Security Strategies

In general, we make our systems more secure by

  • Limiting access to the system by means of firewalls, passwords, and so on

  • Understanding the system and security requirements

  • Keeping up to date on the latest patches and security alerts

Of course, the easiest way to limit access to a system is to disconnect it from any public network, such as the Internet, and physically secure all the points where the network meets the real world. This type of security measure might be fine and appropriate for military systems, but for Internet e-commerce systems, it wouldn't do much to help business.

Another option to limit access to intranet-based Web applications is to establish a firewall between the intranet and the Internet. Most companies ...

Get Building Web Applications with UML Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.