AlphaTrust e-Sign™ is a Web-based software application running on a Windows Server. Security for AlphaTrust e-Sign™ consists of securing:
- The host OS and components (IIS), firewall, ports.
- Web application segregation.
- The service account used by AlphaTrust e-Sign™.
- Access to URLs exposed by AlphaTrust e-Sign / intrusion detection.
- Database access and table access.
- Cryptographic components used by AlphaTrust e-Sign™.
- Data at rest encryption.
AlphaTrust e-Sign™ includes its own application-level intrusion detection system (IDS). This system is designed to block the IP addresses originating bad URL requests to AlphaTrust e-Sign™.
AlphaTrust e-Sign™ does not act as its own firewall or network-level intrusion detection system. It will service requests that it is programmed to service. You should secure the elements discussed in this paper using OS security tools, database security tools, firewalls and network-level intrusion detection tools as appropriate.