the ultimate storage solution

Nigel Weeks nweeks at examiner.com.au
Wed May 24 16:12:34 PDT 2006


> > > And how is apache and PHP on top of it with direct access to the
> > > file system more secure than samba?
> > The suggestion is geared more towards "usable by any OS,
> accessible from
> > anywhere", rather than being more secure.
> >
> >
>
> It could be more secure, you can design whatever authentication &
> authorization Mecanism you require in PHP+HTTPS, instead of using the
> CIFS security model.
>
>
>  Also, more specifications are needed..
>  "secure file repository"?
>  secure from what?
>
>  what level of security?
>  secure from phisical thetf?
>  secure from unathorized, but authenticated access?
>  secure from unathorized and unauthenticated access?
>  secure from the internet public?
>  secure from fires?
>  secure from data corruption?
>
>  "secure file repository", doesn't mean anything unless a propper
> concrete specification is presented.
>

All of the above (for a very handsome price...)
Physical theft:
  handled by storing in encrypted, compressed form on disk - not even OS can
get plain text.

Unauthorized, but authenticated:
  Have users access on a per-folder basis - can only obtain files where
they're allowed to.

Unauthorized, and unauthenticated:
  Have to have a valid login to acces anything.

Secure from internet public:
  firewalled to specific IP's, username/password/company.

Secure from fires:
  rsync to remote off-site machines in encrypted format(OS just shovels
bytes back and forth).

Secure from data corruption:
  Maintain versions of files - if an update happens, version number
increments(ala OpenVMS).
  Back versions can be easily obtained (Will use disk space, but, oh well)


This is so far off-topic for this list. By recommending PHP/Apache, I was
suggesting you build the security you need...

Nige.







More information about the Users mailing list