AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Medieval castle diagram12/19/2023 ![]() ![]() Simple passwords make it far too easy for enemies to walk in the front gate. Train Castle Guards in the Security Protocol If the application allows us to type in markup codes, we want to be especially careful. On top of that, we'll check the programming language (to the left on ) to make sure the programmers used named parameters any time they used SQL directly. Better yet, use a tool like nHibernate that writes the SQL for us, and protects us from SQL injection mistakes. In fact, according to the Open Web Application Security Project ( oWasp), injecting code onto web pages is the most popular kind of server attack, generally cross-site scripting and SQL injection.įor example, you can start by creating a whitelist of acceptable characters (a-z, A-Z, 0-9, perhaps a period, sign, or hyphen), and have the software strip out anything else before we process it. In computer terms, that would be web server traffic, requests for pages, form submits, and so on.Ī malicious user can go through the front gate by attaching computer code to those form submits. We may put up a drawbridge and an inspection layer to make sure arriving traffic is safe. For designing secure software applications, that means a second system can compensate for vulnerability that the first didn’t catch, and prevent a breach. These multiple layers of protection, perhaps even redundant layers, ensured that if one barrier didn’t stop the enemy, another one would. Later castles had two portcullises, to trap invaders between them, and fire arrows through slits in the floor called “murder holes.” In the late middle ages, lords built towers over the top of the drawbridge from which to fire arrows or to dump boiling oil. The castle lords built multiple layers of defense over the target: a portcullis, a draw bridge, a moat. But it has to be easy to drop into protection-mode, too. When the traffic is trusted – peacetime – you want to minimize barriers to entry. On the Internet, that big hole is Web traffic, designed to let requests go right on in and be handled by the web server. An open gate with a few guards is great in peacetime, but during war, the gate is a huge security hole. ![]() That's no surprise the population inside the walls need to get lots of food, people, animals, and fuel into the castle. The easiest way into Windsor Castle? The front door.Ĭastles usually have a big door called the gate. They had several layers of defense – and it’s instructive to consider how to use their architecture in designing your own applications for optimal security. Used for protection and defense, medieval castles’ architecture evolved, like software systems, to include more and different types of protection, such as the two-wall defense system.Ĭastles weren’t just one big wall around a town. We bandy about terms like “firewall” to represent the way we protect IT services and software applications, but the analogies have a very real origin and relevance to application design. Here’s how to apply castle architecture to your own software design by securing your systems on multiple levels. Ancient castles weren't just guarded by stone walls they had multiple layers of defense. ![]()
0 Comments
Read More
Leave a Reply. |