CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

of encryption.  Patents and licensing issues may affect which commercial encryption schemes

can be used.  Common factors that influence the choice of encryption algorithm are as follows:

Required security

Value of the data (to either the organization and/or other entities   the more

valuable the data, the stronger the required encryption)

Time value of data (if data are valuable but for only a short time period [e.g., days

as opposed to years] then a weaker encryption algorithm can be used   for

example, passwords that are changed daily because the encryption needs to

protect the password for only a 24 hour period)

Threat to data (the higher the threat level, the stronger the required encryption)

Other protective measures that are in place and that may reduce the need for

stronger encryption.  For example, using protected methods of communications

such as dedicated circuits as opposed to the public Internet.

Required performance (higher performance requirements may require procurement of

additional system resources such as a hardware cryptographic accelerator or

necessitate weaker encryption )

System resources (less resources [e.g., process, memory] may necessitate weaker

encryption)

Import, export, or usage restrictions

Encryption schemes supported by Web server application

Encryption schemes supported by Web browsers of expected users.

7.5.5 Implementing

SSL/TLS

A digital signature is needed to implement SSL/TLS on a Web server.  A certificate, which is

the digital equivalent of an ID card, is used in conjunction with a public key encryption

system.  Certificates can be issued by trusted third parties, known as Certificate Authorities

(CA) or can be  self signed.   Organizational requirements determine which approach is used.

Although the sequence of steps is not identical for all Web servers, the implementation of a

third party signed certificate for a Web server generally includes at least three steps:

Generating and submitting a certificate signing request (CSR)

Picking up a signed SSL/TLS certificate from a CA

Installing the certificate and configuring the Web server to use SSL/TLS for any

specified resources.

A CSR consists of three parts:

Certification request information





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.