Philip Brittan's Blog: Security Strategies

My pages	Projects	Communities	java.net

Get Involved

java-net Project

Request a Project

Project Help Wanted Ads

Publicize your Project

Get Informed

java.net Online Books

java.net Archives

Get Connected

java.net Forums

Wiki and Javapedia

People, Partners, and Jobs

Java User Groups

RSS Feeds

Search

Online Books:

Advanced Search

Philip Brittan's Blog

«Fighting With Everyone | Main | The Rich Client Strikes Back »

Security Strategies

Posted by pbrittan on December 15, 2003 at 09:30 AM | Comments (4)

The IT security outlook just seems to be getting worse. Maybe it's time to change the rules.

We are being bombarded these days about the increasing threat of security. Microsoft has long been a target in this area, as have Java, and Flash, but now Linux is also coming under attack. The attacks are coming with greater frequency and with greater destructive power, and they are coming in the form of malicious code, or "malware".

In order to make significant headway in the struggle against malware, we need to fundamentally change the rules of the game. In a recent article for CNET News.com, "Inherent Insecurity", I argue that fat-client architectures are inherently vulnerable to attack, and that by switching to a thin-client model we can cut down on the amount of raw material that malware has to attack. In another article, "Fencing In" for ZDNet, I argue that we need to change our basic security posture and actively contain threats rather than huddle in our bunkers. I cite early examples of fence in strategies being used against viruses, hackers, and spam. Interestingly, I just came across another application of the fence in approach being suggested for flu vaccinations.

Bookmark blog post:

del.icio.us

Digg

DZone

Furl

Comments

Comments are listed in date ascending order (oldest first) | Post Comment

unsigned JWS - a better alternative Today, large enterprise applications are being deployed using the secure unsigned Java Web Start container. These applications are free from viruses and spyware. Most importantly, you do not have to trust the software provider; you only have to trust the container (JWS/JRE). It's all about trust. Internet applications and services can be written in such a way so the server can't decrypt the data passing between clients. In such a scenario you only have to trust JWS/JRE, the receiver of your data, and the laws of physics/mathematics. Check out ScheduleWorld for an example of a client-server system that has been doing exactly this for over a year.
Posted by: markswanson on December 16, 2003 at 11:04 AM

Security State
I blogged my reply, Security State.

Posted by: johnm on December 16, 2003 at 09:20 PM

wow power leveling wow powerleveling wow power leveling wow gold wow items feelingame.com wow tips Most Valuable WOW Power Leveling Service wow power leveling faq cheap wow power leveling wow power leveling wow powerleveling wow power lvl
Posted by: wowleveling3 on December 13, 2007 at 07:40 PM

网络营销软件网络营销软件网络营销软件群发软件群发软件 --- 群发软件网络营销软件论坛群发软件网站排名软件群发软件推广小助手破解版论坛群发软件网站排名软件群发软件推荐给你很好的群发软件和信息群发软件和供求群发软件推荐给你很好的群发软件和信息群发软件和供求群发软件博客群发软件网络营销软件网络营销软件网站排名软件网站排名软件网站优化软件信息群发软件信息群发软件信息群发软件论坛群发软件网站推广软件网站推广软件博客群发软件博客群发软件群发软件群发软件博客群发软件论坛群发软件网络营销软件论坛群发软件信息群发软件推广软件网站推广软件网络营销软件网站推广软件群发软件网站排名软件网站推广软件博客群发软件论坛群发软件群发软件网站排名软件网站推广软件博客群发软件论坛群发软件网站排名软件博客群发软件网站排名软件网站推广软件群发软件信息群发软件免费论坛群发软件论坛群发软件网站排名软件免费博客群发软件网站推广软件群发软件博客群发软件网站排名软件网站推广软件群发软件信息群发软件免费论坛群发软件论坛群发软件网站排名软件免费博客群发软件博客群发软件信息群发软件论坛群发软件信息群发软件博客群发软件 qq群发软件邮件群发软件博客群建软件企业名录搜索软件信息群发软件邮件群发软件论坛群发软件博客群发软件网站推广软件网络营销软件全能营销破解版网络营销软件论坛群发软件论坛群发软件论坛群发软件网络营销软件信息群发软件信息群发软件信息群发软件群发软件论坛群发软件群发软件网络营销软件网站推广软件
Posted by: u89io98 on December 25, 2007 at 11:45 PM

Powered by
Movable Type 3.01D

java.net RSS Feeds