When approaching the design of a secure system, it is necessary to clearly determine what types of resources or data handled by the system need to be protected.

For the example system given in this section, it is determined that, among the types of resources or data handled by the system, the following need to be protected:

• User information of system administrators
• User information of end-users
• Configuration files used for system configuration
• J2EE applications
• Information sent by end-users and processed by J2EE applications during service use
• Audit logs

For those resources determined to require protection, it is necessary to take some measures including access permission control. For details about such measures, see 4.8 Considering countermeasures.