The 8 Principles Of Web Securityposted by John Spacey, February 28, 2011
Web security is based upon 8 basic principles — these are the goals of security.
AuthenticationConfirm something is authentic. Example: confirming the identity of a user.
AuthorizationSpecify access rights to resources. Example: only Joe can view Joe's account balance.
ConfidentialityPrevent the disclosure of information to unauthorized individuals or systems. Example: message encryption.
Data / Message IntegrityData cannot be modified or corrupted without detection.
AvailabilityWeb sites need to be available and fast. Example: many websites can boast 99.99% uptime.
AccountabilityWhen a person or system accesses or changes data their actions should be traceable. Example: logging
Non-repudiationThe ability to prove that a transaction took place. Example: electronic receipts.
What you should know about web security.|
There are many steps involved in securing a website.|
The reality is that SOA is a simple concept.|
The most important diagram in all of business architecture — without it your EA efforts are in vain. |
How to architect an organization.|
ESB vs. ETL — what you need to know to make an informed choice.|