Resumen
As more and more services turn electronic and are exposed to the public world of the Internet, many will become attractive and lucrative targets to would-be attackers. A large number of Internet security breaches take place via compromising the applications forming the electronic services. The applications forming e-services are in general sophisticated and contain many lines of code. It is not surprising that there are bugs in some of this code. Indeed, with such large applications it is difficult to guarantee otherwise. Offering a service over the Internet means exposing it to a large population of attackers capable of probing the service for vulnerabilities. It is not unlikely and has been shown to be the case in the past, that some of these bugs can and will be exploited, leading to security violations. Increasingly, single machines are being used to host multiple services concurrently. It is becoming critically important that not only is the security of the host platform protected from application compromise attacks but also the applications are adequately protected from each other in the face of attack. This article looks at some of the problems surrounding application compromise in more detail and puts forward our approach to solving these problems. |