Anonymously configurable public Internet services need some special security considerations. A working example will be explained, for this purpose we will examine the 'Mobile Website Test' suite of applications that use mobile device emulation to show visitors what their chosen website(s) look like on a mobile device or smartphone.
Why special security considerations? Running a service that allows anonymous connections to give instructions to 'load', 'run' and 'display' information from any source on the Internet is just about the dumbest thing you can do without taking any precautions.
Security, modeling and engineering considerations
This environment makes use of a combination of processes discussed on this site, like TCP remoting and server header adjustments.
Isolated vulnarable protected public service process.
As each service process is completely isolated from both external (besides only http on port 80) and internal systems and processes (besides predefined TCP port definition and a fixed set of command instructions), it cannot interact or affect anything.
A process monitor, watchdog or housekeeper constantly monitors the processes to ensure these are healthy and running and resets them if required after a hack or malware attempt.
A great way of detecting and registering abuse (honey pot). Hackers cannot resist trying to test new malware and attacking services like this. Making it a great security early warning system. By registering the IP number of the requestor and the URL of the malware, you get a two for one advantage.
Safe way to offer interactive unmanaged public services as well as the ability to extend your Internet security processes.
Below is set of operational examples deployed using the model above and operatinig in a web farm environment. These are smartphone emulator services.