User guide
Interstage Management Console and Interstage Operation Tool
1-3
Possible Security Risks to Resources
The following describes possible security threats during operation of the Interstage Management
Console and the Interstage Operation Tool.
Table 1-2 Possible Security Risks to Resources
Resource Possible threat
User authentication
- Exploitation of user IDs and passwords
- Decryption of user IDs and passwords
Definition file for Interstage HTTP Server
- Tampering with data recorded in the file
- Exploitation of information recorded in files
- Damage to files
Definition file for the Interstage Operation
Tool
- Tampering with data recorded in the file
- Exploitation of information recorded in files
- Damage to files
Countermeasures Against Threats
The following table lists possible countermeasures against security risks.
Table 1-3 Countermeasures
Possible threat Countermeasures
Decryption of User IDs and Passwords
- Constraint on the user ID and password
Exploitation of user IDs and passwords
- Setting the expiration date of the user ID and
password
Tampering of data recorded in the file
- Setting access permissions on the file storing the
information
- Periodic data backup
Exploitation of information recorded in files
- Setting access permissions on the file storing the
information
Countermeasures Against Decryption of User IDs and Passwords
In an environment open to the public like the Internet, user IDs or passwords may be decrypted on their
transmission route. The Interstage Management Console and the Interstage Operation Tool implements
encryption of user IDs and passwords, but it is still possible for them to be decrypted. To minimize this
risk, set expiration dates on user IDs and passwords and change them periodically.