Information Security Concepts Implemented

1
Presented byJames Nelson
Information Security Concepts Implemented
CERT Conference 2000
2
PRESENTATION NOTE
As I present today, I will pose questions to
everyone in the room. I am soliciting your
thought processes. I would appreciate it if
everyone would quietly observe and make notes of
any questions they might have. While I am
confident we will be able to get through all of
my materials today however, I am not fully
confident that we will be able to cover all of
the questions at the end of the presentation. I
will be happy to respond to questions via email
at a later time. Please come forward and
introduce yourself after the presentation so we
can exchange business cards.
3
Relate Something Real and Complement Academic

• In ACADEMIC environments, we work with
• PHILOSOPHIES
• CONCEPTS
• THEORIES

In the realm of something real we start with a
problem (usually business) and work toward the
solution.
4
Relate Something Real and Complement Academic
From http//www.sans.org/mistakes.htm
The top mistakes people make that lead to
security breaches (paraphrased) Users open
unsolicited email attachments, fail to keep
application patches installed, install trojan
games or screen savers, forget about backups, and
use modems while connected to the LAN.
5
Relate Something Real and Complement Academic
Also paraphrased from mistakes.htm
Generally, Senior Executives assigned untrained
people to maintain security, fail to relate
information security and business problems
directly, rely heavily on firewalls, fail to
realize the value of their information and
reputation, authorized reactive short-term fixes,
and pretend problems will go away by ignoring
them.
6
Relate Something Real and Complement Academic
According to http//www.sans.org/newlook/resources
/errors.htm, the top management errors leading to
vulnerability were as determined by 1,850
computer security experts and managers meeting at
the SAN99 and Federal Computer Security
Conferences held in Baltimore May 7-14, 1999.
7
Relate Something Real and Complement Academic
Also paraphrased from mistakes.htm
IT people network unhardened systems or systems
with default accounts and passwords, dont patch
security holes when discovered, dont use
encryption to manage devices, give out passwords
over the phone, dont test current backups, run
unnecessary services, implement open firewalls,
dont properly address viruses, and fail to
educate their peers and users.
8
How can we apply the philosophies, concepts and
theories . . . . .
. of security to the the real world?
What core concept needs to be applied?
Use forethought to build security into the
implemented process. Why?
Security costs far more to add as an afterthought
than it does to implement in the first place! It
is important to understand how closely
information security and sound business processes
are related.
9
IT IS IMPORTANT FOR MANAGERS TO UNDERSTAND BOTH
TOPICS
Today, there are still many (highly paid)
managers that do not fully understand information
security. If a manager cant perceive the right
thing as the mistake they cant address the
issue appropriately. Once a manager is able to
understand the relationship between information
security and sound business process, they are
able to make the critical decisions required to
adjust their practices and properly address
security issues. I will start with basic
security concepts. . . . . . .
10
ALWAYS USE PRODUCTS WITH THE MARKS OF GOOD DESIGN
But what are themarks of good design?
They are really a collection of concepts that
form the mold for a reasonably secure system.
When the marks of good design are built into a
system and implemented correctly, the end result
will be a reasonably secure system. (Note I said
a REASONABLY SECURE system.)
11
THE MARKS OF GOOD DESIGN
Uniqueness and 11 ratio of User to IDs,
Least Privilege, Dual Control Points, Role
Separation, Separation of Duties, Time
Synchronization, Artificially Intelligent
Logging Mechanisms, Log Retention, Log
Correlation, Reaction or Response Mechanisms,
Encryption Mechanisms, Strong (two-factor)
Authentication, Auditing Mechanisms, and Finite
Tunable Security Controls. (there are more)
12
THE MARKS OF GOOD DESIGN
Got all that?
Moving right along.
JUST KIDDING! !
13
THE MARKS OF GOOD DESIGN
What do I mean by Uniqueness and 11 ratio of
User to IDs?
The defined set of credentials to be used as a
regular means to access a system must be assigned
to one individual who is held responsible for the
use (or misuse) of the credentials.
14
THE MARKS OF GOOD DESIGN
Uniqueness and 11 ratio of User to IDs
Commonly, organizations fail to to implement
methods to ensure individual accountability
through uniqueness. The most commonly observed
failure points are caused by poor control of
built-in system IDs, poor password selection by
users, and bad password management schemes for
built-in credentials (which should be used for
EMERGENCY USE ONLY!)
15
THE MARKS OF GOOD DESIGN
Uniqueness and 11 ratio of User to IDs Real
world examples
Ive seen several organizations choose a
standard password for their root or
administrator accounts across multiple systems
rather than granting the required access through
assigned security credentials and the use to
utilities similar to sudo.
16
THE MARKS OF GOOD DESIGN
Define Least Privilege
Assigning a minimum set of allowed operations
or account credentials that are PROVEN to be
required to perform a task.
I cant count the number of times I have had to
SET file system permissions and registry
permissions for an application. Vendor need to
build quality installation programs and stop
CLAIMING their products NEED administrator
access. Some do need administrator privileges,
but most do not.
17
THE MARKS OF GOOD DESIGN
Define Dual Control Points
The practice of using separate vendors and
control mechanisms to accomplish a singled
desired control. Commonly used in environments
where the requirement to fail safe is present.
Example An internet router purchased from
Vendor X and a firewall purchased from Vendor Y
that are both configured to use least privilege
in and out all of their interfaces.
18
THE MARKS OF GOOD DESIGN
Dual Control Points Are they really that
important?
You decide! I had a system out on the internet
that was protected by TCP wrappers and several
other hardening techniques. I even had the
system configured to page me. The system was
completely wiped when a hole in the TCP wrapper
logic allowed the attacker to use a buffer
overflow technique to break into the system and
take root.
19
THE MARKS OF GOOD DESIGN
Dual Control Points The lesson on why to use
them doesnt have to be learned the hard way!
Had I bothered to implement access lists on the
internet router to match my TCP wrapper
configuration, I would have been able to share
the entire weekend with my family on the first
mothers day after our son was born. Instead, I
spent most of the weekend performing a disaster
recovery. Now WE ALL know! (yes it was
successful) True story!
20
THE MARKS OF GOOD DESIGN
Define Role Separation
A method to improve security where security
roles are assigned to a users required duties
and implemented using least privilege for each
roles independent of the any other role.
Example assigning administrators a special
user ID and process for reading email so their
admin access can not be used to run malicious
code (viruses).
21
THE MARKS OF GOOD DESIGN
Role Separation Consider What would happen
if an email worm was released that would identify
and disable all administrator accounts it could
find ending with the account currently being
used? When an administrator opens the email? A
domain guest or user opens the email?
22
THE MARKS OF GOOD DESIGN
Define Separation of Duties
Implementing carefully designed checks and
balances in processes instead of assigning all
credentials necessary to perform the process to a
single individual or group of individuals.
Separation of duties are typically used when a
high degree of trust and assurance is required to
accomplish a task.
23
THE MARKS OF GOOD DESIGN
Separation of Duties. Example It takes
many people to access the vaults at Fort Knox.
From time-to-time fork-lifts are used to move
pallets of gold bars around inside the fault. If
a single bar of gold was taken, the financial
loss encountered would be very high. (Currently
over 200K for a 50 LB bar)
24
THE MARKS OF GOOD DESIGN
Define Time Synchronization
A method to ensure that the time across multiple
system is exactly the same.
Audit logs can show time-stamps on events as
they occur on a give system. Without an
implemented method to synchronize the time across
all the systems on a given network, audit logs
are extremely difficult to interpret.
25
THE MARKS OF GOOD DESIGN
Time Synchronization is the most commonly
overlooked (or ignored) easy to implement
security measure. Generally it does not matter
if the time is wrong as long as it is consistent
between systems. When enterprises start
connecting their networks together for
business-to-business transactions, then then it
becomes important for the time to be in sync with
world time.
26
THE MARKS OF GOOD DESIGN
Define Artificially Intelligent Logging
Mechanisms
Information collection systems able to
increase or decrease the amount of information
being requested from a monitored process based on
the interpreted information collected from the
process previously.
AI Logging Mechanisms are still a bleeding-edge
(and therefore rarely implemented) technology.
They are a very important part of highly secure
application models because they offer
low-overhead and yield highly useful security
information.
27
THE MARKS OF GOOD DESIGN
Define Log Retention Systems
A repository based mechanism constructed to
enable administrators to perform time or event
based (or both) management of information
(storage and retrieval) from network devices,
servers, or applications.
Log retention mechanisms are usually consist of
a very large central repository and logic that
can determine what to store, how to store it, and
how to retrieve it. Advance systems enable
administrators to easily retrieve logs as needed
and build reports based on the data.
28
THE MARKS OF GOOD DESIGN
Define Log Correlation
The process of following a chain of events
through their logical access path on (indirectly)
related systems.
Typically, log correlation systems are useful
for interpreting activity on multiple systems
(firewalls, database servers, application
servers, database servers, etc). Log
correlation is great for reporting.
29
THE MARKS OF GOOD DESIGN
Define Reaction or Response Mechanisms
Systems designed to take predetermined
automated actions in reply to a sequence of
events or act on the recognition of the events by
sending information so the events can be acted
upon manually.
Reaction or Response Mechanisms rarely exist
independent of reduction and correlation systems.
Reaction or Response Mechanisms are typically
built into Intrusion Detection or Prevention
Systems. (depending on how and how fast the
system can react)
30
THE MARKS OF GOOD DESIGN
Define Encryption Mechanisms
Systems designed to systematically transform
data into an unreadable format and recover with
the key.
Encryption is commonly used to protect
information as it travels over a network on as it
is stored on a file server. Encryption systems
are able to guarantee the integrity of data and
also that it is accessible only by authorized
parties with the key. DANGER-- dont lose the
key or the information will be unrecoverable!
31
THE MARKS OF GOOD DESIGN
Define Strong (two-factor) Authentication
An identification and verification system able
to provide a highly secure way of guaranteeing
whatever passed the verification is REALLY who or
what they are representing themselves as.
The algorithms vary, but they all consist of
something the requester had and something the
requester knows. Encryption keys are commonly
used as well as user IDs and passwords.
32
THE MARKS OF GOOD DESIGN
Describe a Complete and Accurate Auditing
Mechanism
Systems that precisely record events with full
detail of the inputs to the event and the output
of the event.
Complete and Accurate Auditing Mechanisms
should list the credential held, the credential
required if it is different, if the transaction
was successful or it failed, and perform the task
equally for everyone. Complete auditing systems
need report capabilities.
33
THE MARKS OF GOOD DESIGN
Describe Finite Tunable Security Controls
Systems that implement a very high degree of
granularity to their internal protection and
authorization systems.
Finite Tunable Security Controls will provide
the means for administrators to specify EXACTLY
what they want something to be allowed to do-- no
more and no less. They are mission critical to
systems being implemented with least privilege.
34
THE MARKS OF GOOD DESIGN
When I introduced the marks of good design I
talked about REASONABLY SECURE systems. Which
came first-- the system, the threat, or the
method to protect? Lets go back to the origin
of the problem with the age old chicken/egg
analogy.
35
Which came first . . . .
. . . chicken or the egg?
If the chicken is a defenseless network and the
egg is the means to protect, then what happens if
there werent any chickens?
There wouldnt be any problems in the first
place! We wouldnt develop the means to
protect We wouldnt have anything to
protect There wouldnt be anything to protect
against!
36
Analogies Aside . . . .
The majority of the vulnerable systems out there
are vulnerable because they are not addressing
one area WHAT AREA WASNT ADDRESSED?
HINT Its not development. It is not QA.
37
Analogies Aside . . . .
The majority of the vulnerable systems out there
are vulnerable because they are not addressing
one area WHAT AREA WASNT ADDRESSED?
In the DESIGN STAGE, developers and systems
personnel had the opportunity to build controls,
reaction mechanisms, audit mechanisms, and
protection means into the application. Why
didnt they?
38
Security Improvements Through Superior
Implementation
In the implementation stage, administrators have
the opportunity to improve security by using
proven implementation methods. Through product
selection and component architecture they can
enhance security with Additional Mechanisms for
audit trails, anomaly detection, anomaly
reaction, and low-level controls. Hardened
installations Why didnt they?
39
THE LONG-TERM SOLUTION
Design and implementation mistakes both occur
when unsound business processes go live and
start guiding projects to achieve their desired
goals. Process owners must realize and address
the undesirable consequences of their cost
control measures or rapid development
efforts. What needs to be fixed first? The
design process, or the implementation process, or
the business process?
40
HOW MANY OF YOU HAVE TAKEN HISTORY ?
SHOW OF HANDS How many of you have taken
history? Look around the room.
What is the core thing historians preach OVER
and OVER again?
Why does history repeat itself?
Because we dont learn from our mistakes and
take the necessary steps to correct the
associated cause and resulting problems!
41
WAIT, I THOUGHT PRODUCT X WAS SUCH A GREAT
APPLICATION!
What happens if a GREAT application was
developed several years ago but was improperly
implemented? What about if the product has not
been changed to keep current with todays
technology?
VULNERABILITIES HAPPEN!
42
WHY DO VULNERABLE SYSTEMS KEEP TURNING UP?
Sites all over the world are being turned into
examples daily. Why not improve security by
embracing the marks of good design? Long-term
changes are necessary to close common
vulnerabilities. When business processes design
applications without addressing the means to
properly protect the organization against
exposure, the resulting implemented systems
clearly violate widely known best practices.
43
BUSINESS DECISIONS ARE ASSOCIATED WITH
VULNERABILY?
Real world examples Clustering software
using password auth Code to change passwords
through the web Clearly, the products do not
have the marks of good design. Someone made the
feature, and nobody with enough pull to be heard
had the good sense to have the features improved
or removed. The vulnerabilities were not a huge
surprise to me or any other professional I have
talked to.
44
VULNERABILITIES THAT ARE NOT A SECURITY PROBLEM ?
?
If a business decision caused a vulnerability,
the root of the vulnerability is a BUSINESS
PROBLEM! Many security professionals have
observed a trend where business owners categorize
security holes a security problem. This
incorrect assumption results in no change to
business process. Vulnerabilities continue to be
introduced until the BUSINESS OWNER take
responsibility for the failure points in their
process.
45
HOW DO COMPANIES FIX BUSINESS PROBLEMS?
They take responsibility for the problem they
are trying to address, change their business
HABITS, and revisit everything that occurred
while they were off-track. I dont think I need
to mention any tire companies or recent recalls
to drive this point home, but it cant hurt.
46
THE CYCLE OF CRIME
A criminal will continue their cycle of crime
and punishment until they recognize that the laws
are not going to change and they look to
themselves to stop the change. If a criminal
keeps ending up in jail, society does not
generally blame the law, society blames the
criminal. It is not a new concept or idea, but
applying this logic to business may be new to
some.
47
DONT FOLLOW THE LAWS OF BEST PRACTICE AND BE
PUNISHED
Businesses can not afford to continue
accepting functional but architecturally inferior
software. Business cant afford to continue
accepting the status quo and operating on
inferior systems. Solid software and systems
architectures can be properly designed ONCE base
on best practices and built into customizable
modular systems. Where would the graphical user
interface as we know it be if companies had not
made development libraries that could be
leveraged?
48
DONT FOLLOW THE LAWS OF BEST PRACTICE AND BE
PUNISHED
REASONABLLY SECURE is a very important thing.
Test security for failure points that will fail
open or fail closed. Identify which is a higher
risk and take measures to avoid it. In a system
where the timely storage and retrieval is mission
critical, controls that are not extremely
reliable are a risk in themselves.
Governments have fallen because they were TOO
secure. They were not able get weapons out of
their extremely secure armaments after the two
people who knew the unlock codes were killed.
49
STEP UP TO THE PLATE
Many security vendors have lead by example.
THEIR software incorporates strong
authentication mechanisms, advanced logging
mechanisms, and high quality encryption. Some of
them have implemented separation of duties, least
privilege, and time synchronization. None of the
architectures I have observed are ideal, but
applications designers and developers from other
sectors have a great opportunity to learn by
example.
50
WHERE TO START
Since it is a business problem, business
process is the logical choice. In order to do
that, the business leaders will have to dive in
and define their companys requirements. They
will need to define the rules for new
systems. The next logical step is to build a
computer security and information assurance with
a team of security analysts and auditors. Seek
their help in writing policies that will take a
phased approach so existing systems may gradually
come into compliance with the requirements or be
selectively phased out.
51
WHERE TO START
Many corporations have a standard set of
paperwork defining the majority of their security
parameters going into a process. The initial
security parameters are authored based on the
principles the company wishes to enforce on all
implementations. In the intent stage, the
details are documented according to how the
parties expect them to be resolved. In the final
agreement, the final designed process with all
changes is documented. Sample Network Memos of
Understanding (MOU) documents are available on
the internet. I strongly encourage their use.
52
WHERE TO START
Example of the process in action
Hypothetically speaking, company X has a policy
that states X will control all access into and
out of Xs network, X will not be responsible
for controlling access into or out of a third
partys network, X intends to implement the
processes using least privilege, X will
implement dual control points, X will acquire
and configure their own hardware and retain
ownership of the hardware, X reserves will
abandon work in progress if the above guiding
principles of security are properly supported.
53
NOW WHAT?
The next step after new processes are in place
is to begin the clean-up effort. Clean-up can
take MANY years and move in SEVERAL phases. In
the mean-time old systems can impose an
incredible level of risk on an organization.
Intrusion Detection and Prevention Systems were
invented to address this issue.
54
IDS
What are Intrusion Detection Systems? Intrusio
n Detection Systems are software specifically
designed to recognize patterns of unwelcome
behavior. IDS can provide a means to log
attempts, stop attempts in progress, and close
holes identified to match known attack patterns
by blocking the required sequence from occurring.
They are a set of tools commonly used to
identify and manage risk.
55
IPS
What are Intrusion Prevention
Systems? Intrusion Prevention Systems are
software specifically designed to recognize
security weaknesses, prioritize the
vulnerabilities, and help administrators correct
the situation. Some report a vulnerability while
others prevent the vulnerability from being
exploited.
56
SOUNDS GOOD BUT WHATS THE CATCH?
Intrusion Detection and Prevention Systems were
invented as a bandage (or quick fix)
organizations could use to enhance the security
of systems that lack (or poorly implement) the
marks of good design. They offer a set of
tools, not repair parts.
Intrusion Detection and Prevention Systems should
be used to provide the secondary layer of
control. Well designed software should be used
to provide the first (most difficult to break)
layer. Quick-fix technology is often abused and
misused. Any serious system with an identifiable
degree of exposure should have the required
controls already. ID and IP systems should
COMPLEMENT the application controls. They should
not be the only thing with the ability to record,
report, and react.
57
ALARM SYSTEMS ARE NOT DEADBOLTS
Intrusion Detection and Prevention Systems were
not created to be the end all, be all long-term
solution to the business problem. They can not
change business habits. They can not make
security have an active role in the design and
implementation of a business process so the
business process can react based on security
events.
Everyone knows that alarm systems do not serve
the same purpose as a deadbolt, steel doors, or
window bars. IDP systems are alarm
systems. SHOW OF HANDS how many you have locks
on your doors? Care to guess how many would
raise their hands if I asked how many of us have
alarms? Which is the basic security element?
58
THE MEAT AND POTATOES
What we are going to talk about in the rest of
this presentation is the meat and potatoes of
Intrusion Detection and Prevention Systems.
There are several things they CAN do and
several things they CANT do. (there are also
gray areas-- things they can do but really
shouldnt be doing long-term)
They fit together to make a great collection of
sensors and reaction mechanisms. They make a
REALLY BAD basic element of network security.
59
IDP SYSTEMS CAN

• Complement other security controls
• Capture events on a network and report them
• Assist administrators in the identification of
  risk
• Report attack sequences and take action (in real
  time sometimes)

60
IDP SYSTEMS CAN T

• Replace sound security practice or known
  best-practice security and auditing principles
  discussed earlier
• Least Privilege
• Dual Control Points
• Separation of Duties
• Role separation
• Time Synchronization
• Implement security or create additional people
  resources.
• Properly designed IDP systems take time to
  implement, maintain, manage, and generate
  progress toward intrusion prevention.
• Make up for bad network or application design
• Make up for or fix problematic business process
• Reliably implement controls if they dont exist
  in the designed architecture on their own.
• They are audit/reporting mechanism that, at best,
  can provide a last resort fail-safe mechanism.

61
IDP SYSTEMS THE GREY AREAS

• IDP systems were born out of the need for an
  automated means to reduce and summarize logs
  systems that typically nobody had bothered to
  enable or review before. They cant reduce or
  summarize logs if the logs are not turned on.
• Some IDP Systems help with audit log analysis
• Some provide the means for a logging methodology
  with support for
• Reduction
• Retention
• Correlation
• Reaction

62
WHAT ARE YOU TRYING TO DO?

• System owners who wish to protect their
  networks, systems, and data from intruders need
  to identify up-front how they intend to do it.
• Are they trying to
• A) Stop attackers dead in their tracks and send
  a strong message to look elsewhere for an easy
  target and complement other security controls.
• B) Provide investigators with the required
  information necessary to successfully prosecute
  individuals who are in violation of their
  countrys laws
• C) All of the above

63
WHAT ARE YOU TRYING TO DO?
The actions required to be successful in their
eyes are entirely dependent on what it is they
are trying to accomplish. A properly deployed
IDP systems presence on the networks it is
monitoring should be nearly undetectable. They
must not open vulnerabilities which could
potentially be used as an entry point to
compromise or take down the systems. If they
fail in this key area, they have caused the very
thing they were designed to protect against!
64
IS IT MAGIC?
Ive touched on what IDP systems can and cant
do, but I have not talked about what types there
are or how they perform their magic. I am
going to show you a matrix of twelve different
areas of coverage then identify what areas are
most commonly missed. What coverage types,
vulnerability types, and reporting types
encompass the areas loosely referred to as IDP
systems? Lets see how we did.
65
THE MATRIX
Intrusion Detection and Prevention Systems can
be made to catch events at a network, operating
system, or application level. They can catch
things that are always present or things that
come and go. They can show administrators things
in real time or when they perform an event report
analysis. I have just described the elements
of the matrix.
66
THE MATRIX
What areas are typically covered by properly
implemented and maintained IDP systems?
67
THE MATRIX
Areas commonly covered.
68
THE MATRIX
Areas commonly covered manually by security
analyst professionals.
69
THE MATRIX
Areas commonly missed by IDS systems and
security analyst professionals. The area marks
the greatest threat because the industry lacks
available counter-measures to mitigate the risk
70
WHAT DOES THE MATIX MEAN?
Network a device put in place on the network
which operates independently of all functional
network equipment and servers for the sole
purpose of monitoring, logging, intrusion
detection, and intrusion prevention. These are
sniffer or scanner based systems.
71
WHAT DOES THE MATIX MEAN?
Operating System Software installed on
functional network equipment and servers for the
purpose of monitoring, logging, intrusion
detection, and intrusion prevention. OS based
measures demand a portion of they resources on
each system and typically do not focus on the
network layer. OS based system are able to
perform more advanced operations or detect
anomaly patters specific to the host. OS based
IDS agents are able to catch things that network
based solutions miss. These are usually
application layer based and very dependent on
logs.
72
WHAT DOES THE MATIX MEAN?
Application Software installed on functional
network equipment and servers for the purpose of
monitoring, logging, intrusion detection, and
intrusion prevention based on the individual
sequences of events inside a program.
Application level systems detect changes to the
system for the purpose of anomaly identification,
automatic counter-measures, and reporting. They
are designed to monitor events beyond the scope
of of network or OS based software.
73
WHAT DOES THE MATIX MEAN?
Static Security risks that exist continually
until configurations are changed to mitigate the
risk. Dynamic Security risks that are based
on real-time attack sequence pattern detection or
the changing status of a system. Real time
Reporting mechanisms that operate at the same
speed as the system being monitored. Report
based informative mechanisms that do not
provide information until they are told to. (or
bother to gather the information sometimes)
74
WHAT DOES THE MATIX MEAN?
Network Dynamic Report Based systems entail
reviewing logs from all network equipment,
firewalls, servers, Intrusion Detection Systems,
and Intrusion Prevention Systems then carefully
reviewing the information for inconsistencies.
It requires manpower, and cant be reasonably
replaced by software solutions. Little software
outside of database importing/reporting tools
exist to make this job easier.
75
WHAT DOES THE MATIX MEAN?
Application Dynamic Real Time and Report Based
systems entail designing and building hacker
smart applications by applying anomaly discovery
logic a a granular level focused toward each
individual routine inside of each and every
application. Very little exists by the way of
standards for applications that would allow
engineers to leverage ID or IPS technology here
therefore, very little is available to cover the
application threat scenarios correctly.
76
WHATS MISSING?

There are other elements of risk identification
and mitigation such as new device discovery, and
new attack discovery. Organizations should
allocate a portion of their funds for the
discovery element because it is very difficult to
protect from a threat unless it is known about
and addressed in a timely manner. Hardware and
software management can an should be addressed
directly by this area.
77
THE FUTURE

As standards unfold and products are released
for application level RT and RB IDP,
organizations will need to focus their security
system growth in these areas. To be
successful, logging levels for individual
transactions must be controllable by the
application level security systems. Application
error reporting and application security systems
must be able to feed each other information
logically, or things may be missed.
78
THE FUTURE

The concept