|Topic||HOWTO: xmlBlaster Security Introduction|
Information security became over the years a more and more important topic. First, it was of interest only for military and secret service organisations. But the more information systems like computers concern everybodies life and these systems become interconnected, the higher is the importance of security for everyone. It doesn't matter if it is the army, a commercial organisation or even a private user, security is an essential topic.
What is Security?
After the dozens of books written on the subject, it's hard to
understand that a common definition of security doesn't exist.
In this context confidentiality and integrity are defined as:
Both are the primary goals of security. To reach them, it is often necessary to reach subsequent goals. These additional goals are often called secondary goals. Examples are:
Some of them seem to be incompatible (e.g. accountability and anonymity), but all are more or less important for a secure system. This shows two things:
The voting system has a slightly different understanding of security. In addition, it must ensure that everybody has only a single vote. Everybody must be accountable for its actions. But this collides with the voters desire of anonymity. Both are not compatible without lowering one's sights.
The xmlBlaster security system should address the main aspects of security as mentioned above. But because of the fact that a 100% secure system, covering all issues won't be me more than a nice illusion. A security serving system for the xmlBlaster cannot be more than model and a framework. Its main goal is to support all actions (in general: intercepting the flow of actions and information) required by the real implementation of software components (called 'plugins') to enforce the respective meaning of security.
(Session, Subject, Right, Role, Group, Security, Identity, Authentication, Authorization, Access Control (AC), Message Protection, ...)
NOTE: Configuration parameters are specified on command line (-someValue 17) or in the
xmlBlaster.properties file (someValue=17). See requirement "util.property" for details.
|See REQ||SOCKET based SSL protection|
This page is generated from the requirement XML file xmlBlaster/doc/requirements/security.introduction.xml
Back to overview