Before the great explosion of interest in the World Wide Web, it was common practice to run utilities or programs on the Internet that would interrogate specified remote computers to locate friends or colleagues and see if they were logged on. You could then communicate with them in real-time over the network or connect temporarily to their disk drive to exchange files.
The Internet was virtually wide open, operating with a high level of trust and a low level of security. Now, because there are millions of users, security has become a huge concern. Companies are securing their networks to prevent uncontrolled or unsolicited access to their private networks from the outside.
This chapter explores some of the issues surrounding network security.
The following sections discuss common security issues that you must consider when setting up Forms Server in a networked environment:
Authentication is the process of verifying that a user who logs into a network or database has permission to log in. Examples of authentication include the use of a user name and password when logging into a local-area network (LAN) and the use of digital certificates when sending or receiving secure e-mail over the Internet. An organization can use various types of authentication processes depending on the level of security desired and the type of network or database that is being protected. But in the end, the goal of authentication is to ensure that only approved users can access the network or database and its resources.
In the case of Forms Server, running a Forms application over the Web resembles the traditional client/server environment, where the application user logs on as a database user by identifying him- or herself using a username/password combination.
Because Forms Server allows you to deploy your Forms applications to hundreds of users over the Internet, there is a risk that unauthorized users may illegitimately capture data being transmitted on a network (via a sniffer), intercept authentication information, and gain access to applications or the server environment. Therefore, you must implement additional security features, such as encryption and firewalls, when deploying applications over the Internet.
With server authentication, a client machine verifies that a server is who it claims to be. For example, when a client sends confidential data to a server, the client can verify that the server is secure and is the correct recipient of the client's confidential data.
If you use the HTTPS communications mode, which uses HTTP 1.1 with SSL (secure sockets layer), data transmission is encrypted and server authentication is conducted over the Internet. Server authentication is accomplished using digital certificates. When a client browser connects to a server, the server presents its certificate. Servers are issued certificates from certifying authorities (CAs). CAs are companies that issue certificates to individuals or companies only after verifying the individual or company's identity.
Authorization is the process of giving authenticated users access to the network or database resources they need. It also prevents them from accessing resources they don't need or don't have permission to use. For example, a manager may be authorized to access tables that contain employee payroll information, but a stock clerk would not be authorized to access this information. The methods used to enforce network and database resource authorization vary depending on the level of security desired and the type of network or database being protected.
In the case of Forms Server, when a user is authenticated, a database role is assigned to the user, which grants permission to view or modify data in the database. (This is a form of authorization.) The user's identity is also used to set application roles.
When information is transmitted over lines of communication, whether they be coaxial cable, telephone lines, fiber optics, or satellite, there is the risk that the communication can be intercepted by third parties. Often, the information can be intercepted without the sender or receiver ever knowing the data was compromised.
The most common method of securing transmission is to encrypt the data. When encryption is used, the sender and receiver of the data have a "key" that can encode and decode the information. When the data is sent, the sender's key is used to encode the information using a mathematical algorithm. The receiver's key decodes the information. If a third party intercepts the encoded data while it is in transit, the data is illegible and useless unless the third party gains access to the key or "cracks" the algorithm's code.
The methods used to encrypt data vary depending on the level of security desired and the type of network over which the data is being transmitted. For example, symmetric encryption can be used if network speed is paramount. Popular symmetric cryptosystems use RC-4 and Data Encryption Standard (DES). Asymmetric encryption is highly secure, but costs in network performance. Popular asymmetric cryptosystems use Diffie-Hellman (DH) and Rivest Shamir Adlemen (RSA).
You should research the encryption methods included with your network, firewall, and/or VPN. Forms Server provides the following encryption options to improve data transmission security:
A firewall is usually a combination of hardware and software that filters the types of data that can be received by your network. For example, a firewall can be configured to allow only HTTP traffic through to the protected network. A firewall also keeps your network's IP address anonymous so that it is not accessible to outside computers. Outside traffic that is authenticated and permitted access to your network is redirected from the firewall IP address to the network IP address. The firewall is your private network's first line of defense against intrusion.
If your network security system includes a firewall, be sure to configure the Forms Server listener to use the HTTP socket connection or HTTPS socket connection rather than the standard socket connection. This is because a firewall will disable many common services at the packet or port level, including standard Forms messaging. HTTP is a service that is allowed to pass through firewalls.
A Virtual Private Network (VPN) is an authenticated connection between two networks or between a network and a remote user where communication is considered completely private. Special "tunneling" software on both the network and the remote user's computer create a secure, encrypted connection over public lines -- even via an Internet Service Provider (ISP). If the remote user does not have the appropriately configured VPN software, it cannot create a VPN with the network.
Often, a VPN setup includes a firewall. Be sure to configure the Forms Server listener to use the HTTP socket connection or HTTPS socket connection rather than the standard socket connection. This is because a firewall will disable many common services at the packet or port level, including standard Forms messaging.Note:
For more information on HTTP and sockets, see Chapter 3.2, "Sockets, HTTP, or HTTPS".
A Demilitarized Zone (DMZ) is an isolated environment in your network that does not contain confidential information. For example, you may have a network where application servers are within the demilitarized zone, but all database servers are within the protected network. Then, if the demilitarized zone's security is compromised, confidential data is not exposed to the intruder.
Here are some steps that can help reduce the risks associated with network security:
The following are network security considerations that seem obvious, but are often overlooked: