Basic HTML version of Foils prepared April 7 1998

Foil 89 Secure Server Example-NPAC Grading System-4

From Basic Principles of Java and Internet Security CPS616 Web Technologies -- Spring 98. by Geoffrey C. Fox


1 The current version of the system is believed to be secure because
  • 1- It uses a SSL web server, which provides secure communication using public cryptography standards.
  • 2- CGI files, and server private key, are located in a completely private area, which are protected by Unix file protection mechanisms.
    • Since the server does not allow any other user to write CGI programs on the same server, it is not possible for someone to write CGI scripts reading others private files through the web.
  • 3- It uses user authentication and access privileges to access and update data in the database.
  • 4- The open issue in such a system is that system administrators can access to the files and the database.
2 The URL is https://osprey7.npac.syr.edu:5557/grading.html

in Table To:


© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Sun Nov 29 1998