Information is like any other asset subject to unintended or malicious activities
that might affect its confidentiality, integrity or availability hence a defensive
practice, activities should take place to help protecting these precious assets.
Other definitions might concentrate more on safeguarding information in its
different status such as static stored in databases, files or dynamic moving over
different carriers or while it is Processed.
Applying security
this approach might depend on building the application over a framework with security focus where security becomes part of application itself with minimum risk of security vulnerabilities.
Sometimes this approach is reached through a special process like development
methodology or as programming language that enforce security.
This approach might look perfect for new applications but when it comes to old
or legacy application this becomes nonrealistic approach.
Verify it is secure:
This approach depends on vulnerability analysis by investigating different
vulnerabilities to be sure that main and known ones are covered.
The next step to apply security through that approach is to reinforce and fix
vulnerabilities.
This approach can be usefull in new systems and legacy ones.
- Vulnerability analysis can be done through application or even manually depending on the analyzed vulnerability.
- Vulnerability analysis can be done using :
- static methods like auditing the application source code
- Dynamic method: the analysis is done in the run time by observing the behavior of the system.
Using the static method might give the maximum coverage for most
existing vulnerabilities but it might have issues of false alerts in time
when the dynamic method we can be sure of correctness but no
guarantee for complete coverage of vulnerabilities.
Protect it:
This approach depends on building a run time environment that will help in
protecting the application vulnerability from being exploited this approach
can be applied through two methods:
1- Proxy approach that will isolate and detach application from other
components in the system which minimize the ability to exploit the
vulnerabilities.
2- Embed monitoring capabilities in infrastructure components (Browser,
language runtime) to enable monitoring behavior, isolate and quarantine
any threat.
Even though the presented approaches are categorized in different classes but a
hybrid use can be applied sometimes depending of the nature of application.
0 comments: