Security threats. We will discuss the security threats to an enterprise application and then detail the measures that an enterprise architect can take to mitigate those threats. Security threats potentially allow hackers to compromise a network, access and misuse data, and take control of machines. The mandatory security threats are: code injection, denial of service, man-in-the-middle, impersonation, eavesdropping, packet sniffing, password cracking, phishing, replay, repudiation, social engineering. Code injection can be used to introduce code, generally, SQL or HTML JavaScript into a computer program to change the course of execution. You can use these precautions to prevent code injection.

Validate all input, if it's possible, narrow type of data. For example, accept only integer types. Use input and output encoding, for example, escape dangerous characters. Use coding practices such as parameterized SQL queries. Denial of service, a denial of service attack, also named DOS, more commonly carried out as a distributed denial of service as DDOS attack, one that uses a large number of geographically distributed computers is an attempt to initiate a large number of requests for a computer resource so that it becomes unavailable for its intended audience. Strategies to address this type of attack typically involves some kind of filtering of the incoming traffic.

Rules can be set up in firewalls to allow or deny certain protocols, ports, or IP addresses. Switches can be used that have comprehensive rate-limiting and access control list capabilities. Like the previous option, routers can be used with rate limiting and access control list capabilities. A hardware can be used in front of the application that analyzes network packets and prioritizes them according to their specifications. Man-in-the-middle, it is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker.

These strategies can be used to mitigate these types of attacks. Use public key infrastructures to mutually authenticate messages between two entities. Use stronger mutual authentication, including some extra properties like fingerprint, retina scan, or secret keys and passwords in addition to a secure channel. Impersonation: an impersonation attack is an attack in which an adversary successfully assumes the identity of one of the legitimate parties in a system or in a communications protocol. The same techniques used to address man-in-the-middle attacks are relevant to stop impersonation attacks. Eavesdropping: man-in-the-middle attacks assume that the attacker wishes to affect the interaction between the two victim parties in the channel. However, the attacker may simply wish to eavesdrop on the channel so as to copy and presumably take advantage of the information carried over the channel. The mitigation strategy to defend against eavesdropping attacks is to implement encryption at the transport and message layer levels.

Packet sniffing: a malicious person can capture and analyze network traffic using a packet sniffer. Any clear text info flowing through the network can be captured. The mitigation strategy to defend against packet sniffing attacks is to avoid clear text transmission and use SSL. Password cracking: it's also named brute force attacks and is used to repeatedly attempt to log in as a known principle by guessing the password. In this scenario, an application is used to try passwords made up of all possible combinations of legal characters and sequence. To prevent brute force attacks, you need to apply some rules for passwords. 

Use a sufficient number of characters that contain special characters, digits, alphanumeric characters at the same time. Lock the users that have multiple failed login attempts at once. Phishing: phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. It is usually performed through email or a fake version of an application. For example, a malicious person makes a very similar version of login page of your application and makes you believe that that page is yours. When you enter your login info, that knowledge is sent to that person. In this type, the goal is generally to steal sensitive data like credit card and login information, or to install malware on the victim's machine.

The following are mitigation strategies that defend against phishing attacks. Teach customers or users to recognize legitimate emails. For example, use a customer-selected image that must appear in every email. Stay clear of using generically addressed email such as dear customer. Instead, use dear insert first name, which is much harder for an attacker to recreate in a bulk email. You can go even further by consistently including more personalization items in every email communication with the user. For example, full name, partial account number, partial addresses, etc. Use digital email signatures to further authenticate the email and minimize the risk of it being dumped into a spam folder. As you see, that explains why email security precautions are getting increased every year. I think the most important reason is phishing. Replay: a replay attack is a form of network attack similar to the man-in-the-middle attack, in which a valid data transmission is maliciously or fraudulently repeated later on.

This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it. These precautions may be done to avoid this type of threat. Use session tokens in each message. It is a one time use identifier. Use nonce/s in each message, it is a random number that is used only once. Use timestamps in each message. All of these are variations on the theme of tagging data with a unique data point that allows the receiver to recognize a duplicate message and take the appropriate action. Repudiation: It consists of claiming that either the content of a request was corrupted or the authentication of the sender was compromised, and therefore the request should be invalidated. These steps can be done to avoid it. Use digital signatures.

A digital signature consists of text that is encrypted using the private key of an entity. The sender's public key is used to decrypt the signature to verify its authenticity. Use public or private cryptography with a trusted certificate authority. Social Engineering: It's a bit different from other attack types. Social engineering attacks exploit the very nature of human beings to achieve the threat objective. This attack typically comes in the form of interaction with an individual. With the objective of gaining trust being paramount, the attack usually employs the elements of urgency, empathy, and some degree of believability. The best mitigation strategy for social engineering attacks is employee education.