4.3 Considering the configuration of a secure system
This section describes the configuration for a secure system. In its consideration of a secure system, this manual makes the following assumptions:
-
The system is running continuously and is used within a large company.
-
All system components are deployed on an internal LAN.
-
A user uses a Web browser from an internal client terminal to use services provided by the system.
-
To use services from such a client terminal, the user is required to log in. A user who is not registered in the system cannot use a service.
The figure below shows the configuration of the system.
|
These system components are described below. For the definitions of System administrator, System operator, Auditor, and end-user that appear in the following description, see 4.4 Considering the users of the system.
- Server area
-
This area is a physically isolated space used to manage hardware. The hardware within the server area is managed by the System administrator. Only the System administrator, the System operators, and the Auditor are allowed to enter the server area.
- Application (AP) servers
-
An application server is a machine running a Web server, a service-providing J2EE application, and a server program necessary to run the J2EE application. Multiple application servers are installed in the server area, and the load between the servers is balanced by a load balancer.
- Database
-
This is a database machine that stores user information and information processed by services. It is installed in the server area.
- Audit log server
-
The audit log server collects audit logs for auditing. Only the Auditor can use this server. It is installed in the server area.
- Management server
-
The management server is a machine running a management program that manages the application servers. It is used by the System administrator to configure the system and by System operators to operate the system. It is installed in the server area.
- Load balancer
-
The load balancer is a machine that is used to balance load if multiple application servers are installed. It is installed in the server area.
- Firewall
-
Firewalls are installed between the server area, the internal LAN, and the external Internet.
- Client terminal
-
A client terminal is used to access the services provided by the system. An end-user uses a Web browser on a client terminal to access an application server via an internal LAN.