Aujas US

An IDG Ventures Company

Converged Identity and Access Management

Access managementPart 3 in the Converged Identity and Access Management series

Converged IAM (Identity and Access Management) can be understood as a system which converges together disparate physical and logical access control system, to create a singular trusted identity and one credential to match rights and access them across the enterprise.

Converged IAM can’t exist without network connections – preferably automatic, software driven ones – between these logical and physical identity systems.

The most typical use-case right now involves the uses of a card reader integrated with an identity management or directory system such as Active Directory of LDAP. Users swipe the access card at the door and use that same access card to log on to network resources.

Logical identity integrations for a user usually begin with links between human resources systems, an IT network component and the enterprise directory. The directory software, such as Microsoft’s Active Directory or similar tools based on the Lightweight Directory Access Protocol (LDAP), ensures that any employee has the network, software and database access — the virtual provisions — they’ll require to do their work.

Many large enterprises already use identity management tools from vendors like IBM, Novell, Oracle and Sun, to provision users from the HR system into the directory. That process is fairly well-automated. The disconnection between logical and physical identity usually appears when it’s time to provision a user’s physical access rights—at the most basic, where and when that person is allowed to be within the enterprise. In many enterprises, this task is typically still manual: A phone call, email or fax from HR alerts the physical security department to put the new employee into the PACS and create an access badge for him.

Integrating the PACS with the enterprise directory enables enterprises to address the issue of disconnected physical and logical identities. Here the value for the organization is that integration allows them to have a better understanding of who has rights to their network and their physical facilities. It allows them to manage access rights and people’s responsibilities within the organization more efficiently.

Next: The Importance of IT in Convergence

November 3, 2010 Posted by | Access control, Risk management | , | Leave a comment

Secure File Uploads – Risky?

Risky file downloadsRecently we have had several inquiries into the risks surrounding uploading files.  Here’s some how you can think about this risk:

File uploads have become a critical feature in today’s application security. As the availability of human resources and systems continues to be critical to business operations, file upload usage will continue to escalate as will the features these devices offer. For example, to allow an end user to upload files to the websites such as social networking sites, web blogs, forums, e-banking sites, video blogs, or corporate support portals, gives the opportunity to the end user to efficiently share files with corporate employees. These all open the door for a malicious user to compromise your server.  These users are allowed to upload images, videos, avatars and many other types of files.

The more access controls provided to the end user, the greater the risk of having a vulnerable web application and the chance that such functionality will be abused from malicious users, to gain access to a specific website, or to compromise a server is very high.

It is, therefore, imperative that proper risk management be applied and security access controls, policies implemented to maximize the benefits while minimizing the risks associated with such features.

A list of best practices that should be enforced when file uploads is allowed on websites or any applications. These practices will help you securing file upload forms used in web applications. Few of the recommended practices include:
• Restrict the user to upload the files in a directory outside the server root.
• Prevent overwriting of existing files (to prevent the .htaccess overwrite attack).
• Create a list of accepted mime-types (map extensions from these mime types).
• Generate a random file name and add the previously generated extension.
• Don’t rely on client-side validation only, since it is not enough. Ideally one should have both server-side and client-side validation implemented.

As seen above, there are many ways how a malicious user can bypass file upload form security. For this reason, when implementing a file upload form in a web application, one should make sure to follow correct security guidelines and test them properly. Enterprises that have been considering the use of file uploads in their environment should calculate the benefits that the technology can offer them and the additional risks that are incurred. Once benefits and risks are understood, businesses should utilize a governance framework to ensure that process and policy changes are implemented and understood, and that appropriate levels of security are applied to prevent data loss.

If you have additional questions regarding Secure Development Lifecycle contact Karl Kispert at

November 3, 2010 Posted by | Access control, File upload security, Risk management | , , , , , | 1 Comment