| |
| |
LinuxWorld: Business/Legal Issues: Web Security for Business:
Verifying and Storing Customer Data In a Secure Manner, August 29, 2001
Introduction (Slide Two)
- Hello World
- What will be covered:
- Common issues in securing back-end data transactions.
- A concept network layout to solve these issues.
- Implementation of this concept network using Open Source Software.
Introduction (Slide Three)
- What won't be covered:
- Configuring all software used in this network implementation.
- How various network protocols work.
Disclaimer (Slide Four)
- It should be noted that this presentation does not cover all of the issues in securing networked based machines and the contents thereof. It is designed only to introduce basic concepts and offer one possible solution.
Our Problem (Slide Five)
- To implement an e-commerce site such that a back-end database and credit card verification system are removed as far away as possible from attack while at the same time keeping a flexible network design and without imposing undo limitations on functionality.
Our Solution (Slide Six)
- To use Proxy and SSL technology to create a virtual private network that will allow us to pass vital data from a front-end web server to a back-end database and credit card verification system.
The VPN will allow us to transmit the data securely and verify that the data came from our front-end server, before storing in our database and/or continuing further verification steps such as credit card authorization.
The Open Source Software (Slide Seven)
- Linux Operating System for Firewall, Servers
- Apache Web Server
- mod_ssl
- mod_proxy
- Postgres Database
Red Hat Equivalent (Slide Eight)
- Red Hat Linux
- Stronghold Secure Web Server which Includes:
- Red Hat Database
- Postgres
- CCVS
Network Topology (Slide Nine)
Network Topology (Slide Ten)
Network Topology (Slide Eleven)
Creating Our VPN (Slide Twelve)
- Create our Virtual Private Network using Apache, mod_ssl and mod_proxy on the front-end server to communicate with Apache and mod_ssl on back-end servers
- Authentication using SSL protocol
- Encryption using SSL protocol
Configuration (Slide Thirteen)
- Mercury our Front-End Apache Web Server
Configuration (Slide Fourteen)
- Venus Our Back-End Postgres Database Server with an Apache Interface
Configuration (Slide Fifteen)
- Earth Our Back-End CCVS Server with an Apache Interface
Configuration (Slide Sixteen)
- Mercury's Digital Certificate to Authenticate Itself:
Configuration (Slide Seventeen)
- Venus & Earth's Requiring Mercury to Authenticate Itself:
Network Topology: Result (Slide Eighteen)
Problem & Solution (Slide Nineteen)
- To implement an e-commerce site such that a back-end database and credit card verification system are removed as far away as possible from attach while at the same time keeping a flexible network design and without imposing undo limitations on functionality of the e-commerce site
- Using Proxy and SSL technology design into the open source web server Apache to pass vital data from a front-end web server to a back-end database and credit card verification system.
Citation (Slide Twenty)
- Engelschall, Ralf User Manual mod_ssl Version 2.8 Jan. 2001 <http://www.modssl.org/docs/2.8>
- Red Hat, Inc. (2000). Administration Guide: Stronghold Secure Web Server 3.0 Oakland: Red Hat, Inc.
Acknowledgments & Suggested References (Slide Twenty One)
- Red Hat's Stronghold Team
- This Presentation:
- Introduction to Apache, SSL Protocol:
Acknowledgments & Suggested References (Slide Twenty Two)
Acknowledgments & Suggested References (Slide Twenty Three)
|
|
|
| |
The isolation of every human soul and the
necessity of self-dependence must give each
individual the right, to choose his own
surroundings. The strongest reason for giving
woman all the opportunities for higher
education, for the full development of her
faculties, forces of mind and body; for giving
her the most enlarged freedom of thought and
action; a complete emancipation from all forms
of bondage, of custom, dependence,
superstition; from all the crippling influences of
fear, is the solitude and personal responsibility
of her own individual life. The strongest reason
why we ask for woman a voice in the
government under which she lives; in the
religion she is asked to believe; equality in
social life, where she is the chief factor; a place
in the trades and professions, where she may
earn her bread, is because of her birthright to
self-sovereignty; because, as an individual, she
must rely on herself. No matter how much
women prefer to lean, to be protected and
supported, nor how much men desire to have
them do so, they must make the voyage of life
alone, and for safety in an emergency they
must know something of the laws of navigation.
To guide our own craft, we must be captain,
pilot, engineer; with chart and compass to
stand at the wheel; to match the wind and
waves and know when to take in the sail, and to
read the signs in the firmament over all. It
matters not whether the solitary voyager is
man or woman. Nature having endowed them
equally, leaves them to their own skill and
judgment in the hour of danger, and, if not
equal to the occasion, alike they perish. To
appreciate the importance of fitting every
human soul for independent action, think for a
moment of the immeasurable solitude of self.
From: Solitude of Self, Elizabeth Cady Stanton
|
|
|