Overview
The DEALS system is hosted on servers managed by Purplewire, an experienced e-business development company. Purplewire's multi-layered security architecture incorporates security measures in data transmission, at the network perimeter, in the server infrastructure, and at the application level. These layers of security cooperate to provide protection of the critical data against a broad spectrum of security threats.
Hosting Environment
The Purplewire server hosting environment incorporates a balanced array of physical, network, and operating system security tools, including an automated monitoring and notification system.
Physical Security
The servers are located in a server room which is protected by a 5-button combination lock. Only selected Purplewire personnel have access to the server room. The server room is inside the Purplewire facility, which is protected by a card-key security system.
Network Security
The server network is separated from the Internet by an ICSA-approved firewall, configured with the restrictive "allow none" default policy.
Interactive login access to servers on the server network from the Internet is restricted to authorized Purplewire staff, and only via an encrypted "virtual private network" (VPN) using industry standard security protocols (IPsec/IKE).
Server Operating System Security
The DEALS system runs on UNIX-based servers. The servers are configured with all unnecessary services disabled. The few services which are necessarily visible through the firewall are routinely upgraded with the latest security patches.
Database Security
The DEALS database server is configured to accept connections only from database clients within the local server network, and only with appropriate database password.
Server Monitoring
All Purplewire servers are continually monitored by automated systems on both the local network and at a remote location. A server's failure to respond triggers alarms which are received both by email and through a wireless pager to the designated "on call" support person.
Each server has an intrusion detection system installed which monitors critical system files and notifies system administrators of changes to those files based on a tamper-proof file "signature".
Server room temperature is continually monitored. Temperatures out of the specified normal range trigger alarms to the support staff.
Data Backups
All application data is stored on a high-availability mirrored disk system to provide protection against hardware failure. In addition, data is backed up daily to a separate server, and weekly backup backup tapes are created and stored in a location separate from the servers.
Data Transmission
SSL Encryption
Industry standard SSL encryption is used to prohibit "electronic wiretapping" or other unauthorized access to data or passwords as they traverse the public network between the Purplewire network and the user's web browser. The strongest 128-bit encryption is used whenever supported by the user's browser.
Server-based Access Control
The DEALS system uses authentication and authorization credentials which are generated by the web server software. The server is responsible for verifying that the user has the proper password for each request ("authentication") and for determining what level of access the user is allowed ("authorization"). In addition to allowing or denying access for each request, the server passes the user's identity and group memberships to the DEALS application for use in additional application-level security checks.
Application Security
The DEALS application security features ensure that authorized users of the system, once logged in, can only access data for which they are authorized, and can not view or modify other users' private data. The use of multiple access levels provides the flexibility to allow different levels of access to different types of users.