MACROMEDIA FLASH COMMUNICATION SERVER MX-SERVER-SIDE COMMUNICATION ACTIONSCRIPT DICTIONARY Bedienungsanleitung PDF herunterladen (Seite 55)

Understanding Flash Communication Server Security 55

Use server-side script precautions.

In server-side scripts do not use procedures that can be called

by a malicious movie, which could then fill a hard disk, consume the processor, or do other

damage. Procedures attached to client objects are particularly vulnerable. Procedures to be aware

of include writing to the hard disk without checking the quantity of data being written,

procedures that can be infinitely looped, and so on.

Send sensitive data via HTTPS. If you need to send sensitive data such as credit card information,

you can use HTTPS to communicate simultaneously between your Flash MX client application

and a separate application server that processes the data. To do this, use the ActionScript getURL

command. (For more information, see the online ActionScript Dictionary in the Flash MX Help

menu.)

About privacy

The technology in Macromedia Flash Communication Server MX enables the capture of client

audio and video streams. When creating applications, it is your responsibility to comply with all

applicable laws, rules, and regulations and to inform the user of privacy rights and your policies in

situations such as when the application transports audio or video data across insecure channels or

when audio or video data is being recorded for publication. For an example of adding user

notification to your sample application, see “Adding a privacy module” in the “Application

Development Tips and Tricks” chapter of Developing Communication Applications.

Deploying secure applications

When you deploy a Flash Communication Server application, it is important to take steps to

ensure that your network is secure.

In addition to the precautions taken during the application development process, it is

recommended that you deploy your communication applications in a firewall protected

environment. Firewalls provide port-based protection for your network and can be used to

prevent connections to the network from specific IP addresses.

You should take precautions when using log files to track server activity, since these files can

consume large amounts of disk space over time.

The following two sections describe these precautions in more detail.

About firewalls

A firewall is a combination of hardware and software that controls the flow of information

between networks, such as between a company intranet and the wider Internet. Firewalls provide

port-based security, meaning they can be configured to allow certain communication ports

(1935, 80) to appear “outside” the firewall, making them accessible to external networks.

The port that Flash Communication Server uses should be behind a firewall if it’s being used only

by users of a private network, such as a corporate intranet. The port should be accessible from

outside the firewall if it’s meant to be accessible to outside users such as users of the Internet in

general.

If the Flash Communication Server and an application server are both behind a firewall, they can

communicate with each other and no outside party can eavesdrop on the data to gain access to

private information.

1 2 ... 50 51 52 53 54 55 56 57 58 59 60

Keine Kommentare

MACROMEDIA FLASH COMMUNICATION SERVER MX-SERVER-SIDE COMMUNICATION ACTIONSCRIPT DICTIONARY Bedienungsanleitung Seite 55