How to provide Application security in development practices

29 05 2008

Application security is a hot issue as always and software companies are providing inbuilt security systems to protect data from external threats. Instead of inbuilt security systems, security can be provided from threats by performing few techniques. It is very elusive in nature and we should know completely what is exactly application security is? Saving the application from external threats is critical as use of different hardware devices, software, and other procedural methods are not easy to implement without complete technical know-how about the application and security tools.

There are few actions of providing security during development to software application that enables the hackers from manipulating the applications, steal, modify and delete sensitive data. There is a term named “countermeasures” commonly used by developers or experts in technical language. Actions taken to prevent the software application from threats are called “countermeasures”. It is an action or system that is able to remove or transfer the effects of threats from server, network and computer. These “countermeasures” can be used to provide security in form of software and hardware.

Software countermeasure Application firewall: Application firewall controls the access of applications from operating system of the computer. It controls the flow of information or data to and from central processing unit (CPU) and other destinations. It also provides security by handling data or execution of files by specific application.

Hardware countermeasure Router: It is a hardware that gives the direction to “packets” between two networks. It determines the next network point for “packet” to reach out its destination. “Gateway” is where two networks meet and the location of the router is at any “gateway”. Packets use to travel at different destinations in the network and router is able to maintain table for the available routs and can determine best route and conditions for packets.

Encryption/ Decryption: Encryption is the process of converting data into the special form called “cipher text” that cannot be easily readable or understood by unauthorized people. To make it understood decryption is the process to convert the “cipher text” into original form. This typical language system is used in performing wireless communications as wireless circuits are easy to tap.

Regular countermeasures include:

  • Deletion of stored cookies and temporary files at regular intervals of time
  • Regular scanning programs for virus and Trojans
  • Regular maintenance of operating system in the form of installation of updates
  • Avoidance of link clicking those contain email messages
  • Avoidance of questionable websites
  • Backing up of data on external media regularly

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: