The reality of Internet applications is that each piece of data being transmitted from the client to the server and back to the client passes through equipment on several different networks. In multi-tiered systems, the client-server paradigm is extended to include application servers, databases, and other heterogeneous systems. Each of these represents a point where the data passing between a user and the server could potentially be compromised. To minimize the risk of data's being compromised in this fashion, many Internet applications are built using Secure Socket Layers (SSL) over the HTTPS protocol. Using this technology, data sent between the server and browser (client) is encrypted (the bit depth of encryption can vary among brands and versions of the browsers), making it much more difficult for outsiders to read this data. NOTE Although encryption can make users' data more difficult to steal, technologies exist that, given enough time and processing power, can decrypt any encrypted strings. Nevertheless, the stronger the encryption used, the longer it will take a malicious user to decrypt it. Encryption schemes are good protection from eavesdroppers; however, by themselves, they do not completely guard your data and back-end systems from malicious users. It is commonplace for Web sites/applications to accept end-user input from browsers (input such as forms and/or URL parameters) and pass it directly to the database (or other back-end systems). The application must validate such browser input to ensure only valid data reaches the database. In many cases, there are pages or whole sections of a Web site that only authorized users can view. These need to be protected with a system through which users can identify themselves (log in) and have the system check whether they are authorized to view the requested page. These login routines can be handled either at the operating system/Web server level, or in the application itself. A final concept in Internet security is access control. Through the use of firewalls, it is possible to restrict certain machines' communication (as determined by IP or MAC addresses) with certain parts (ports) of other machines. With a well-established set of firewall rules, it is possible to limit the public's access to machines they don't need to access, and offer the application's infrastructure a higher degree of security. For example, it is not uncommon for network administrators to establish firewall rules that only allow access to the database servers from the ColdFusion Application Server. Because the public cannot access this machine directly, it makes it much more difficult for malicious users to compromise the company's data. What Is ColdFusion's Concern and What Is NotApplication architects must consider security early in the design process. For example, in a typical E-Commerce application you generally have a database, application server, and web server delivering content and accepting orders from disparate clients. Architects must consider all possible points of penetration which may lead to data compromise, including:
Although it provides some base functionality in many of these areas for securing Internet applications, the ColdFusion MX 7 Application Server is not intended to solve all security issues at every level. It can offer application-level security by defending applications against security risks in four areas: Encryption, Validation, Authentication, and Authorization. Let's examine ColdFusion's role in these areas. |