Allowing for such access necessarily creates a point of weakness, and this must be carefully guarded against through many levels of protection (Stuttard & Pinto 2007). Many of the same steps that are employed in access differentiation as described above can also be employed here -- multiple levels of access that is password protected, strict compartmentalization of data and of processes, and other features such as the recognition and removal of malicious input can all protect the opening that is created by administrative access to application information and code (Stuttard & Pinto 2007). Password-protected access to a web application's source code is one common example of this type of core defense capability, which grows more complex as both the complexity of the system and needs for security increase.
Direct Attacks and Unauthorized Use: A More Detailed View
Direct attacks on applications, especially web-based applications, are becoming increasingly common as programming knowledge and skills continue to develop and become more widespread. Defense mechanisms against such attacks include encryption, frequently changing passwords, and psychological deterrents such as false weak spots or even fake access points (Stuttard & Pinto 2007). As hackers continue to find ways through security systems, however, these systems continue to develop more advanced and more thorough safeguards.
Differentiation of access, though a somewhat simpler task than protecting against deliberate attacks, is an almost universal need in most software applications, and has also continued to develop in recent...
Not only is access to certain information and program changes kept limited by various password and account access details, but other methods such as obfuscating the placement of certain information or process features, creating false leads similar to those that might be employed in hacker deflection, and notifying network administrators of any unsuccessful access attempts or unusual activity are all very different methods that can be employed to stop such access. In this way, both direct and accidental attempts to access unauthorized portions of an application or the information contained therein can often be prevented and almost always noted and mitigated.
Conclusion
These four core defense mechanisms described herein are not the only areas in which protection is needed for software applications and information technology systems and networks. These form the foundation of most security needs, however, and it is in these areas that advances both in defense mechanisms and in methods of breaching them remain at a continuous high-speed pace. It is the goal of hackers and of security developers to remain one step ahead of their opponents, and security design must also account for other accidental and internal vulnerabilities. Managing the four core defense mechanisms is an effective way of meeting this challenge.
References
Dalal, S.; Poore, J. & Cohen, M. (2003). Innovations in software engineering for defense systems. Washington, D.C.: National Academies Press.
Sttutard, D. & Pinto, M. (2007). The web application hacker's handbook. New York: Wiley.
