com. Needless to say, Vic finds it an uphill battle
to get his money back.
Security Boundaries
Security boundary is a term often used by security professionals. The idea of boundaries
is to separate security silos for networks or applications. For example, an application
139
with sensitive private client information would have a strong security boundary around
it, protecting it from other unauthorized applications or services. Unfortunately in the
Web 2.0 world, applications are built in a way that makes traditional boundaries less
meaningful. A web page with third-party??“hosted advertisement or user tracking is an
example of content belonging to another organization but used on a different organization??™s
web page. With inputs from different applications, a given security boundary disappears.
A web application that depends on content from many security boundaries is
only as strong as the weakest link. If my intranet web application includes third-party
scripts that are hosted outside my network, then external network attackers could gain
access to my intranet application by modifying scripts my browser loads into the formerly
cozy security boundary of our intranet.
Pages:
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273