Stepping Stone

Stepping stone(s) can refer to: more...

• Stones placed across a shallow river so people can step from each to the next and so cross the river without getting their feet wet.
  • Figurative derived meanings: see island hopping.
• "Stepping Stone", a popular song
• Stepping Stone (album), a 1998 album by Lari White, and this album's title track, which was released as a single
• Stepping Stone (StSt) is a computer security measure which consist on putting in place several logical security systems used as authentication servers in a serial disposition to emulate a physical narrow channel like a physical path (an stepping stone) formed by stones used to cross a river. With this system it would be possible to apply a granular control over each system acting as a 'stone' establishing so different risk levels as so many systems which it have been placed. I.e. If we need grant to a user access to an OpenSSH server to execute an application in a high security environment we could put a front-end system such as a Sun Solaris with Citrix Metaframe in the 1st security layer. Behind a MS Terminal Services with a SSH Client. thirdly, the last layer based on a Linux System with an OpenSSH Server which will grant access to the final application. Every system could to have a common secure system to log on as RSA SecureID, X.509 certificates based, challenge/response systems, etc. or a mixture of them. It will depends on the risk analysis over the environment treated. This computer security practices makes difficult the system usability and is hard to maintain so only should be implemented in high security environments. This practices could be considered as part of well known security principle:Security In-Depth, in this case, applied to the access control, adding logical barriers and trenches, composed by diverse authentication systems.

Read more at Wikipedia.org