Up
Security Levels
Preventing Security Problems

 

 

Security Levels

This section describes how security features can be implemented at various levels.

Default Security

The HTML server identifies the client by a mechanism similar to cookies: it encodes in the Web page a special key which allows tracing. This key is encoded so that duplicating it in another browser will not allow a second connection to the application server.

The following figure shows the default security architecture of the Web deployment software when a Dynamic 4GL application is running on the Web.

Diapositive1.GIF (11506 bytes)

In this figure:

  • The application server is on a secured network, and can access the Internet.
  • The web server is on a secured service network.
  • The router can either be on the secured service network or on a third, unsecured network.
  • The system is usually both designed and administered by the System or Network administrator.
  • The firewall is optional.
  • Your application server and your web server can reside on the same machine.

Each runner process spawned by the application server has a unique random number. This number is used to make a link between each page the application server serves to the web server.

Additional Security

The following features can be used to add additional security to your application architecture.

SSL

Using a secure socket layer (SSL) between the Internet browser and the web server facilitates a secure data flow.

Recommendations for Enhancing Security

The following recommendations can enhance the security of your applications.

Using a Filtering Router

Disabling port 6500 (the standard application service port) or the effective application server communication port on the router will automatically disable access to the application server.

Normal transactions on port 80 (standard HTTP service port) will still be allowed, which allows the user's browser to have access to the web server documents.

Using a Firewall

A firewall will allow only the web server to communicate with the application server. All requests from other hosts to the application server will be stopped by the firewall.

Up Next