MATLAB Web App Server Security


It is strongly recommended that you consult with your IT system administrator and discuss the security implications of installing the MATLAB® Web App Server.

Installing and running the server on your network exposes your network and file system to risks. The machine running the server is most at risk from accidental or deliberate misuse of deployed web applications. Therefore, you must install the server software only on dedicated hardware. This can be a physical or virtual machine whose only purpose is to host web applications that connect to the server software. Using a physical or virtual machine limits the risk in the event that the machine is compromised.

The MATLAB Web App Server alters the security profile of the machine on which it is running. The installation process creates a server user account with low privileges. This new account has read-only permission to the app folder created during the installation of the server. However, through a process known as privilege escalation, attackers may be able to exploit bugs in the operating system or network to obtain the privileges of ordinary or even administrative users. They can then attempt to access files or other intellectual property without permission.

The server relies on the authentication and authorization scheme of its host machine and network. Other than supporting HTTPS, it does not contain any additional mechanisms for authenticating or authorizing web application users. For more information, see Enabling HTTPS.

You may be able to mitigate some of these risks by:

  • Restricting network access: Only trusted users can access the server and its associated applications.

  • Executing only trusted applications: Trust applications developed by only well-known, trusted, and authenticated sources.

  • Limiting application functionality: Include in the application only those features of MATLAB required for the application to perform its function. For more information, see Authoring Secure Web Apps.

For a list of additional risks, see Potential Risks.

Related Topics