Prospero Only Records HTTP POSTs
The original system only captures HTTP POST events. It didn't forward PUT and DELETE.
Prospero Only Uses HTTP for New Events
You could not send new events via HTTPS. Furthermore, all communications between nodes was unencrypted, making it unsuitable for a non-secure environment.
Prospero Uses Symmetric Key Encryption
This meant that administrators knew all the keys; and if an attacker gains access to one table, they get all the client messages.
Miranda Addresses All these Issues
Miranda forwards HTTP PUT and DELETE, as well as POST.
Miranda does everything using SSL/TLS dealing with the 2nd issue.
Miranda uses public key encryption instead of secret key encryption. Thus administrators don't actually have client keys and an attacker gains no advantage by getting access to the keys that clients use.
No comments:
Post a Comment