Advertisement

02.25.2008 at 10:23PM PST, ID: 23192679
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
9.3

Web system/server security issues

Asked by paddycobbett in Security Issues in Programming, Miscellaneous Security, Web Servers

I have been developing a system and the client has posed the following points for me to respond to. I understand them on the whole, but would ask an expert to elaborate the various points for me before i respond. Or suggest anything else to include in the response.


Point 1) prevention of access to unauthorised users and denial of service attacks.

My comments: Users access the web system via a user name and password, users can not access without these credentials. What is referred to by "service attacks"? The web system is the service, and access is restricted to authenticated users.


Point 2)  Database protection

My comments: What is mean't by database protection? Code has been written to avoid SQL hacks. The database must also be accessed with authentication details. What else should be considered protective measures for database protection??


Q3) Active X and Java applets

My comments: The system doesn't use java applets, so no cause of concerns with security there. Nor does it use Active X.


Q4) Web server security and CGI scripts

My comments: "Web server security" seems quite broad. Can someone list reasonable measures for "web server security" so that i can be sure i'm taken them, and respond accordingly. Regarding CGI scripts, i *don't* think my site uses them.


Q5)  Confidentiality of information submitted across the web  prevention of information interception from browser to server.

My comments: Now i would appreciate any security experts to comment here, since i have not consciously taken any measures here, and was not aware of what measures can be taken. Can someone make some comments regarding this last point or point me in the right direction for finding more?

Many thanks :)Start Free Trial
 
Keywords: Web system/server security issues
Title
1 Converting an application to an Applet
2 HTML Code for calling Applet in a Jar
3 CGI OR ISAPI
4 Upload file with CGI
5 Web page speed - CGI vs PHP
6 applet
 
Loading Advertisement...
 
[+][-]02.26.2008 at 04:12AM PST, ID: 20983510

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Security Issues in Programming, Miscellaneous Security, Web Servers
Sign Up Now!
Solution Provided By: CoccoBill
Participating Experts: 3
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628