Client-Side Security
Charles Border, Rochester Institute of Technology
Why Worry About the Security of Clients?
RFC 2196 Site Security Handbook
How Can Crackers Accomplish Their Goals?
Active Content and Client-Side Security
Helper Applications and Plug-Ins
INTRODUCTION
Although large organizations spend millions of dollars every year to secure the periphery of their networks through the use of firewalls, a technological solution that controls the actions of insiders has thus far proved elusive. According to Thompson and Ford (2004), “The issue is trust. Insiders must be trusted to do their jobs; applications must be trusted to perform their tasks. The problem occurs when insiders—be they users or applications—intentionally, or unintentionally, extend trust inappropriately.” Client-side security involves finding ways to control the ability of insiders to extend the trust relationship that they acquire as insiders in ways that are detrimental to the overall security of the network. Because a wholly technological solution has remained beyond the reach of developers, managers of both information technology professionals and other employees must work together to develop a solution that involves not only technology but also improving user awareness ...
Get Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
