Web Security


Any web site with server side programming code can become targets for security exploitations. Sioure has considered a number of security issues with our server side programming languages.


Web Server security
Security Systems of Web site
Layers of Security
Operating system Layer
Application Layer
Module Layer

Operating system Layer:
This level of Security has to be considered at local level from where the user will be accessing the system.
Internet Layer
In this section, the Security implemented is of two levels and can be upgraded to three levels plus an added encapsulated security will be maintained throughout the system. The two levels of security will be on the basis of Username and a unique password, which will genuinely identify the User. The third level of security will be to encapsulate the entire system through Sessions and keep track of the user from the beginning till he exits the system.

An Alternative solution can also be incorporated where in the IP Address of the user machine will be attached to the validation part at the initial state at the logon session. This is to ensure that the user is logging on the system from his own machine and which eradicates insure transactions at the very initial state. This option will be purely on the basis of prior approval from the client.

Module Layer
In this module the system checks at logon which type of user is logging on to the system. Since not all Users are authorized to access all pages, selected modules are available to selected Users. This level of security can be attained at initial logon sessions where in, the system checks for the user's identification at logon and accordingly access to a set of pages which are given as per the requirements. For example, if the user is an employee or other non-administrative staff, a different screen of options will be shown to him rather than the screen, which will be shown to administrative staff and Authorized Personnel. On the other hand if the user is an Authorized Employee (e.g., HR Administrator, CEO, VP etc.,) all options are available for their perusal. This eradicates all sorts of Security breaches at the very initial state.

An alternative solution for Module Layer Security will be to accept login information at sections, which requires user to enter his login id and password to get to that section of the system. This is a cumbersome process but definitely effective.