Entertainment Former type Joint venture Industry Music Entertainment Fate Sony buys … Wikipedia
Mac OS X v10.5 — Infobox OS version name = Mac OS X v10.5 Leopard family = Imac logo size = 60px caption = Screenshot of Mac OS X v10.5 Leopard developer = Apple Inc. website = [http://www.apple.com/macosx/ www.apple.com/macosx/] source model = Closed source… … Wikipedia
Malaysia — /meuh lay zheuh, sheuh/, n. 1. a constitutional monarchy in SE Asia: a federation, comprising the former British territories of Malaya, Sabah, and Sarawak: member of the Commonwealth of Nations. 20,376,235; 126,310 sq. mi. (327,143 sq. km). Cap … Universalium
Open source software — (OSS) began as a marketing campaign for free software [cite web archiveurl=http://web.archive.org/web/20060423094434/www.opensource.org/advocacy/faq.html title=Frequently Asked Questions |publisher=Open Source Initiative archivedate=2006 04 23… … Wikipedia
Address space layout randomization — (ASLR) is a computer security technique which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process s address space. Benefits Address… … Wikipedia