Security

Architecture

The Hélène server is composed of two UNIX servers:

  1. A Document Server is used to store the files under copyright. It is insulated from the Web by a firewall based on the ipchains software provided by the GNU/Linux 2.2.x kernel. The integrity of the server is periodically checked by the tripwire software.
  2. A Public Web Server provides the interface between end-users and the Document Server. It provides a public catalog describing the documents. Requests can be formulated according to several criteria. Bibliographical data are described in XML files, indexed in a MySQL database. Perl and CGI (Common Gateway Interface) have been used to implement the functionality of this catalog, including : administration facilities (monitoring access to files), advanced search, a newsletter, ... This Public Web Server also manages HTTP authentication of users who request secured files. Authentication is made on basis of a login and a password encapsulated into HTTP requests sent from the user to the Web Interface. The user interface is made of HTML pages in accordance with the WAI accessibility Guidelines [3].

The two servers use a protocol HTTPS (HTTP over SSL ) to communicate in order to reduce the vulnerability in the exchanges. The SSL is a protocol providing a practical, application-layer, widely applicable connection-oriented mechanism for Internet client/server communications security. Note that this standard is widely used in on line banking and on line payment on many commercial Website.

local contents
Dominique BURGER Catherine DESBUQUOIS
Copyright © 2007 Dominique Burger and Catherine Desbuquois