On Sat, 27 Jul 2013, Paul E Condon wrote: > In this case, what is a 'security domain'?
It is a partition or a group (actually, a "set"). When you have several services/hosts that have different attributes from an information security[1] perspective, you should place them in different partitions (aka domains, realms, zones). You usually have important partitions/domains as segregated as possible (including at the hardware level) from any others. This is always done to minimize risk and contain damage, but it can also be done for simple reasons such as to keep separate administrative domains[2] segregated. > Don't make fun of me. I really haven't, to my memory, come across the > term, before. I am unsure whether this is a widely-used term or not. I should have added a definition anyway. Sorry about that. [1] this actually means a lot more than just "keep people away from my stuff", see http://en.wikipedia.org/wiki/Information_security#Key_concepts for details. [2] "domain" here has the "partition" or "set" meaning. Stuff that is controlled / owned / operated / managed by or for different parties / teams / customers are probably in separate administrative domains. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
