From the beginning in the history of multiuser computing, there was always a need to protect and secure information or resources of one user from access by another. Security violations can be intentional or unintentional, vicious or benign; in all cases, it's highly undesirable and best prevented, if at all possible. Now that networking machines and sharing of resources and information becomes enterprise-wide (in the intranet) and global (in the Internet), the need for sound and robust security measures is more important than ever before.
The security industry is a relatively 'fear' driven one, and deservedly so. The sensational cases that occasionally surface, with employees or demonic individuals bringing down entire enterprises through electronic attack or espionage, is enough to drive any executive into committing major resources to prevention measures.
There are many reasons why you should secure a web server or distributed software components in an intranet environment. Most of them revolve around the previously mentioned need to protect the information and/or resources belonging to one party against access or tampering from other unauthorized parties. In order to carry this out, one typically has to provide means for:
We'll briefly explain these terminologies and see how they all fit together.