In: Computer Science
try to find articles that deal with server roles and issues that came up when roles were not properly assigned. You could also find some article that discusses any service that is worth running on a server to help administration or troubleshooting.
Server is a computer program that provides a service to another computer programs and their users. A physical computer which runs a server programme is frequently refer to as a SERVER. Servers perform various essential tasks and activities that is a very crucial thing of any organization's IT infrastructure. The many complex processes that take place during an activity, for example a security and authentication to billing and orders, the purchase could not take place without several powerful servers handling the load hence servers are very much important for any organisation.
The main and important function of a server is to listen in on a port for incoming network requests, and a good demonstration of this is the interaction between a Web server and browser. For a user the process is instantaneous, but when he clicks a link while surfing on the Web, several things are taking place behind the scenes like the request for the Web page is transmitted to the corresponding web server, and the server fetches and assembles the Web page and retransmits it using a protocol like HTTP, and, the user's browser receives the data, converts it, and displays the page.
In Networking, Servers are named depending on what they serve. It is referred to a system which is capable of serving contents and many important things. The system may be running windows, Linux or other operating systems. Take an example, web server can be running windows, Linux or any other OS depending on your choice. After choosing the operating system for the web server then you can install the software needed for that system to be web server.
server role is a set of software programs that, when they are installed and properly configured, lets a computer perform a specific function for multiple users or other computers within a network. Generally, roles share the following characteristics.
They describe the primary function, purpose, or use of a computer. A specific computer can be dedicated to perform a single role that is heavily used in the enterprise, or may perform multiple roles if each role is only lightly used in the enterprise.
They provide users throughout an organization access to resources managed by other computers, such as Web sites, printers, or files that are stored on different computers.
They typically include their own databases that can queue user or computer requests, or record information about network users and computers that relates to the role. For example, Active Directory Domain Services includes a database for storing the names and hierarchical relationships of all computers in a network.
As soon as they are properly installed and configured, roles function automatically. This allows the computers on which they are installed to perform prescribed tasks with limited user commands or supervision.
Problem 1: Role Explosion
Role Explosion is difficult and costly to manage and makes access control confusing and complicated,reducing the access control effectiveness. Additionally, there are several other issues created that need to be monitored carefully when adding more roles to your access control deployment. One of these problems occurs when a user has too many roles assigned to them and then changes jobs or responsibilities within the company. IT system administrators either forget, or even make a conscious decision to leave old roles in place. The quantity of roles can lead to security holes that are often too difficult to find and close.
Problem 2: Security Risk Tolerance
As a system administrator, it is important to understand the risks to your system. Conducting a security risk analysis with a proactive risk prevention plan is essential for RBAC deployment. RBAC is data focused; data is categorized relevant to the organizational structure and that leads to access control role definition. If your organization is reactive to security risks, RBAC may not be the optimal way of securing access to your network data. RBAC requires that you have intimate knowledge of the security layout of your company and of how permissions are being granted before deployment. Once deployed, it is hard to react to changing security threats and risks. So be careful and “measure twice, and cut once” with your RBAC policies. In an era of increased scrutiny of security effectiveness due to changing data privacy and protection regulations, this dilution of the security model significantly increases the residual risk of data breach, with significant consequences both financial and reputational.
Problem 3: Scalability & Dynamism
Yes, at the start of your RBAC deployment, you knew exactly what roles you needed to define, and who they needed to be assigned to. But, it’s now a year later and the organization has grown. More people have joined the company and in the rush of onboarding all the new people, the organization charts and job definitions have not been updated or clearly defined.
This is where RBAC will become difficult to maintain and manage. These “dead ends” limit your deployment’s scalability and may require a redesign to get back on track. Even worse, with potential time pressures, you may need to implement a “work around” solution that in the long run can contribute to the problem rather than rectify it. Almost like a game of IAM whac-a-mole, you’re constantly addressing new problems.
This more often than not is cycle of major rework every 2-3 years, if at all, to remediate a lack of incremental management of the role taxonomy in-line with the changing needs of the organization’s structure, which remains dynamic and reactive, as it must, to react to customers’ needs and more agile business models in a digital world.
Problem 4: Expensive and Difficult Implementation
Your company has been using computers and collecting data for a long time but has never really needed any kind of access control as part of the organization security policy. If you need to plug the holes and decide that RBAC is the way to go, you may find the need for the duplication of servers and other infrastructures which support RBAC cost prohibitive and adding complexity. You will also need to consider cost and risk with migrating users to the new systems while phasing out the older ones. Most of the time migrations have a variety of difficulties and unforeseen challenges, and resulting in security holes in both systems along with other costly defects, such as unplanned downtime and data loss.
Please do give a like thanks...!!