For primary security purposes, TAO can be considered being a PHP website with DB storage. This page covers the basics and some TAO specific items; dependent on the security requirements further reading may be necessary. Fortunately, there is a wealth of data available around the web about securing PHP sites.
Encrypting connections between client and server
SSL/TLS is the primary method of encrypting client/server communications (ie. “https://” rather than “http://”). Implementation of this is independent from TAO on the server.
>h4. HTTPS principles\ >
>HTTPS relies on TLS (Transport Layer Security, formerly known as SSL). TLS encrypts the communication between two programs - in this case, a browser (client) and the server. The purpose is not only to encrypt the data but also to confirm the identity of the server to clients.
>h4. HTTPS setup\ >
>Most TAO implementations will be delivered via apache but similar documentation is available for alternatives:
>In addition to the steps in the link above, you will also need to acquire a certificate. A self-signed certificate will generate warnings in users’ browsers. If this is a concern then consider purchasing a certificate from a trusted certificate authority
Hardening PHP and encrypting user session data
Depending on what is at stake, you may want to encrypt user data. So any server breakage will just provide the offender with encrypted data. For instance, the Suhosin component encrypts the session data on the server side. Unfortunately the Suhosin project has not been updated in a while and thus only PHP versions up to 5.3.9 are supported. Other possibilities are available to the experienced administrator willing to harden php ‘manually’ beginning with:
display_errors = Off log_errors = On allow_url_fopen = Off safe_mode = On expose_php = Off enable_dl = Off disable_functions = exec, system, proc_open, popen, curl_exec, curl_multi_exec, parse_ini_file, show_source, system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
TAO stores user information in the database. As a typical web application, you can split TAO into four major parts:
- the source code, that contains none data,
- the configuration files, generated during the installation,
- the generated local files, available for local work,
- the generated user content (tests and results) in the database.
Confidentiality and privacy
In many jurisdictions, you are required to provide a statement regarding user data. In any case, it is a good idea to inform users of where and how you store their data. If deploying TAO with user information or data from outside sources, it is important to secure agreements with both data owners and data keepers.