Security
In order to support e-commerce applications, the operating system and the Web application environment that it supports must be able to support secure communication. Security for Web applications centers on the following areas:
Access Control. Used for controlling which files clients can access.
IP Security. Used to restrict access to specific IP addresses or domains.
Authentication Methods. Used for identifying individual users.
Encryption. Used to support for the encryption of information across a network.
Because Solaris 8 does not provide an integrated solution for Internet services, the available security options rely on the capabilities of the Web server software used. When using Sun WebServer or the iPlanet Web Server, Solaris provides very good all-round security. Authentication on both systems is either via a local registration database or integrated into the Solaris Directory Server product using the Lightweight Directory Access Protocol (LDAP).
The authentication systems in both optional products provide basic and encrypted authentication, in addition to certificate-based authentication. The iPlanet suite also includes a certificate server and management system for deploying and controlling authentication using the certificate system.
Solaris 8 access control either uses built-in authorization tables or can be integrated into an LDAP service. However, the configuration of the access control system is in addition to the permissions configured for each file and directory on the physical file system. The lack of integration complicates the process and risks rendering entire Web sites unavailable if the file system permissions are modified.
Solaris 8 includes support for both 40-bit and 128-bit Secure Socket Layer (SSL) encryption and is included in both the WebServer and iPlanet applications. Solaris 8 supports integration with the operating system but only if you also choose to use the Sun Directory Server as the authentication system for user logins. In addition, both SDS and the iPlanet Directory Server offer unified authentication across Internet services, allowing for a single login/password combination for e-mail, Web, and group collaboration.
Windows 2000 uses the Active Directory service as the core for all authentication and control when supporting Internet services. Active Directory is an integrated part of the operating system, recording not only information about users and accounts, but also directory information for services and resources across the entire network. For compatibility, Active Directory can also be accessed using LDAP protocols.
A user can be configured with a single account that provides access both to Internet services and other services hosted by the network including shared files and printers. This means that users can have a single login that grants them access to all of the facilities provided on the network.
The same Access Control Lists (ACLs) that govern the underlying file system handle access control to individual Internet services. Modifying file access within the file system modifies access to the file over the Internet. The use of a single access control mechanism reduces the need for duplication of the information across both the internal and external systems.
For e-commerce, Windows 2000 supports the 40-bit and 128-bit SSL protocols in addition to Server Gated Cryptography, a common standard used for online transactions with financial institutions. To further restrict access, IIS 5.0 supports IP level security for restricting access by IP address, domain name, or a combination of the two.
Windows 2000 Datacenter Server also supports Winsock Direct. The standard Winsock (Windows Sockets) system provides the TCP/IP stack used to support Internet services. Winsock Direct is an extension of Winsock that provides System Area Network (SAN) support and improves significantly on the performance of the TCP/IP services. Using SANs is similar to LANs, but a SAN is physically secure and offers higher bandwidth with lower latency than a typical LAN. Reliability is built into SAN hardware, ensuring that packets are routed correctly and efficiently through the network.
Traditionally, the use of SANs required special drivers and libraries that would communicate directly to the SAN hardware. A thorough knowledge of the proprietary technology being used to support the SAN was also required. Using Datacenter Server with Winsock Direct, you don’t need special programming -- existing TCP/IP applications will run unmodified over SANs. As a result, you can start using a SAN for your internal network – for example, as a bridge between the Web and database servers. This offers you increased security without sacrificing availability or reliability.
Under Solaris, there is support for SAN technology, but special tools must be devised or you may have to spend time redeveloping your application to support communication over SAN instead of LAN hardware. Although this can be factored into the equation during the initial development phase, it’s likely to increase and complicate the development of your application.
Both the Windows Active Directory service and the Solaris and iPlanet Directory services support multiple databases allowing for authentication to be spread across multiple domains. However, in Solaris the partitions are physically separate. Windows 2000 uses the same unified directory structure for all the domains that it controls.
For network-wide searches, Solaris uses a referral system to forward an individual search across each physical partition. This increases the time to search for authentication information across individual LDAP directories and servers. Because Active Directory uses a single database, searches across multiple domains occur concurrently.
Solaris 8 supports replication of the LDAP database using a master/slave model. For each database there is one master directory that can be replicated onto multiple slaves. Synchronization takes place either on a manual basis or at specific intervals. Because there is only one master server, Solaris relies on the integrity of one machine in the network to provide authentication services. With Active Directory all servers are peers. There is no single Active Directory-based server that is responsible for holding the core information for the entire network. In the event of a security breach or hardware failure, a server can be taken off-line and immediately replaced with a new server that duplicates the Active Directory information from its peers.
Because the synchronization process for Active Directory is automatic and two-way, updates on a local server will also update the security records on the other servers sharing the same Active Directory service. Since all the machines within the network use the same unified directory, they can all individually authenticate requests. This is especially useful in a distributed environment because it ensures that authentication provides access to the entire network.
A summary of the security features offered by each operating system is shown in Table 6 below.
Table 6: Internet Security Comparison
|
Service
|
Solaris 8
|
Windows 2000
|
Authentication Services
|
Y
|
Y
|
Encrypted Authentication
|
Y
|
Y
|
Certificate-Based Authentication
|
Y
|
Y
|
SSL Encryption (40-bit)
|
Y
|
Y
|
SSL Encryption (128-bit)
|
Y
|
Y
|
Access Control
|
Y
|
Y
|
IP-based Security
|
Y
|
Y
|
Transparent SAN Support
|
N
|
Y
|
LDAP Authentication/Integration
|
Y
|
Y
|
OS Authentication Integration
|
N
|
Y
|
Unified OS/Internet Access Control
|
N
|
Y
|
|