Security Measures for the EJB Service
2-13
Possible Threats to Resources
The following countermeasures can defend EJB Service against security invasion.
Table 2-2 Possible Threats to Resources
Resource to be protected Threats
Environment definition file of EJB
Service
Tampering of information
Exploitation of information
Damage to data
Damage to files
Application folder Tampering of information
Exploitation of information
Damage to data
Damage to files
Exploitation of passwords
Countermeasures Against Threats
The following countermeasures can be used to minimize security risks for the EJB Service.
• Operation confined to authorized users
• Periodic backup
• Use of SSL encryption
Confining Operation to Specific Users
Confining operations to a limited set of users can be an effective defense against following threats:
• Tampering of information
• Exploitation of information
• Damage to data
• Damage to files
• Exploitation of passwords
Operation confined to specific users implements the following two procedures:
• Selection of the users
• Change of access permission to the protected resources
Commentaires sur ces manuels