Category

Content Security

Categories

Test for and Patch the Heartbleed Bug

Test for and Patch the Heartbleed Bug

OpenSSL versions 1.0.1 through 1.0.1f (inclusive) are compromised with a vulnerability that makes it possible to steal information. Patched versions of the OpenSSL may have been back ported to the "built on" date newer or equal to April 2014 should be a good indicator...

read more

ArkCase: Introduction to Data Access Control

Background ArkCase is a framework for developing case management applications. Data Access Control ensures each user sees only records they are authorized to see, and are prevented from seeing unauthorized records.  Data access control is applied to individual...

read more

Understanding Spring Security – Part 4 – ACL Security

Spring Security also provides domain object level security in addition to the other types of security discussed in this Spring Security blog series. In simple terms, ACL provides a way to specify permissions based on a combination of role, business object (referred to...

read more

Understanding Spring Security – Part 1 – Introduction

Spring Security, formerly known as Acegi Security, is an open source security provider that is used extensively in Java based web applications. Due to its power and ability to be customized, Spring Security has evolved itself into the de-facto standard for securing...

read more

Content Security: The Forgotten Project Feature

Throughout my many years of experience in the system and software development area, I have noticed one major thing that always seems to be at the top of requirements but becomes relegated to somewhere lower in priority as the project proceeds, only to come back to the...

read more