RSS feed]project-open[ provides an unprecedented level of security by combining the power of the open-source model with the resources provided by large IT corporations.
]project-open[ features a fine-grained, role-based and flexible permission scheme, allowing to configure access permissions to critical information sources based on roles or profiles of users, including external project members such as freelancers or customer employees.
The underlying OpenACS online-community platform runs on TCL, an interpreted scripting language. This architecture effectively eliminates the possibility of buffer overflows, the #1 reason for security vulnerabilities.
]project-open[ web services are provided using AOLServer, a leading Internet and application server for large online communities. AOLServer provides a much higher degree of security compared to popular web servers such as Apache or Internet Information Server because of this origins as the platform of America Online and the fact that AOLServer is not popular in the home user segment. This makes it less attractive to virus and worm writers.
The underlying operating system SuSE Linux 8.2 Professional is equipped with "Yast Online Updates" (YOU) provided by SuSE. YOU automatically update the operating system every night, providing a sound measure against the continuously appearing software vulnerabilities Open-Source Security Security in Open-source is based on a large community of software developers as opposed to the secrecity of closed-source software.
The goal of computer security is to avoid:
of the data stored in a computer system.
The loss of data can be avoided by regular data backups. The other three elements (false creation, alteration or unauthorized distribution) are related to Internet Security.
Security is like a chain that breaks at its weakest point. The pieces of the chain consist of:
Below we are going to explain you how we take car for each of these pieces of the chain. But first it is important to understand the nature of security threads.
The vast majority of security-related damage is caused by unhappy or ex- employees. This may sound surprising, but your sales data for example are not very attractive to a regular Internet hacker.
The second largest source of damages is due to errors of system administrators (and not related to Internet security at all).
Internet security only ranks third and fourth in the list of threads, due to worms and trojans at the third place and Internet hackers at the fourth.
 |
Security risks:The cost is damage x frequency |
What is the damage to you if your sales data get into the hands of your competitors? Where are the most likely sources? How would you try to steal the sales information of your competitors?
]project-open[ features a fine-grained, role-based and flexible permission scheme, allowing to configure access permissions to critical information sources based on roles or profiles of users, including external project members such as freelancers or customer employees.
The underlying OpenACS online-community platform runs on TCL, an interpreted scripting language. This architecture effectively eliminates the possibility of buffer overflows, the #1 reason for security vulnerabilities.
"AOLserver is the backbone of the largest
and
busiest production environments in the world"
www.aolserver.com
]project-open[ web services are provided using AOLServer, a leading Internet and application server for large online communities. AOLServer provides a much higher degree of security compared to popular web servers such as Apache or Internet Information Server because of this origins as the platform of America Online and the fact that AOLServer is not popular in the home user segment. This makes it less attractive to virus and worm writers.
