Security Methodology

Security Policy: A security policy is the overall system of how you secure your data. It is generally built from are two general methodologies - Open and Least Privilege.

Open - Everything is safe unless it is deemed unsafe.

An open security policy is where you start with full (or nearly full) access and disable what you consider to be a threat. Most of the machines on campus use this security policy.

For example on the student cluster everyone on campus gets an account and there are safeguards in place to keep users from using too many resources (cpu limits, disk quotas, auto logout, etc.) Those machines allow logins from almost anywhere. Many utilities or programs that have known security holes have been replaced with "safe" versions or removed completely (ie, sendmail, bind, ping.) When new holes are discovered the system managers must race to plug the hole before it is exploited.

Using this method it is much more difficult to ensure a secure system because you never know if a hole exists until it is discovered.

Least Privilege - Everything is unsafe unless it is deemed safe.: The idea behind the Method of Least Privilege is you turn off everything and only turn on what is necessary to get the job done. Some highly sensitive machines on campus (DNS, kerberos, time, ph, etc) and most companies use this methodology for security. Some servers can only be reached from certain hosts and only if the user has certain credentials (which we will discuss later.); Most companies accomplish this methodology by installing a firewall and blocking all external traffic except that which is necessary for the company to operate. More on firewalls later.; This method is much easier to enforce and usually much less stress for the security officer. The disadvantage is that it generally makes it harder for the user to get stuff done.