Trusted Proxy
Classification Key
: Exterior Security, Tampering
Problem
Exposing a component to anonymous access in an un-trusted environment can be dangerous. The components can be misused and this affects accountability, availability, integrity and confidentiality. Some vulnerabilities may result in total system compromise.
How can the shortcomings of security mechanisms of components be hidden from the malicious users?
Solution
Use a trusted proxy as a buffer between inadequately protected components and un-trusted users. The trusted proxy intercepts and filters all communication between the users and components in question. Enforce appropriate security mechanisms to compensate for the weaknesses of the protected components.
Known Uses
Entity Beans in EJB provide access with limited functionality.
Source
Kienzle et. al. Repository
Tags
Proxy, Delegation, Access Control
|