Words of Wisdom:

"When all else fails, bring in the duct tape." - Ycclarleafflo

How Will Science and Technology Change Our Lives in the Future and What Should India Do to Stay Ahead in the Game

  • Date Submitted: 01/21/2013 05:16 AM
  • Flesch-Kincaid Score: 47.5 
  • Words: 6361
  • Essay Grade: no grades
  • Report this Essay

Cover Feature

A Survey of Web Security
Developing security methods for the Web is a daunting task, in part because security concerns arose after the fact. The authors offer a survey of Web security issues, focusing on particular areas of concern, such as server security, mobile code, data transfer, and user privacy.

Aviel D. Rubin
AT&T Labs

Daniel E. Geer Jr.


ith no insult intended to the early Web designers, security was an afterthought. At the outset, the Web’s highest goal was seamless availability. Today, with an internationally connected user network and rapidly expanding Web functionality, reliability and security are critical. Vendors engaged in retrofitting security must contend with the Web environment’s peculiarities, which include location irrelevance, statelessness, code and user mobility, and stranger-to-stranger communication. In this article, we present a survey of Web-specific security issues. Given the Web’s rapid ascent, our offering is necessarily a mix of short-lived techniques and long-lived principles. Our focus is on security in the server and host environments, mobile code, data transport, and anonymity and privacy. We do not delve into cryptography, electronic commerce, or intrusion detection because they are not Web-specific, and they are well covered elsewhere.1,2

Configuration basics
The biggest cause of security problems is bad management. In distributed systems, the first place management affects security is in the system’s configuration. A bad system configuration can mean disaster. If configuration is not controlled, it is difficult to express management policy in the system’s operational characteristics. As system complexity increases, the problem becomes acute: The inability to make systems conform to policy ensures increasing disarray and the exploitable holes that result. The Web-server configuration file lives in the server root. Configuration files are composed entirely of directives and...


Express your owns thoughts and ideas on this essay by writing a grade and/or critique.

  1. No comments