HP OSMS white paper: Security of Open Source Middleware Stacks
Table of Contents
Introduction..............................................................................................................................................5
Executive Summary..............................................................................................................................5
Intended Audience...............................................................................................................................5
Scope and Purpose ..............................................................................................................................5
White Paper Organization...............................................................................................................6
HP Services..........................................................................................................................................6
Defining Security.......................................................................................................................................7
Computer Security Review.........................................................................................................................7
Background.........................................................................................................................................7
Areas of Concern..................................................................................................................................8
The Security Policy...............................................................................................................................8
Steps for Securing Computer Systems..................................................................................................10
Essential Security.....................................................................................................................................11
Known Versus Unknown Attacks ........................................................................................................11
Keeping Systems Updated...................................................................................................................13
The Vulnerability Life Cycle...........................................................................................................13
Tracking Vulnerability...................................................................................................................15
Making Configurations Secure.............................................................................................................16
Addressing Configuration Weaknesses...........................................................................................17
Automating Secure Configurations.................................................................................................19
Additional Best Practices.....................................................................................................................20
Use a Firewall...............................................................................................................................20
Use Secure Communications..........................................................................................................21
Use Layered Security.....................................................................................................................21
Test Your System...........................................................................................................................22
Never Assume the System Is Secure................................................................................................22
Advanced Security...................................................................................................................................22
Intrusion Management........................................................................................................................23
Advanced Access Control....................................................................................................................23
Access Control Background...........................................................................................................24
Access Control Models..................................................................................................................24
Linux Security Modules.................................................................................................................25
SELinux........................................................................................................................................25
AppArmor....................................................................................................................................25
Comparing AppArmor with SELinux.............................................................................................25
Monitoring and Forensic Tools.............................................................................................................26
Conclusion ..............................................................................................................................................26
Glossary..................................................................................................................................................26
Table of Contents 3