Computer security must be holistic, as attackers concentrate on the weakest links. Therefore, the security of a system that uses Java technology must be reviewed as a whole, following the flow of data and applications and considering the potential for attack at each point. This process applies even more forcefully when many computer systems are connected through a network, as more points are subject to attack.

This chapter describes a number of architectural approaches for enterprises, illustrated with real-life examples. We consider the security implications of these approaches, as well as the effects of using Java technology on the server side.

Firewalls are often touted as a defense against ...