To understand the areas of risk in our application, we need to understand where our systems are vulnerable. The basic Web system architecture, being a variant of a client/server architecture, has three principal architectural elements: the client, the server, and the network. Each is vulnerable to attack (see Figure 5-1).
Figure 5-1. Areas of risk in a Web application
It is the job of the chief architect and designers to understand and to manage these risks. Managing security risks in a software application happens at two levels: technical and procedural. Technical risk, the focus of this chapter, deals with risk presented by the technical components of the systemhardware and softwareand is the domain of the architect. This type of risk is managed by a good understanding of the system and its deployment and by adding to the design certain technical measures that make it more secure.
Procedural risks, on the other hand, represent areas that are a result of poor operating practices. As any security expert will tell you, many of the security holes in your system are a result of human error and confusion. A classic story told in security circles is about a top-notch security expert called in to examine the latest security precautions at a banking institution. The institution was proud of its security precautions, which were a comprehensive set of the latest and most advanced technologies. The expert managed to gain access to the system by simply making a call to a new employee at the bank. The expert, claiming to be a member of the bank's IT department, asked the new employee for his name, office location, phone extension, and computer password, claiming to be updating the employee's status on the system. The new employee gave the expert the required information, and within minutes, the expert had gained access to the system.
This story emphasizes the point that security is more than a technical issue. In order to maximize the security of our systems, we need to be aware of both the technical and the human aspects of our system's vulnerabilities. Establishing proper security policies and training users of a system is as important to its security as any technical component.
Overview of Modeling and Web-Related Technologies
Building Web Applications