Using a Web application for confidential data requires the user to trust the server to protect the data from unauthorized disclosures. This trust is often misplaced, however, because there are many ways in which confidential data could leak from a server. For example, attackers could exploit a vulnerability in the server software to break in, a curious administrator could peek at the data on the server, or the server operator may be compelled to disclose data by law. How can one build Web applications that protect data confidentiality against attackers with full access to servers?
Download Article:
Article Section:
SECURITY
;login: issue: