M
Matt Baker
Guest
You need to go back to your security team and get specific requirements. These would include what specific techniques you are going to implement, and which specific algorithms, and specifications on how to test and implement this. Adding another layer of "encryption" for one value in an HTML form on top of an already encrypted channel can't be solved without knowing exactly what issue the security team intends to solve. Go ready up on the OWASP page I sent earlier, along with other techniques on the owasp.org website. You will find the topics with answers and techniques there much more useful than here.
Continue reading...
Continue reading...