QueryCrypt 1.0 Released - Encryption for URL Parameters
Aveda Technology has released QueryCrypt 1.0 which enables the encryption of URL parameters at the presentation layer of the web application. This secures your web application from a potential hacker manupulating the query request to gain access to sensitive data by altering parameters.
For example, if click-throughs expose any ids on an anchor tag (i.e., <a href="http://foo./stuff.do?id=1234">Eigenvalue</a>), it‘s conceivable that a malicious user might replace that id with another value to attempt to gain access to data without authorization. While applications are responsible for protecting their own data, QueryCrypt provides the ability to translate that into something more secure: for example, it might look like <a href="http://foo./stuff.do?_tq=16agdt15272563123">Spackle</a> instead, and as this is an encrypted value based on the session id and a DESede, it‘s very difficult for the data to be exposed or exploited.
It works via a session listener, and simple API calls are provided to construct or deconstruct query parameters.
QueryCrypt sells for $300 USD, and can be bought online.
Tell us what you think of this new product. Are there way in which it can be improved?
|
