A successful security implementation can be difficult in a client/server environment due to the many processing layers that must be secured:

■ Client workstation. Historically, this has been a personal computer that has weak controls restricting who has access to programs and files. However, with the introduction of operating systems such as Microsoft's Windows NT Workstation, the controls available are rivaling the level of security available on a mainframe.

■ Application. This level of security typically controls the menus and fields that a user is able to access. The levels of access are typically read, update, and delete.

■ Network. This deals with securing activity on the network. Tools such as network sniffers are available to read and alter data that is transmitted over the network. There are typically two types of network controls used to prevent inappropriate disclosure or alteration of data. The first is restricting access to segments or areas of a network. This is usually done with firewall systems or screening routers that restrict traffic based on source and destination addresses. Internet connections should be controlled by firewalls. The other method for securing network traffic is encryption. This prevents the ability to read or alter data going across the network. At a minimum, passwords should be encrypted.

■ Server. Servers typically control who can log on to the network and who can access databases and files on the network. Server security is the most common type of security used in a local area network. Access to the network is typically controlled through a userid and corresponding password. Access to files is then granted based on the assigned user or group id. Most servers provide for logging security administration and violation activity. In large client/server systems, a mainframe is performing the server function.

■ Database. The database system can also perform security functions, requiring a userid and password and then assigning access to data based on the user or group id. In addition, databases can log security administration and violation activity.

Coordinating multiple levels of security is difficult, and many systems introduce security weaknesses by ignoring access controls on certain platforms or scripting logons on platforms that can be easily circumvented. Another typical problem with client/server systems is that they are cumbersome, requiring multiple logons with multiple userids and passwords.

Ideally, the application should be designed with a single sign-on that controls access on the application, workstation, server, and database systems, along with network controls that restrict access to the appropriate segments of the network and encrypt sensitive traffic.

Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook

Post a comment