Is Django a good choice for a security critical application?

Question

Is Django a good choice for a security critical application?

I am asking this because most of the online banking software is built using Java. Is there any real reason for this?

Answer 1

Probably the reason behind Java is not in the in the security. I think Java is more used in large development companies and banks usually resort to them for their development needs (which probably are not only related to the web site but creep deeper in the backend).

So, I see no security reasons, mostly cultural ones.

Answer 2

Actually, the security in Java and Python is the same. Digest-only password handling, cookies that timeout rapidly, careful deletion of sessions, multi-factor authentication. None of this is unique to a Java framework or a Python framework like Django.

Django, indeed, has a security backend architecture that allows you to add your own LDAP (or AD) connection, possibly changing the digest technique used.

Django has a Profile model where you can keep additional authentication factors.

Django offers a few standard decorators for view function authorization checking. Since Python is so flexible, you can trivially write your own decorator functions to layer in different or additional authentication checking.

Security is a number of first-class features in Django.

Answer 3

Are you referring to the fact that the complete application is built in Java, or just the part you see in your browser? If the latter, the reason is probably because in the context of webpages, Java applets can be downloaded and run.

Answer 4

You should not rely the security of the application on the framework. even though Django does come in with a pretty good number of measures against classical security issues, it can not guarantee that your application will be secure, you need much more than a programming Framework to get a security critical application.

I'd say yes, Django is a good choice as long as you know its powers and limitations and are aware of the security flaws of every application.

Answer 5

The reasons for building banking apps in Java are not related to security, at least IMHO. They are related to:

1. Java is the COBOL of the 21st century, so there is a lot of legacy code that would have to be rewritten and that takes time. Basically banking apps are old apps, they were built in java some ten years ago and nobody wants to throw all the old code away (which BTW is almost always a bad decision),
2. some people believe that a static typed language is somewhat "safer" than the dynamic typed language. This is, IMHO, not true (take for instance collections prior to Java 5).

Answer 6

I find your connection between Java and banking wrong ended.

Most Banking Software has terrible security. And much banking software is written in Java. Does ths mean Java makes it more difficult to write secure software than other languages?

Probably it's not Java's fault that there is so little quality security (and safety) wise in Banking software. Actually, like the other posters mention, the choice of your Language usually has very little consequences for your security - unless you select one of the few languages where only hotshot coders can write secure code in (C and PHP come to mind).

Many huge E-Commerce sites are written in Python, Ruby and Perl using various frameworks. And I would argue that the security requirements for merchants are much higher than the requirements of the banking industry. That is because merchants have to provide security and good user experience, while banking customers are willing to put up with unusable interfaces SecureID tokens and whatever.

So yes: Django is up to the task.

Answer 7

You can build a secure application with Django just as you can with any popular Java framework. One part where Java does shine is its extensive cryptographic library.

For the minimal encryption tasks that are required by Django, Python’s cryptographic services are sufficient, however its lack of strong block ciphers make the encryption mechanism in Django insecure for data at rest.

Python does natively support secure hashing algorithms to include SHA1, SHA224, SHA256, SHA384, and SHA512, however Django’s authentication mechanism has yet to be updated to use anything other than SHA1, making it potentially vulnerable to cryptographic analysis.