1.3. Perimeter Defense

Because of the multitude of potential weaknesses and the essentially unlimited number of attack scenarios, whereby each scenario can be a combination of various attack techniques, securing an entire system can be daunting, especially when the system includes multiple host machines connected via a network. Because a system is only as secure as its weakest link, the security coverage must be comprehensive. The task is further complicated by the fact that a system—for example, the internal network deployed within a large enterprise—typically consists of machines of numerous brands and types. These machines run different operating systems and different application software and are connected with routers and other networking ...

Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.