Security Services

Security services are necessary to protect sensitive information in the information system. The appropriate level of protection is determined based upon the value of the information to the business area end users and the perception of threats to it. 

To be effective, security needs to be made strong, must never be taken for granted, and must be designed into an architecture and not bolted on afterwards. Whether a system is standalone or distributed, security must be applied to the whole system. It must not be forgotten that the requirement for security extends not only across the range of entities in a system but also through time.

In establishing a security architecture, the best approach is to consider what is being defended, what value it has, and what the threats to it are. The principal threats to be countered are:

• loss of confidentiality of data
• unavailability of data or services
• loss of integrity of data
• unauthorized use of resources

Counters to these threats are provided by the following services:

• Identification and authentication services provide:
  • identification, accountability and audit of users and their actions
  • authentication and account data
  • protection of authentication data
  • active user status information
  • password authentication mechanisms
• System entry control services provide:
  • warning to unauthorized users that the system is security-aware
  • authentication of users
  • information, displayed on entry , about previous successful and unsuccessful login attempts
  • user initiated locking of a session preventing further access until the user has been re-authenticated
• Audit services provide authorized control and protection of the audit trail, recording of detailed information security-relevant events and audit trail control, management and inspection.
• Access control services provide:
  • access control attributes for subjects (such as processes) and objects like files
  • enforcement of rules for assignment and modification of access control attributes
  • enforcement of access controls
  • control of object creation and deletion, including ensuring that reuse of objects does not allow subjects to accidentally gain access to information previously held in the object
• Access control services also appear under the security services heading in the paragraph on Object Services.
• Non-repudiation services provide proof that a user carried out an action, or sent or received some information, at a particular time. Non-repudiation services also appear under the security services heading in the paragraph on Object Services.
• Security management services provide secure system set-up and initialization, control of security policy parameters, management of user registration data and system resources and restrictions on the use of administrative functions.
• Trusted recovery services provide recovery facilities such as restoring from backups in ways that do not compromise security protection.
• Encryption services provide ways of encoding data such that it can only be read by someone who possesses an appropriate key, or some other piece of secret information. As well as providing data confidentiality for trusted communication, encryption services are used to underpin many other services including identification and authentication, system entry control, and access control services.
• Trusted communication services provide
  • a secure way for communicating parties to authenticate themselves to each other without the risk of an eavesdropper subsequently masquerading as one of the parties.
  • a secure way of generating and verifying check values for data integrity.
  • data encipherment and decipherment for confidentiality and other purposes.
  • a way to produce an irreversible hash of data for support of digital signature and non-repudiation functions.
  • generation, derivation, distribution, storage, retrieval and deletion of cryptographic keys.

Security services require other software entities to co-operate in:

• access control for resources managed by the entity
• accounting and audit of security relevant events
• the import and export of data
• and potentially all other security services depending on the particular implementation approach

Security services are one category where a wide view is particularly important, as a chain is only as strong as its weakest link. This is one category of services where the external environment has critical implications on the application platform. For instance, the presence of a firewall may provide a single point of access onto a network from the outside world, making it possible to concentrate access control in one place and relax requirements behind the firewall.

Copyright © The Open Group, 1998, 2000