Extra Defensive Measures
| | ||
If your application is broken up into lots of processes, you might get some mileage out of trusted systems such as SE Linux, Trusted Solaris, or OS add-ons such as Argus PitBull (which works for Linux, Solaris, and AIX). Generally, you can label data at the file level, and then permissions are monitored as data passes between processes.
Slightly more practical guidance is to keep all data encrypted except when its necessary to reveal it. Most operating systems provide functionality to help protect data in storage. For example, in Windows you can encrypt files automatically using the Encrypting File System (EFS).
You can also perform output validation, checking outgoing data for correctness. For example, if a piece of functionality in your application only outputs numeric amounts, double-check that the output is just numeric and nothing else. We often hear of input checking, but for some data you should consider output checking, too.
EAN: 2147483647
Pages: 239
- ERP Systems Impact on Organizations
- The Second Wave ERP Market: An Australian Viewpoint
- Enterprise Application Integration: New Solutions for a Solved Problem or a Challenging Research Field?
- Intrinsic and Contextual Data Quality: The Effect of Media and Personal Involvement
- Development of Interactive Web Sites to Enhance Police/Community Relations