Threat Models

In this release of Enterprise Server, the security features are designed to address a particular "threat model". A threat model is a description of the kinds of unauthorized actions the system has to protect against. Security issues that don't fall under the threat model have to be addressed outside Enterprise Server, using features such as operating system security and corporate policies.

The current Enterprise Server threat model trusts the applications that run on your enterprise server, and assumes the system is reliable. The threats it addresses are attempts to impersonate legitimate users, and legitimate users making illegal requests to access or modify resources or features.

Enterprise Server security is not designed to prevent developers from creating applications, running under Enterprise Server, that misuse data or resources. Enterprise Server does not prevent applications from using SYSTEM or COBOL library routines such as CBL_WRITE_FILE to alter data or run arbitrary commands with the permissions of the account used by Enterprise Server, or from calling operating system APIs. Appropriate operating system administration can mitigate many of these threats. Micro Focus recommends that you institute processes and procedures appropriate for your organization to ensure trust for your applications.