In the recent past years, computers have continued to be a means by which our day-to-day activities revolve around. Computer scientists have foreseen a point where the artificial intelligence will be more advanced than the human brain. In addition, cyber crimes have continued to rise and this alone has raised concerns because people have found a way of hacking into our computers easily. For this reason, computer experts came up with application security to at least minimize these cases.
Application security is the use of software, hardware, and procedural methods to protect applications from external threats.
“Software security is becoming an increasingly important concern during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats. Security measures built into applications and a sound application security routine minimize the likelihood that unauthorized code will be able to manipulate applications to access, steal, modify, or delete sensitive data.” (Application security vs. security software)
The most basic software countermeasure is an application firewall that limits the execution of files or the handling of data by specific installed programs considered the most common hardware countermeasure is a router that prevent the IP address of an individual computer from being directly visible on the internet.
Application security can be enhanced by rigorously defining enterprise assets, identifying what each application does (or will do) with respect to these assets, building a security profile for each application, identifying and prioritizing potential threats and documenting adverse events and the actions taken in each case. This process is known as threat modeling. In this context, a threat is any potential or actual adverse event that can compromise the assets of an enterprise, including both malicious events, such as a denial of service DoS attack, and accidental event, such as the failure of a storage device.
“A countermeasure is an action, process, device, or system that can prevent, or mitigate the effects of, threats to a computer, server or network. A threat is a potential or actual adverse event that may be malicious or incidental, and that can compromise the assets of an enterprise or the integrity of a computer or network.” (Definition of countermeasure)
Countermeasures can take the form of software, hardware and modes of behavior.
A personal firewall is a software application used to protect a single internet-connected computer from intruders. Personal firewall protection is especially useful for users with “always-on” connections such as DSL or cable modem. Such connections use a static IP address that makes them especially vulnerable to potential hackers. Often compared to anti-virus applications, personal firewalls work in the background at the device level to protect the integrity of the system from malicious computer code by controlling Internet connections to and from a user’s computer, filtering inbound and outbound traffic, and alerting the user to attempted intrusions.
An application firewall is an enhanced firewall that limits access by applications to the operating system (OS) of a computer. Conventional firewalls merely control the flow of data to and from the central processing unit (CPU), examining each packet and determining whether to forward it toward a particular destination. An application firewall offers additional protection by controlling the execution of files or the handling of data by specific applications.
Antivirus software looks for things like viruses and malware that have come in from the outside and do not belong on your computer, and deals with them when found. Antivirus software is often packaged with complimentary programs (network firewall, anti-malware, PC optimization) and sold as a suite of software.
A pop-up blocker is a program that prevents pop-ups from displaying in a user’s Web browser. Pop-up blockers work in a number of ways: some close the window before it appears, some disable the command that calls the pop-up, and some alter the window’s source HTML. One problem with pop-up blockers has been that they cannot always differentiate between an unwanted pop-up window and one that is user-requested. Programs that can consistently do so are sometimes referred to as intelligent pop-up blockers.
Spyware Detection and Removal Program
Spyware is software that is installed on a computing device without the end user’s knowledge. Such software is controversial because even though it is sometimes installed for relatively innocuous reasons, it can violate the end user’s privacy and has the potential to be abused.
When tracking software is abused, there can be a significant impact on privacy. For example, if a smart phone gets infected with mobile spyware that was side loaded with a third party app, the phone’s camera and microphone can be used to spy on nearby activity, record phone calls, log browsing activity and keystrokes, and monitor the phone owner’s location.
The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other hardware countermeasures include:
– biometric authentication systems
– physical restriction of access to computers and peripherals
– intrusion detectors
Behavioral countermeasures include:
– frequent deletion of stored cookies and temporary files from Web browsers
– regular scanning for viruses and other malware
– regular installation of updates and patches for operating systems
– refusing to click on links that appear within e-mail messages
– refraining from opening e-mail messages and attachments from unknown senders
– staying away from questionable Web sites
– regularly backing up data on external media.
Securing Big Data
“While big data technologies and data lakes have the potential to improve the overall security posture of enterprises that implement them, maintaining security in big data tools themselves is an ongoing issue that needs to be tackled.” (Top three steps to ensure security in big data environments)
An enterprise’s data lake could contain personally identifiable information, company financial information, valuable intellectual property and more. Considering that many big data tools are used for security analysis, if compromised, these tools can also leak information about the enterprise’s firewall and card key system into the wrong hands. Enterprises need to be aware of what data is included in the lake in order to best protect it. They also have to know who has the ability to view the data and make changes to the data.
The first step that enterprises should take to protect them and improve security in big data implementations is to use access control. In addition to the user and services controls available within the environment, enterprises can also use network or operating systems authorization controls. Other security tools can be included at a granular level, depending on the type of information contained in the data lake.
Access control is a security technique that can be used to regulate who or what can view or use resources in a computing environment. Access control systems perform authorization identification, authentication, access approval, and accountability of entities through login credentials including passwords, personal identification numbers PINs, biometric scans, and physical or electronic keys.
The four main categories of access control are:
– Mandatory access control
– Discretionary access control
– Role-based access control
– Rule-based access control
Network Access Control
“Network access control fills an important security role of automating the type of access a new device requires, providing granular control over what resources can be accessed. IT security staff previously filled this role, but without automation, that can be time-consuming and can lead to mistakes.” (What is access control?)
The key criterion to consider when it comes to device support is agent based versus agent less network access control (NAC). NAC agents supply detailed information on connected devices, allowing policies to be exacted . This can include restricting devices that do not have up to date antivirus or have prohibited applications installed. Still, agents rely on these devices being enrolled in the NAC system. NAC agents can be further divided into persistent and dissolvable persistent agents are installed on the target device, whereas dissolvable agents provide one-time authentication of the device, and after that it should be deleted.
Coding and designing a program to secure applications is not the only way to achieve maximum security of our applications but also the machines and other components like servers and networks which should at all cost be configured in higher levels of security. It is also a must to consider factors such as access control to the data base, transmission encryption and storage of authentic credentials. These alone are factors that first must be ensured for in order to see to application security.
1. Name one action taken to ensure application security?
a. Application firewalls
2. What tool can be used to secure big data?
a. Access control
3. Name one category of access control?
a. Mandatory access control