Mobile app version of vmapp.org
Login or Join
Ann8826881

: Good Faith contract solidified by joint-dual access to server directory Our freelance marketing team needs earn a portion of every online sale. They will receive notification via email upon each

@Ann8826881

Posted in: #AccessControl

Our freelance marketing team needs earn a portion of every online sale. They will receive notification via email upon each sale. The trust in the system needs be instilled by a secure and permission based method. Meaning I need them to have full faith in the initial programming and confident it cannot be changed without tehir expressed permission.

Solution proposed: Lock editing of the payment file on the server only allowing access to editing with two passwords. My password and the marketing teams password would be necessary to edit. I was thinking a tree of folders with .htaccess on each ultimately allowing access to the bottom tier where the payment file resides.

Suspected Issue: The webmaster could FTP download the file and re-upload it without consent and unnoticed.

Can anyone offer an easier method to accomplish this monitoring of our good faith contract or am I on the best track. I feel there's an easier way, maybe even ready made I could implement.

10.01% popularity Vote Up Vote Down


Login to follow query

More posts by @Ann8826881

1 Comments

Sorted by latest first Latest Oldest Best

 

@Berumen354

Options such as specialised multi-challenge systems (such as used in some banks) and multi-factor authentication (password and keyfob) could be an option but the initial capital expense to get such a system running to secure a single file would be prohibitive.

I have a colleague who works in the banking industry writing web applications for banking use. In one instance he needed to add a security module file to a web application which had been specially produced by the internal security team to the web application so that they would be flagged whenever a staff member did anything with their own bank accounts (which was against policy). Due to the concerns that this file could be tampered with there where concerns about my colleague having access to the file (could he change it without anyone knowing). What he proposed and was accepted as a good solution for the bank was that the file would be stored on the server and the internal security team would not have access to the entire application base. However the internal security team was provided with a machine running special auditing software which could not be remote accessed and which was secured in the internal security team offices. That machine was granted read only access on the network over the security module file. A copy of the security module file was stored on the internal security machine. The file was compared to the control file at random scheduled intervals not exceeding 3 hours. If the file was incorrect or could not be read for verification a high level alarm was shown to the internal security team so that they could take the necessary action. In the end what this did was provide a high level of trust between developer and the internal security team as it provided a relatively inexpensive solution to a problem which would have otherwise cost a huge amount.

Something like this could work for yourself if you need to go to that extend. The only other option would be multi-factor authentication where the only user account with access to change the file needs to have a password (held by developer) and a hardware keyfob (held by marketing).

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme