Website security definition

This 'website security definition' article is supplied by Web Site Security, where you can find more information about website security definition.

Web Site Security Issues - An Assessment



It is unfortunate, but there are many ways in which web site security can be breached. Security risks exist that could affect Web servers and LANs (local area networks) on which Websites reside, even by the conventional use of a Web browser.

Web Masters are in the front line when dealing with the most acute risks. As soon as a Web server is set up at a site, a window appears in the local area network through which anyone who is on the Internet can peer. Certainly, most website visitors look at no more than what they're supposed to look at, but a minority try to unearth parts of the site which aren't intended to be discernible by all and sundry. Unscrupulous visitors mean to go further than only look; they endeavour to unlock the window and slither through. The damage intruders may cause might be sheer vandalism, such as substituting the website's home page with one of their own which might say or show anything, or it could be robbery, like gaining possession of a customers or orders list.

It's difficult to evade the virtual certainty that complex computer software has bugs. Regardless of how scrupulously it's tested, there exists as a rule some permutation of events or user actions, even though it might be rare, that will cause a failure. Software bugs give rise to gaps in system security. A Web server is involved software which may quite possibly include a security flaw.

It's not only the complexity of a Web server that can create a problem, but also its open architecture. Think about a CGI script as a case in point. A CGI script may be processed at the server in response to a remote request from a client. This might be a request from a program or even the click of a button in a browser. If the CGI script contains a bug, there's a possibility of a security breach.

Network Administrators also have to handle problems from Web servers by reason of the risk they pose to the security of the local area network. Despite the fact that there should be no unauthorised intrusions, access must be given to website visitors. This means that access to the network must be regulated. The Administrator therefore needs to perform a delicate balancing act. Even the most sturdy firewall can be breached if the Web server is configured poorly. By the same token, normal use of the website may be impossible if the firewall is configured badly. Arriving at an ideal solution is yet more tricky if an intranet forms part of the system. Commonly, the Web server then must be configured to identify and verify domains and user groups, which are likely to have differing permission levels and access rights.

Tip: For advice regarding a specific view of website security, something like "website security definition", search for the full phrase on the Web.

Almost everyone using a browser to surf the Internet suppose that they are doing it anonymously and in safety. This is not so. Web browsers are able to process autonomous software on the client machine that are located on a website. Current browsers display a caution and ask permission to run those programs. Described commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, may easily leave a virus or other dangerous software on the browser user's PC. After it is in the system it can wreak all kinds of damage and may be very hard to eliminate.

This is also a worry for Network Administrators. Web browsers provide a way for potentially malicious software to seep all the way through the local area network's firewall. When it is in the system, the harm it might inflict can go from surreptitiously gaining possession of confidential data to gratuitous destruction.

Apart from the concerns to do with active content, merely surfing the Web records a trail of the user's activities in the browser's history. This could be utilised by web sites and installed programs to create an exact report of the user's behaviour and interests. Whereas this may be thought of as an invasion of privacy by some, it can be positively effective by supplying relevant subject matter instantaneously, so relieving the user of the job of looking for it.

Confidentiality is a question which concerns not only browser users but also Web Masters and Network Administrators in the actual transmission of information via the Web. TCP/IP (Transmission Control Protocol/Internet Protocol) is the fundamental language of communication for the Net. When it was formed, security wasn't the principal factor of its blueprint. Both network and Internet transmissions should therefore not be thought of as as necessarily confidential. When the browser on a local machine downloads a confidential file from the remote Web server, or the browser user fills out a form with confidential information and clicks the 'Submit' button, the transmitted information may be intercepted without authorisation.

To find out more about 'website security definition', visit website-security.biz.