Securing Client/Server Transactions Securing Client/Server Transactions The three basic ways that security is implemented in the area of client/server transaction. The first area is firewalls. The basic idea of a firewall to monitor traffic from a trusted network ( a company’s internal network) to an untrusted network (such as the Internet). Firewalls fall into two categories, “proxies” and “packet-filtering” firewalls. Packet-filtering determines whether a packet is allowed or disallowed depending on the source of the packet and the contents of it. Packet-filtering also looks at the source and destination ports, and to determine if a packet is part of an ongoing conversation. An application-level firewall, better known as a proxy acts as an intermediary between the client and the server. The client application connects to the proxy. The proxy opens a connection to the server and passes information back and forth between the server and the client (refer to Figure 1.).Figure 1.Both firewalls have their advantages and disadvantages. In most cases both categories will be implemented on the same firewall. A packet-filtering firewall tends to be less secure than a proxy based firewall, since complete knowledge of the protocol is used by the application. However packet filtering can allow a concept known as masquerading. Masquerading is when the firewall takes the outgoing source address on the packets and converts the address so the receiver thinks they are talking to the firewall. The receiver’s packets will have it’s address on it coming back so the firewall can determine which sender gets the packet. The advantage of masquerading is that a company’s internal network can be hidden behind the firewall. Another security implementation is encryption. Encryption is the process of modifying information so that it can not be read by anyone except the intended recipient. This is d...
