Home >Knowledge Center > Technologies Trends
          
 

 ColdFusion Main > ColdFusion Articles Types of ColdFusion Security

Types of ColdFusion Security

ColdFusion Server provides two mutually exclusive security frameworks called Basic security and Advanced security. You can use either type of security to secure ColdFusion application development and deployment.

Basic security

Basic security is the initial default security framework for ColdFusion and lets you secure the ColdFusion server with password access:

All Web applications can potentially fall victim to these security breaches:

    * Application development Secure access to data sources and files with password protection. Block access to several sensitive ColdFusion tags.
      
    * Application deployment Prevent applications from executing several ColdFusion tags that could be used to upload, delete, or otherwise manipulate server files.

    * Administrative Access Secure access to ColdFusion administrative functions with password protection.

All editions of ColdFusion Server include Basic Security features. When you install ColdFusion Server, Basic Security is automatically activated. This is helpful in coldfusion application development

Advanced security

ColdFusion Server Professional and Enterprise editions include Advanced Security features that provide scalable, granular security for building and deploying your ColdFusion applications or coldfusion web applications:

    * Application development Control access to files, data sources and administration for each developer on your team. Coordinate team development on shared servers with the assurance that sensitive data and applications are secure.

    * Application deployment Create complex rules to programmatically control access to functionality within applications. Provide multiple levels of user access from within an application. Confine applications to secure areas that can flexibly restrict the access applications have to directories, components, databases or other resources on the server.

    * Administrative Access Assign different degrees of administrative access to specified users.

Data encryption

Both Basic and Advanced security support the Secure Sockets Layer (SSL) protocol which encrypts Internet application protocols (like HTTP) with public key cryptography. SSL protects against snooping, eavesdropping, or any sort of message tampering when information is passed between clients and servers. Most Web servers support SSL. The server administrator installs a private key that is used to decrypt inbound data and encrypt outbound data. Once the key is installed, the Web server automatically encrypts or decrypts data as it is received or transmitted.

If your Web server connections are encrypted with SSL, all communications, including ColdFusion transmissions, are automatically encrypted. You do not have to do anything from within ColdFusion to activate data encryption.

If you are looking for technology partners in ColdFusion, please contact us
For more details please visit our ColdFusion Services section.

Click here for more ColdFusion articles.
 

        << Back         

 

 



Print this page   Email to Friend

Recent Updates