Alliance Global Services


RIGHT Blogs                                                               RSS Feed

 

Security – Part III – Validate the client (client side SSL)

Submitted by sgamare on November 17, 2009 - 12:24pm.

This setup is little rare to find. This is typically used in extra secure installations where the server application needs to verify the identity of the client browser who is authorized to access the application. This type of setup is generally limited to within the corporate boundary. Assume an example of a mutual fund sr. trader with access to initiate transactions in multi million dollars.

TAGS:

Enterprise Security – Part II – Validate the server (server side SSL)

Submitted by sgamare on November 17, 2009 - 12:22pm.

Certificates are used for a variety of implementations to secure communication from any non intended third party. In this case we are discussing the most generic of the certificates commonly known - server based SSL (secure socket layer) certificate. The purpose of the certificate is to prove beyond doubt that the server is who we think it is. This kind of security is generally setup to work on a security port - usually tied to port 443 (note - it does not have to be) and supported by the browser as "https"; an extension to the standard http protocol.

TAGS:

Enterprise Security – Part I – Login Validation

Submitted by sgamare on November 17, 2009 - 12:21pm.

Most of you at some point in your career may have setup a local web server installation and probably published articles and pictures using web servers. However here we are talking about a more than the generic setup; we will describe a basic enterprise application centric security setup.

TAGS:

Enterprise Application Security

Submitted by sgamare on May 27, 2009 - 12:18pm.

Enterprise Application Security is indeed a broad topic subject to different levels of definition and interpretation, per system needs.  Security needs for top secret Department of Defense projects would be lot different from the security required for an ecommerce application which intends to sell to the consumer. Having worked with different Enterprise Applications across a wide variety of industries, I prefer to look at security holistically with multiple perspectives. As a rule of thumb the more intense the security needs, the higher the cost of the entire implementation.

TAGS:
« first‹ previous12

sgamare
sgamare
Director of Application Services at Alliance Global Services focused on Rightware, innovative software development practices to drive high value applications.
View my complete profile
 

RIGHT Blog

Alliance’s RIGHTBlog shares our thoughts and experiences of our most valued resource - our people. With extensive experience in four key areas: strategic guidance, outsourced product development, quality assurance and testing, and application maintenance, we share this expert knowledge and personal insight in order to exchange ideas and solutions.


Recent comments
 

 Digg It    Delicious Bookmark this on Delicious    RSS Feed