April 2011
Intermediate to advanced
504 pages
14h 51m
English
Content preview from Web Commerce Security Design and DevelopmentBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Isolation
In addition to implementing security controls, isolation is another option for improving the security posture of computer systems involved in Web commerce. In general terms, isolation involves dividing a system into compartments that are segregated from each other such that a compromise in one area does not propagate to another. Isolation can be implemented by separating process address spaces, memory areas, and running programs (sandboxes).
Some of the important issues that have to be addressed in implementing isolation are determining the partitions, setting access permissions for each partition, and allocating bounded memory space for each partition. Three methods that support these isolation requirements are virtualization, the sandbox, and IPSec.
Virtualization
Virtualization employs the concept of a virtual machine running on a physical computing platform. Virtualization is controlled by a Virtual Machine Monitor (VMM) or hypervisor, such as Xen, which is an open source hypervisor. Virtual machines emulate a complete host computer, on which a conventional operating system may boot and run as on actual hardware. The guest operating system is isolated in the sense that it does not run natively on the host and can only access host resources through the emulator. Therefore, physical computing resources are logically partitioned into multiple execution environments, including operating systems, servers, and applications.
Virtualization offers a means to consolidate applications ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.