Solution options

The solution options are as follows:

  • Leverage authorization and authentication to prevent spoofing of identity and identify trust boundaries
  • Design various controls to prevent access to sensitive data or system
  • Establish monitoring and instrumentation to analyze user interaction for critical operations
  • Protect against damage by ensuring that you validate all inputs for type, range, and length, and sanitize principles
  • Partition users into anonymous, identified, and authenticated, and leverage monitoring and instrumentation for audit instrumentation, logging and root cause analysis
  • Leverage encryption, sign-sensitive data, and use secure transport channels
  • Reduce session timeouts and implement solutions to detect and mitigate attacks
  • The security will be provided through DMZ using an inner and outer firewall; application and database servers will be behind the inner firewall, and the web server will be behind an outer firewall in the DMZ
  • The architecture uses form-based authentication for the web tier, and the security logic is implemented in a reusable business component in the application tier.
  • SSL will provide the desired security for sending sensitive information to critical systems, like merchant bank and market place
  • Leverage esmsage-level encryption, digital signatures and transport-layer security - SSL
  • The application will use LDAP for authentication on the web tier and will use role-based security on the web and business tier for authorization
  • Authorization is controlled access to information in the application once a user is identified and authenticated
  • Authentication: Identification of an end-user in the system and validation that the user is telling the truth
  • Auditing: Instrumentation and monitoring of security
  • Integrity: Protection against improper modification of information in transit or storage
  • Confidentiality: Protection against inappropriate disclosure of data during transit and storage.
  • User or security role should be given the lowest privilege for a resource or function. Privileges will not be elevated automatically by direct or indirect means, and therefore one should maintain a default deny policy
  • Enforce appropriate security policies at all tiers, components, systems, and services using appropriate security policies, techniques, and operations; a security policy at each layer is different from one layer to another, making it difficult for the hacker to break the system; identify and fix the most vulnerable point in the end-to-end chain of components.
  • The security framework should support a standards-based plug-in model wherein it is possible to architect pluggable extensions to improve the security position
  • All software and hardware resources and functions should be categorized into various security classifications, and access should be restricted to users with appropriate roles and privileges
  • Pluggable extensions would be required to re-use the security framework in different environments and to comply with local regulations and laws
  • The system should provide a holistic view of administration features to manage essential security functionality
  • The application should allow users only a single authentication point. Back-door entry functionality and shortcut URLs should be avoided
  • Data entered by the user must be thoroughly validated and cleansed at different levels; data must also be properly encrypted when stored and transferred to various layers
  • Minimize entry points for end users and retain a minimum amount of data, service, and functionality exposed to unauthorized end users
  • Design contingency plans for all possible failure scenarios: It is feasible to minimize the impact of security incidents by using robust error handling routines, data backups, a disaster recovery (DR) environment, and in-depth defense

Best practice:

  • SQL Injection: Prepared or dynamic SQL statements
  • Cross Site Scripting: JSF validation, avoid JavaScripts, and avoid frame/iframes
  • Denial of Service: Service Request Queue Technique, limiting the number of concurrent requests, and queuing all excess requests
  • Man-in-the-Middle: Using SSL, avoid frames/iframes, avoid URL rewriting
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset