6.4 Security Considerations

The administration of all the security policies and the security configuration is the basis for the successful use of any security products, enforcement of a security model, and successful use of deployment topologies. For example, if users are required to authenticate with user ID and password to an enterprise system, user registries must require that passwords be changed periodically.

The SSL protocol guarantees that the keys used during the handshake belong to the respective end points. Typically, certificate validity is performed by the SSL implementation. In other words, the SSL implementation is responsible for ensuring that the certificate has not expired , been revoked , and so on (see Section 10.3.4 on page 372). Some implementations of SSL go a step further to check whether that end point is the one that was originally given those keys; for example, those SSL implementations check whether the Domain Name Service name of the host making the connection matches the name in the certificate that is used.

Wherever SSL connections are established, the keystores must be administered securely. It is a good practice to generate certificates for internal use. Typically, these certificates are issued by a Certificate Authority specially established for a particular enterprise. Also, in systems in which certificates are used either to authenticate or to establish an SSL connection, certificates should be validated against certificate revocation lists.

It is important to understand that the security of an enterprise is not just about topology, secure communication, authentication, and access control. Enterprise security is also about administration of security policies and responsibility of the people who perform the administration. Technology provides tools to enforce the security policies. Any planning of security must also consider the trustworthiness of the administrators who manage the enterprise systems.