Highest Voted 'architecture' Questions - IT Security Stack Exchange

0

votes

1 answer

a chain of 3 federated IdPs

My client has 5 different identity and access management solutions. Until now they have been asking each one of their suppliers to add 5 trusted parties to their IAM solution, implement different URLs that will trigger SSO etc. It is now proposed…

architecture identity-management

asked Oct 01 '19 at 08:00

aquaman

73
5

0

votes

1 answer

Where precisely are client X509 certificates stored?

Apologies for what might seem like a naive question, but there is a detail to PKI architecture between clients and servers, the answer to which I have so far not been able to come across no matter where I search. Please indulge me in the following…

certificates webserver x.509 architecture

asked Sep 05 '19 at 14:15

RTF

103
3

0

votes

2 answers

OAuth 2.0, what should it be returned in the authorize endpoint if the client_id is wrong and no redirect_uri is passed

We have been working on a OAuth 2.0 IDP implementation, and during the implementation of the authorize endpoint, i couldnt find in the RFC 6749, what should happen if the client_id is not passed in the request or is invalid, and there is no…

oauth2 architecture

asked Jun 13 '19 at 08:47

RicardoDuarte

105
2

0

votes

0 answers

Pros and cons of extending L3 to the network edge (routed access layer)?

Scenario: Greenfield network rebuild for a SMB distributed over ~10 small campuses with 1 fairly large central campus spread over ~ 100 Miles. You have almost no Cap-ex budget restriction (within reason). Question: What are the pros and cons of…

network architecture

asked Feb 05 '19 at 04:59

DarkMatter

2,671
2
5
23

0

votes

0 answers

How could an account-based service trust a checksum provided by a client-side application whose code is open source?

Say for example that I was a digital video game provider, and my games were played via a virtual machine. Lets also say that the code for this virtual machine were open source, and that this VM was designed to run on somebody's computer. When I…

authentication architecture

asked Jul 02 '18 at 18:35

DeepDeadpool

251
2
10

0

votes

1 answer

Are there risks in not having a edge firewall?

I am currently working with a client that has all their external traffic going through the core switch and then is being passed to the router and back through the core switch and then to the rest of the network. Diagram: INTERNET -> coreswitch…

network firewalls architecture vlans

asked Feb 19 '18 at 15:44

LUser

824
6
12

0

votes

2 answers

Design and Security Architecture - where should IPS/IDS be placed?

I am a system architecture working on projects - mostly CDN related projects - and I am currently a bit confused about where the IPS/IDS should be placed. We have a NGINX-based webserver for the edge which is being protected and monitored with NAXSI…

linux ids architecture security-by-design

asked May 10 '17 at 07:04

Parsa Samet

246
2
10

0

votes

1 answer

What are some possible ways of sending anonymous request to re-crawl to Google?

This is a proposed architecture for submitting anonymous request to re-crawl the web page to google bot. I tried to come up with the solution given below. The intention of posting it here is to know the security loopholes in the given architecture…

encryption google random architecture third-party

asked Apr 24 '17 at 16:25

Paul Schimmer

13
3

0

votes

1 answer

Active directory based permissions SID, username or email?

My application has a table with the permissions to the screen it has. Which of the following should I use to store the permissions against: sid username email other It's in an internal enterprise

permissions active-directory architecture

asked Jan 29 '17 at 00:56

j. doe

55
5

0

votes

2 answers

Msfvenom meterpreter android architectures

Is there any android architecture I can set my meterpreter reverse_http payload to that works on every android phone? Basically, when I don't set any architecture it defaults to dalvik but that architecture does not seem to be working on every phone…

android metasploit meterpreter architecture

asked Sep 27 '16 at 15:33

pedro santos

153
2
12

0

votes

1 answer

Does stack (UNIX x86, x86-64, ARM) grow up or down, buffer overflow tutorials wrong explained?

when I read something about buffer overflows on the stack, the most or some tutorials show me examples about overwriting local variables (pointers) and then overwriting pointers in the global offset table. But in some tutorials the stack grows…

linux operating-systems buffer-overflow exploit-development architecture

asked Jul 16 '16 at 21:44

user104787

179
1
4
12

0

votes

2 answers

Modular security for a photography UAV?

Is modular security possible? In the context of an embedded device, is it possible to create an add-in module that will be responsible for both communications and security, with his role being creating a single secure link to access to a cloud…

threat-modeling architecture embedded-system

asked Dec 15 '15 at 10:40

hulkingtickets

141
4

-1

votes

1 answer

what are steps to do in order to secure my appli web

I'm asked to secure an appli web and I don't know really which steps I can follow to secure my appli web.

web architecture

asked Feb 25 '19 at 14:18

user200516

1

-2

votes

1 answer

If I put a variable in the private section of a class, will the variable have more protection againsted reverse engineering?

class LockdownUnlock{ private: /*snip*/ std::string rootCertificate; //Will this protect the data? /*snip*/ public: /*snip*/ }LDUnlock;

code-review architecture c++ debugging

asked Apr 30 '18 at 11:09

Ahab Devoid

5
1
4

Questions tagged [architecture]