Solved

https encryption and certificate

Posted on 2007-03-30
4
163 Views
Last Modified: 2008-02-01
On a jsp paysite, I have checked that the site using running SSL as it's https and I have checked the certificate information, is there anything else I can check security wise before makign a payment, I'm talking what I can test from the jsp site itself.
0
Comment
Question by:pma111
  • 2
  • 2
4 Comments
 
LVL 30

Expert Comment

by:Mayank S
ID: 18825731
Sounds good. Are you going to ask the user for credit card information?
0
 
LVL 3

Author Comment

by:pma111
ID: 18834765
Yeah it does pass such information, or once it goes live it will.
0
 
LVL 3

Author Comment

by:pma111
ID: 18939507
I cant really accept mayankeagle answer as a solution, I was hoping for a bit more info on what could be initially tested....
0
 
LVL 30

Accepted Solution

by:
Mayank S earned 250 total points
ID: 19047217
From a security standpoint, you look good. Make sure that you do not store the credit card number. You can store username/ password in an encrypted format (use one-way hashing for the password). Also make sure you use some clustering/ fault tolerant architecture to ensure your system is highly available. There isn't really much info in your question, so I'm not sure what server you are using. Here is a guide on Tomcat clustering:

http://tomcat.apache.org/tomcat-5.5-doc/cluster-howto.html
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Display the newly inserted values 3 74
tomcat users xml 7 104
Fisheye tool 2 104
eclipse luna javeEE perspecive missing 5 96
Microsoft Office Picture Manager was included in Office 2003, 2007, and 2010, but not in Office 2013. Users had hopes that it would be in Office 2016/Office 365, but it is not. Fortunately, the same zero-cost technique that works to install it with …
This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now