Security
What security measures would you take to protect an application of this nature? Eg from external sources - unauthorised access, hacks, DOS attacks etc. In addition, do you have experience of ensuring that registered users do not have access to other user accounts/data from within the same application? Are you aware of these risks? How would you prevent them? We usually use RESFUL authentication framework when authentication system is required. There are several such frameworks in Rails, open-source and carefully tested. In some particular situation, OAuth can also be used to avoid or mitigate risk. For DOS attack, currently we mainly depend on the host service provider.
Frequently Asked Questions 10
Posted on: 11/20/2009 by Lawrence Sinclair