[WEB SECURITY] SQL injection and N tier Architecture

Martin O'Neal martin.oneal at corsaire.com
Tue Feb 5 04:31:42 EST 2013


> Separating the web server from application server adds almost zero
practical security. 

Sometimes. For an application on an exclusive platform, then that's a
fair observation. For a platform that hosts multiple applications, then
separating the applications on to discrete servers helps to
compartmentalise any failures to a single application.

Martin...


----------------------------------------------------------------------
CONFIDENTIALITY:  This e-mail and any files transmitted with it are
confidential and intended solely for the use of the recipient(s) only.
Any review, retransmission, dissemination or other use of, or taking
any action in reliance upon this information by persons or entities
other than the intended recipient(s) is prohibited.  If you have
received this e-mail in error please notify the sender immediately
and destroy the material whether stored on a computer or otherwise.
----------------------------------------------------------------------
DISCLAIMER:  Any views or opinions presented within this e-mail are
solely those of the author and do not necessarily represent those
of Corsaire Limited, unless otherwise specifically stated.
----------------------------------------------------------------------
Corsaire Limited, Head office: Unit 2 Grosvenor Court, Hipley Street,
Old Woking, Surrey GU22 9LL. Telephone: +44 (0)1483-746700.
Registered in England No. 3338312. Registered office: Communication
House, Victoria Avenue, Camberley, Surrey GU15 3HX




More information about the websecurity mailing list