Java Reference
In-Depth Information
actually put to use for the purpose intended for it. Deployment of a Web application, like every-
thing else in the application development life cycle, calls for a methodical set of processes and
procedures to ensure that the Web application works consistently and as intended. Deployment
usually entails setting up of the environment including the Web/application server, database
server, and network infrastructure for the same. Security is an important consideration during the
deployment process, as several vulnerabilities tend to creep into an otherwise robust Web applica-
tion because of incorrect and nonsecure deployment. For instance, during the deployment of an
application hosted on an Apache Tomcat server, if the administrator fails to change the default cre-
dentials of the server, an attacker may be able to access the server, use the default credentials, and
gain complete control over the Web server, resulting in compromise of the application. Security in
the deployment process usually involves changing of vendor-supplied default credentials, patching
operating system/application server/Web server/database platforms, setting up and coniguring
SSL/TLS for encrypted transmission for the Web application, and setting up secure network con-
nectivity, among other things.
4.4 Summary
his chapter focused on the case study that will form the basis for this topic henceforth. he
chapter delves into a hypothetical retail organization and its need for a new, secure e-commerce
solution. he chapter discusses the problems faced by the retailer with the current e-commerce
application and its several security laws, leaving it open to attacks over the Internet and making
it unsuitable for security compliance requirements. It also discusses the need and importance
of security for a retail organization like Panthera and delves into some of the factors behind the
necessitated change for the e-commerce application.
Search WWH ::
Custom Search