Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 6.  Implementing Security in ... >  Security Levels in ColdFusion

Security Levels in ColdFusion

ColdFusion helps you manage security risks at three levels:

  • Encryption. Involves the use of the Secure Sockets Layer (SSL) protocol. The objective of SSL is to prevent eavesdropping and message tampering as information passes between clients and servers. Most Web servers support SSL, which functions by encrypting Internet protocols such as HTTP with public key cryptography. A private key resides on the server to decrypt inbound data and encrypt outbound data. After the key is installed, the Web server handles encryption and decryption automatically. The SSL security mechanism is implemented at the server level.

  • Authentication. Involves checking whether or not the identity of a user is valid. It usually prompts a user for a unique login or username, and a password or personal identification number.

  • Access control. Limits access to various resources. Authenticated users have access to particular features or components based on security clearance, group affiliation, or other criteria specified by the developer. Authorization is the process of limiting access to certain users.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint