Technical Risk
To understand the technical security risks of a system, architects and designers need to understand the nature of these risks in order to prevent problems. The nature of risks in our systems can be categorized into four major areas:
Improperly configured systems
Buggy software
Poor authentication, or insufficient password requirements
Lack of encryption in network traffic
The primary reason that any given part of a system is a security risk is improperly configured, or buggy, software. An improperly configured system, or a system with a bug, opens a security hole that can be exploited. One of the most famous security breaches has been chronicled by Clifford Stoll in his book The Cuckoo's Egg, in which he describes the eventual capture ...
Get Building Web Applications with UML Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
