Palisade Magazine
 
Security Architecture for Multi-Tier Applications

October 2005

Security Architecture for Multi-Tier Applications

by Shaheem Motlekar, GCIH, BS7799 LA

The advent of the Internet has seen the introduction of multi-tier applications. Nowadays, multi-tier applications have become the norm for building enterprise software. The most common breakdown of a tiered application would be – Presentation, Business Logic and Data. Although there are other possibilities, we shall consider this breakdown for today’s discussion.… more →

Code Obfuscation Part 3 - Hiding Control Flows

by Sonali Gupta, SANS, GCIH

In the last two issues we introduced code obfuscation and went in-depth into data structure obfuscation. In this issue we look at control obfuscation, a class of obfuscation techniques that targets the control flow in a program… more →

Implementing SSL

by Shalini Gupta

In the September issue of Palisade we discussed how SSL works, what it actually protects against and what it does not. After understanding this, let’s look at how to implement SSL.… more →

QuizQuiz: Detecting frauds from log files

Which logging mechanism is best to trace back to the culprit in case of an application fraud, for example, when a fraudster may have illegally transferred money from somebody else’s account to his own account?

  1. Web-Server error logs
  2. Application logs
  3. W3C logs
  4. System logs

more →

On the blog recently

Past quizzes

  • Oct '08 : How does a web server specify the life time for a page to the browser's cache?
  • Aug '04 : How should an application generate, store and dispatch non-HTML content to the user's browser?
  • Nov '06 : What is the average lifetime of a phishing site today?
  • Aug '06 : An attacker enters a long nasty looking string into the date field. The input overwrites parts of the running program and executes commands on the server. What type of attack just took place?
  • Jul '04 : What is the cryptographic technique to use for transmitting passwords during authentication?

Search this website

 Search website

Stay Informed

Want to know when the new issues are out? Just fill in your details, we will take care of notifying you when new issues are released:




Subscribe  Unsubscribe

Write to Us

All flowers, brickbats and suggestions are welcome. You can put in yours on the feedback page.

News & Events

  • 03.03.10. Binu Thomas, CTO Plynt, presented at the RSA Conference 2010 on the topic “Application Security Across the Enterprise: Lessons from the Trenches”. This is the fifth time Paladion has been invited to present here.
  • 25.12.09. Plynt has been selected as a finalist for Red Herring’s Global 100 award, a prestigious list honoring the year’s most promising private technology ventures from around the world.
  • 10.12.09. Deloitte Fast 50 India features Paladion 4 years in a row. The ranking of the 50 fastest growing technology companies places Paladion in the 19th spot.
  • 21.05.09. ICICI Bank and Paladion Have Been Awarded the Best Banking Security Systems Project by the Asian Banker IT Implementation Awards Program
  • 20.04.09. Info Security Products Guide Names Plynt Certification Program Winner of the 2009 Tomorrow’s Technology Today Award