Security Matt Liotta Agenda What does security mean
- Slides: 13
Security Matt Liotta
Agenda • • What does security mean anyway Different levels of security Application security Security best practices Network security OS Security Q&A
What Does Security Mean • • When an application is secure what does it mean? No one can steal your data? No one can steal your code? No one can make your application do something it wasn’t designed to do? • No one can stop your application from working?
Security Levels • Security exists at many levels • Some are more obvious than others • The most secure systems can be compromised
Application Security • An application is made up of more than one tier • Each tier has different security requirements and implications • Some typical tiers are. . . – Presentation – Business – Data
Presentation Tier Security • Easiest tier to secure • Generally a simple matter of securing files • Two examples – OS/Web server – CFML • What was overlooked?
Data Tier Security • Generally straightforward to secure • Different points to secure – Accessing the database – Performing operations on the database – Changing the data • What about the schema? • What about encryption? • Anything else?
Business Tier Security • Can be tough to secure because of all the exploitation points • Things to consider – Scopes – Data validation – Workflow enforcement • What about RDS? • What about your Code? • Anything else?
Security Best Practices • It takes a lot of work to secure your application • Following some best practices can help secure your application without the added work • Some examples – – Limit data in cookies, URLs, and forms Always use cfqueryparam Catch all exceptions Beware of placebos • What else?
Network Security • • • Well understood and easy to implement Limit port access Make machines unaccessible Use a proxy Use a load balancer Use a VPN
Network Security (cont. )
OS Security • Pretty straightforward for web work • Turn off all services not used • Only give the application server permissions to what it needs
Q&A
- Matt liotta
- Matt liotta
- Shawn liotta
- Agenda sistemica y agenda institucional
- Mean absolute deviation questions
- What does mean mean
- Say mean matter examples
- Security private
- Difference between sample mean and population mean
- Mean of sampling distribution
- How to find point estimate
- Mean of the sampling distribution of the sample mean
- Mean deviation from mean
- If scenario - jessica