Frequently Asked Questions
  • Register

Have questions? We have answers!

  • What is the difference between a User-Based Security & a Process-Based Security system?

    A web server must make it possible for millions of unknown people to connect to it and access data. For each user, it performs essentially one task: to serve up web pages. In this environment, the task of the system security is to ensure that the user does not find a way to force the web server to run harmful processes.

    The most popular security model for web servers is the user-based security model, also known as discretionary access control (DAC), which functions on user authentication. Processes are assigned to a specific user identity and thus their actions are restricted based on the user’s access rights. However, this user-based security model has proven unreliable in recent years.

    The main reason for its failure is that it relies heavily on the assumption that a valid user will not engage in any malicious activity. It is processes, however, and not users that compromise or damage computers. Users don’t delete files, processes do. If a rogue process can masquerade itself as having legitimate rights of access, then the rogue process could execute at a privileged level and cause damage within the system.

    Examples of flaws caused by user-based security:

    • Web Server Flaws
    • CGI/ASP/SSI Exploits
    • Memory Leaks (Buffer Overflows)

    SAGE Fisrt Logo

    Created on 12/17/2012 in SAGE First FAQs

    Was this helpful?

Secure Web Server Appliance


  • Pre-configured with Web, email and FTP servers
  • Secure Remote Administration
  • Process-Based Built-in Security Policy
  • Worry-free maintenance
  • Hardened Operating System
  • Supports SSL, SSI, PHP, PERL PYTHON, & TCL
  • Supports MY SQL, PostgreSQL and SQL Libraries
  • Multi-domain Hosting, Virtual IP
  • Backup

Industrial Automation Firewall

Firewall AD Graphic


  • Mac Address Limiting
  • Port Management
  • Detection and Rejections of DOS Attacks
  • Protection from Viruses, Trojans and Common Cyber Attacks
  • Secure Your Ethernet Enabled Control System Devices (PLCs, RTUs, IEDs)
  • Physically Hardened
  • Secure, Cyber-Hardened Operating System
  • Protect Your End Devices Against Viruses, Worms, Trojans, Malware and Common Cyber Penetration Attacks
  • Transparent In-Line PLC Firewall and Communications Filter


Process-Based Security

PBS Ad Graphic