Secure ASP's best security practices
Introduction
The primary goal of security management is to ensure the level of confidentiality, integrity, and availability between the ASP and the customer defined in the SLA. Best practices can show the ASP how to ensure that security objectives are met.
Key security benefits for Active Directory
With Active Directory Services, ASPs can better provide the appropriate security for both internal and external customers. In essence, Active Directory is the central location for ASP security policy and account information.
ASP can use active Directory security features to customize ASP security policies, protect systems from unauthorized access, and avoid possible losses. Active Directory provides a wide range of security benefits. These include:
Log on to a domain at a one-time
Support for standard Internet security protocols
Ability to delegate administration of users and objects in the domain to others
One-time login
In an ASP with multiple directory services, users and customers may require multiple logons to access different network resources. Active Directory changes this unnecessary duplication by providing a one-time login for resource access. Once a user logs on to a domain controller, all network resources are authorized or denied access based on the results of this logon. A one-time login provides secure authentication for encrypting a session with the network. The logon process typically uses the Kerberos authentication protocol, which we will discuss later in this article. Because data security is started when a customer or user logs on, a one-time login reduces the threat of security breaches because customers and users do not need to write multiple passwords. In addition, because all accounts are unified in one place in Active Directory, you can have more control over the management of accounts.
Group Policy inheritance and local settings
The AD container in the ASP environment has a hierarchical structure. Some containers can be considered to be "parent" containers for other containers. Group Policy has inheritance, that is, it can be passed from the parent container to the following child container. When you assign a group Policy to a parent container, the Group Policy also applies to all containers under the parent container. If you change the settings for a child container, you can override the settings passed by the parent container. If the child container and the parent container's Group Policy settings are incompatible, the parent container's settings are not inherited, and the user receives only the child container's Group Policy settings.
In the inheritance process, you can make changes to a specific container that automatically affects all subordinate containers and their objects. For ease of administration, it is recommended that you define permissions on high-level containers, such as high-level folders. In this way, these permissions are automatically passed to objects within that folder.
Support for Internet standard authentication protocols
Active Directory services provide support for several authentication methods, such as Internet Standard protocol Kerberos, public Key Infrastructure (PKI), and Lightweight Directory Access Protocol (LDAP) on the Cryptographic Sockets Layer (SSL). Support for these protocols means that network resources are protected regardless of whether the user is connected internally or over the Internet.
Secure authentication and network protocols
Windows typically uses the Windows NT LAN Manager (NTLM) protocol for network authentication. ASP enhances security by leveraging several enhanced authentication methods and network protocols such as Internet Standard protocol Kerberos, public key infrastructure, virtual private network (VPN) using IPSEC, and Secure Sockets Layer (SSL). Windows 2000 provides support for these protocols.
Advantages of Kerberos Authentication:
Quick connections. With Kerberos authentication, the server does not have to turn to a domain controller. It verifies the identity of the customer by checking the credentials provided by the customer. Customers can obtain credentials for a particular server at a time and reuse it throughout the ASP logon session.
Mutual authentication. NTLM allows the server to authenticate the identity of its customers. It does not allow a client to authenticate the identity of the server, nor does it allow one server to authenticate another server. NTLM authentication is designed for the network environment, assuming that the servers in the environment are true. The Kerberos protocol does not make this assumption. The ASP and customer at both ends of the network connection can know who the other end is claiming to be.
The delegated authentication. When a resource is accessed on behalf of a client, the Windows service is modeled as a client. In many cases, a service can complete its work for a client by accessing resources on the local computer. Both NTLM and Kerberos provide the information that a service needs to impersonate its client locally. However, some distributed applications are designed to do this: when connecting to back-end services on other computers, the front-end service must impersonate the client. The Kerberos protocol has an agent mechanism that allows a service to impersonate its client when it connects to another service.
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI) is a new emerging standard that is used to authenticate users by using digital certificates. PKI uses three technologies to provide protection from security breaches: Digital envelopes, digital signatures, and digital certificates. These technologies are often used for Extranet and ASP solutions. Examples of PKI can be used:
Secure email
Based on PK, secure e-mail products (including Microsoft Exchange) are accomplished by using PK technology:
Digital signatures, used to prove the source and reliability of e-mail
A large amount of encryption without a preshared password used to keep confidential between the communicator
Operations, these systems use the user's private key to add a digital signature to the sent e-mail message. The certificate and the e-mail message are sent together so that the recipient can verify the signature. S/MIME defines a configuration file for these certificates to ensure interoperability and a hierarchical model to provide scalable trust management. To encrypt an e-mail message, a user can obtain the recipient's encryption certificate from a previous e-mail or directory service. Once the certificate is validated, the user can encrypt the e-mail message by using the included public key to encrypt the key used.
Confirm/Encrypt File system
Windows 2000 Encrypting File System (EFS) supports transparent encryption and decryption of files stored on disk in Windows NT file System (NTFS). Users can specify individual files to encrypt or folders that need to be encrypted in their contents. An application can access a user's encrypted file as if it were unencrypted. However, they cannot decrypt any other user's encrypted files.
PKI and UPN
Windows Business PKI performs a security service that uses certificate information to map to an account stored in Active Directory to determine the access rights of authenticated customers. The directory operation can be performed according to the user principal name (UPN) in the certificate, or by searching for an account in the directory that matches the attributes, issuer, or issuer and subject in the client certificate. If the UPN does not match, or the issuer is not authorized to issue a certificate for domain authentication, the user can log on. In this way, it enhances the security of the login.
Secure Web via SSL
The Cryptographic Sockets protocol layer (SSL) protocol relies on the authentication technology based on PK and generates a unique encryption key for each client/server session using the PK-based key negotiation. They are most often associated with web-based applications and HTTP protocols (called HTTPS).
The ASP can use the SSL protocol for confidential network communication by using an encrypted secure SSL channel. The server and the client negotiate for the cryptographic algorithm to be used. They also negotiate a confidential shared session key for secure communication. If the customer does not have a valid trusted authentication certificate, which reduces the risk of a denial-of-service attack, the ASP can use SSL to prevent (possible) customers from communicating with the ASP solution. You can also use the SSL protocol to protect access to all WEB traffic to protect confidential information, such as personal information and credit card numbers.
Virtual Private Network (VPN)
VPN Technology uses the Tunneling Protocol, which enables an ASP to establish a dedicated data network on the public Internet. In other words, VPN enables the ASP to reduce costs by securing tunnel client communications through shared pipelines.
