Hitachi

uCosminexus Application Server Security Management Guide

4.8.3 Secure system behavior with the countermeasures implemented

This subsection describes the behavior of a secure system with the countermeasures implemented.

The figure below outlines the behavior of the system when the countermeasures are implemented. Each countermeasure shown in this figure corresponds to one described in 4.8.2 Countermeasures to be implemented against expected threats.

Figure 4‒3: System administrator operations and system behavior

[Figure]

The behavior of a system in which the countermeasures shown in this figure are implemented is described below for each user type.

Organization of this subsection

(1) System administrator and System operator operations, and system behavior

The operations of the System administrator and System operator and the system behavior are outlined below.

System administrator's operations

  • Uses Smart Composer functionality commands to configure the application server. However, for setup work for J2EE applications, resources, etc., server management commands are used.

  • Deploys and starts the application in which the user identification and authentication functions, the access control function, and the audit log function are implemented.

System operator's operations

Uses Smart Composer functionality commands to operate the system. However, for log collection in the case of an error, the snapshotlog command is used.

System behavior

Creates an audit log entry for each operation performed by the execution of a command.

Tip

Some commands do not create an audit log entry. Before using a command, check whether it creates an audit log entry. For details about the commands that create audit log entries, see Chapter 6 in the uCosminexus Application Server Operation, Monitoring, and Linkage Guide.

To Page Top

(2) End-user operations and system behavior

System (J2EE application) behavior and end-user operations for using system-provided services are outlined below.

End-users' operations

Uses a Web browser on a client terminal to send an HTTP request to the application server.

System (J2EE application) behavior

  • Identifies the user information included in the HTTP request to authenticate the user.

  • Uses the Access Control function to check whether the authenticated user has permissions.

  • Executes the J2EE application service in accordance with the requests permitted by the Access Control function.

  • Compiles an audit log during processing.

To Page Top

Trademarks

All Rights Reserved. Copyright (C) 2022, Hitachi, Ltd.