Question

In: Computer Science

try to find articles that deal with server roles and issues that came up when roles...

try to find articles that deal with server roles and issues that came up when roles were not properly assigned. You could also find some article that discusses any service that is worth running on a server to help administration or troubleshooting.

Solutions

Expert Solution

Server is a computer program that provides a service to another computer programs and their users. A physical computer which runs a server programme is frequently refer to as a SERVER. Servers perform various essential tasks and activities that is a very crucial thing of any organization's IT infrastructure. The many complex processes that take place during an activity, for example a security and authentication to billing and orders, the purchase could not take place without several powerful servers handling the load hence servers are very much important for any organisation.

The main and important function of a server is to listen in on a port for incoming network requests, and a good demonstration of this is the interaction between a Web server and browser. For a user the process is instantaneous, but when he clicks a link while surfing on the Web, several things are taking place behind the scenes like the request for the Web page is transmitted to the corresponding web server, and the server fetches and assembles the Web page and retransmits it using a protocol like HTTP, and, the user's browser receives the data, converts it, and displays the page.

In Networking, Servers are named depending on what they serve. It is referred to a system which is capable of serving contents and many important things. The system may be running windows, Linux or other operating systems. Take an example, web server can be running windows, Linux or any other OS depending on your choice. After choosing the operating system for the web server then you can install the software needed for that system to be web server.

server role is a set of software programs that, when they are installed and properly configured, lets a computer perform a specific function for multiple users or other computers within a network. Generally, roles share the following characteristics.

They describe the primary function, purpose, or use of a computer. A specific computer can be dedicated to perform a single role that is heavily used in the enterprise, or may perform multiple roles if each role is only lightly used in the enterprise.

They provide users throughout an organization access to resources managed by other computers, such as Web sites, printers, or files that are stored on different computers.

They typically include their own databases that can queue user or computer requests, or record information about network users and computers that relates to the role. For example, Active Directory Domain Services includes a database for storing the names and hierarchical relationships of all computers in a network.

As soon as they are properly installed and configured, roles function automatically. This allows the computers on which they are installed to perform prescribed tasks with limited user commands or supervision.

Problem 1: Role Explosion

Role Explosion is difficult and costly to manage and makes access control confusing and complicated,reducing the access control effectiveness. Additionally, there are several other issues created that need to be monitored carefully when adding more roles to your access control deployment. One of these problems occurs when a user has too many roles assigned to them and then changes jobs or responsibilities within the company. IT system administrators either forget, or even make a conscious decision to leave old roles in place. The quantity of roles can lead to security holes that are often too difficult to find and close.

Problem 2: Security Risk Tolerance

As a system administrator, it is important to understand the risks to your system. Conducting a security risk analysis with a proactive risk prevention plan is essential for RBAC deployment. RBAC is data focused; data is categorized relevant to the organizational structure and that leads to access control role definition. If your organization is reactive to security risks, RBAC may not be the optimal way of securing access to your network data. RBAC requires that you have intimate knowledge of the security layout of your company and of how permissions are being granted before deployment. Once deployed, it is hard to react to changing security threats and risks. So be careful and “measure twice, and cut once” with your RBAC policies. In an era of increased scrutiny of security effectiveness due to changing data privacy and protection regulations, this dilution of the security model significantly increases the residual risk of data breach, with significant consequences both financial and reputational.

Problem 3: Scalability & Dynamism

Yes, at the start of your RBAC deployment, you knew exactly what roles you needed to define, and who they needed to be assigned to. But, it’s now a year later and the organization has grown. More people have joined the company and in the rush of onboarding all the new people, the organization charts and job definitions have not been updated or clearly defined.

This is where RBAC will become difficult to maintain and manage. These “dead ends” limit your deployment’s scalability and may require a redesign to get back on track. Even worse, with potential time pressures, you may need to implement a “work around” solution that in the long run can contribute to the problem rather than rectify it. Almost like a game of IAM whac-a-mole, you’re constantly addressing new problems.

This more often than not is cycle of major rework every 2-3 years, if at all, to remediate a lack of incremental management of the role taxonomy in-line with the changing needs of the organization’s structure, which remains dynamic and reactive, as it must, to react to customers’ needs and more agile business models in a digital world.

Problem 4: Expensive and Difficult Implementation

Your company has been using computers and collecting data for a long time but has never really needed any kind of access control as part of the organization security policy. If you need to plug the holes and decide that RBAC is the way to go, you may find the need for the duplication of servers and other infrastructures which support RBAC cost prohibitive and adding complexity. You will also need to consider cost and risk with migrating users to the new systems while phasing out the older ones. Most of the time migrations have a variety of difficulties and unforeseen challenges, and resulting in security holes in both systems along with other costly defects, such as unplanned downtime and data loss.

Please do give a like thanks...!!


Related Solutions

try to find articles that deal with Active Directory Group Policies. Find articles that discuss the...
try to find articles that deal with Active Directory Group Policies. Find articles that discuss the proper configurations or what happens when inherent policies override permissions.
try to find articles that deal with virtual servers and/or the cloud to discuss the problems...
try to find articles that deal with virtual servers and/or the cloud to discuss the problems that are coming with moving everything virtual. Where are the issues? What can be done to mitigate these risks?
find articles that deal with application or mobile device security and those types of attacks. You...
find articles that deal with application or mobile device security and those types of attacks. You should have a large depository of these kinds of articles, especially in the mobile device security arena. Where are the biggest issues?
Keyword: Arranged marriages How many of the articles that you find deal with Asian Americans? How...
Keyword: Arranged marriages How many of the articles that you find deal with Asian Americans? How many also deal with other racial and ethnic groups? Why do you think this is the case?
Please do some web research and find two articles that deal with leadership diversity – one...
Please do some web research and find two articles that deal with leadership diversity – one that highlights a positive aspect, situation or outcome and the other that focuses on a negative aspect, situation or outcome. Please provide a brief overview, the most important point you took away, and its relationship to what we have learned in the text. Make sure you provide citations and a hot link if possible.
Can you find me TWO journal articles that outline the fundamental issues with the implementation of...
Can you find me TWO journal articles that outline the fundamental issues with the implementation of “public-private” partnerships in addressing difficulties in the interplay between environmental policy and technological innovation.
Find two articles on information systems best practices. Discuss some of the key issues to be...
Find two articles on information systems best practices. Discuss some of the key issues to be aware of and the best practices to mitigate them. ? Discuss strategic analysis decisions in the next five years, what we need to watch out for in the information technology (IT) field, and how these decisions will impact the overall company. ? Examine potential changes in IT related to innovation and organizational processes. ? List and describe internal (online) information security risks and mitigation...
When you set up your first Windows 2016 server and configure it as a domain, there...
When you set up your first Windows 2016 server and configure it as a domain, there are a few things to consider. There are points where it is relatively easy at points, as you just answer a few questions like what language you use, your keyboard, etc. At other points, it becomes more involved. what do you think would be a good name for your server(s) and why? What about server password security? What are some things to consider when...
Explain how you will find articles on any nursing issues from HINARI database using a computer...
Explain how you will find articles on any nursing issues from HINARI database using a computer at your school internet laboratory.
Try to come up with an example of one occasion when you experienced consumer surplus and...
Try to come up with an example of one occasion when you experienced consumer surplus and one occasion when you experienced producer surplus (two different experiences because you cannot experience consumer and producer surplus at the same time). Explain in detail. How did your experiences affect you personally and how you felt when you purchased or sold the product. Also, explain what would happen to price, quantity, producer surplus, consumer surplus and deadweight loss when either a price floor, price...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT