Technical Risk
To understand the technical security risks of a system, architects and designers need to understand the nature of these risks in order to better prevent them. The general nature of risks in our systems can be categorized into the following major areas:
Improperly configured systems
Buggy software
Poor authentication (that is, insufficient password requirements)
Lack of encryption in network traffic
The primary reason that any given part of a system is a security risk is improperly configured or buggy software. An improperly configured system or a system with a bug opens a security hole that can be exploited. One of the most famous security breaches has been chronicled by Clifford Stoll in his book The Cuckoo's Egg, in which he describes ...
Get Building Web Applications with UML now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.