Guidelines on Securing Public Web Servers

supporting the Web sever?  Often an organization will discover that their existing 

human resources are not sufficient and will have to consider the following options: 

Hire Additional Staff,   If there is not enough staff available or they do not have 

the requisite skills, it may be necessary to hire additional personnel.   

Train Current Staff,   If there are personnel available but they do not have the 

requisite skills, the organization may choose to train the existing staff in the skills 

required.  While this is an excellent option, the organization should ensure that 

employees meet the necessary prerequisites for training. 

Once the organization has staffed the project and the Web server is active it will be necessary 

to ensure the number and skills of the personnel are still adequate.  The threat and vulnerability 

levels of IT systems including Web servers are constantly changing, as is the technology.  This 

means that what is adequate today may not be tomorrow.   

3.6  Alternative Web Server Platforms 

Although many organizations manage Web servers that operate over general purpose 

operating systems, there are instances when an organization may wish to use one of the 

alternative discussed below.  While these technologies are relatively new to the area of Web 

servers, they are based on sound technologies and will probably see broader use in the Web 

server environment in the years to come.   

3.6.1  Trusted Operating Systems 

Trusted operating systems (TOSes) are security modified or enhanced operating systems that 

include additional security mechanisms not found in most general purpose operating systems.  

They were originally created to meet the need of Federal government for high security 

mandatory access control systems.  TOSes provide a very secure system wide control policy, a 

finely defined set of access privileges, and extensive logging and auditing capabilities.  Most 

TOSes are independently verified to ensure that meet the requirements set forth in their design, 

documentation.   

TOSes are generally used in applications where security is paramount.  TOSes are able to 

securely control all aspects of a computing environment including networking resources, users, 

processes, memory, etc.  More specifically, TOSes are able to limit access to system resources, 

and in a manner that not likely to be interfered with or compromised.   

Applying a TOS will generally lead to a very secure Web server, however, some difficulties 

exist in using TOSes.  A major drawback is that administering a TOS requires knowledge of 

each protected subsystem and its access needs.  It may also require significant planning and 

administrative overhead to design and support a complex Web site on a TOS.  However even 

with these limitations, organizations that have very high security requirements should consider 

using a TOS to support their Web server(s).   

Some items to consider when considering a Web platform: 

What is the underlying operating system and how has it fared in security testing?   

Does the organization have the expertise in administering a TOS? 

17