Taewan kang, Kevin huangfu

Slides:

Advertisements

Similar presentations

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

Advertisements

User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa.

By Won Lee.  Stands for Simple Mail Transfer Protocol  Used for sending and receiving electronic mail efficiently and reliably  Daily function of life.

Computer Networks An Overview. A Computer Network!

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

Chapter 11 Enterprise Networks & Internet Enterprise Network Architecture Internet Enterprise Network & Internet.

Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an client uses.

Application Layer. This graphic is taken from The Abdus Salam International Centre for Theoretical Physics.

Setting up Your New Mail Domain in MS Outlook and Outlook Express By CS Ling (Global Visibility Solution)

Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

? INTERNET WHAT, WHY, HOW. DEFINITION The Internet is a massive public spiderweb of computer connections. It connects personal computers, laptops, tablets,

CSE 4482, Fall 2009, D Chan Session 2 – Common Security Techniques.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

LOGO Server. Contents Introduction 1 Problem Definition 2 Proposed Solution 3 Architecture Diagram 4 Server Technology 5 Hardware and Software.

Protocols. Protocol Set of rules that govern: Connection Communication data transfer Protocols regulate: access method allowed physical topologies types.

Automated Home Care Messaging System (AHCMS) Supervisor: Prof. Trevor W. Pearce Prof. Ian Marsland Project Member: Wen Chan Chang Jan. 26, 2005 Department.

Ingredients of Information Security. - Who has access the asset? - Is the asset correct? - Is the asset accessible? …uncorrupted? …authentic?

Unified Distributed (UDub Mail) Life Cycle Objectives Sachin Pradhan Gabriel Maganis.

Advanced file encryption Copyright © 2002 Deerfield.com, All Rights Reserved.

INTERNET PROTOCOLS. Microsoft’s Internet Information Server Home Page Figure IT2031 UNIT-3.

{ INTERNET  A GLOBAL SYSTEM OF INTERCONNECTED COMPUTERS  A NETWORK OF NETWORKS.  A PART OF EVERYDAY LIFE  VAST ARRAY OF INFORMATION RESOURCES AND SERVICES.

13LECTURE NET301 11/23/2015Lect13 NET THE PROBLEM OF NETWORK SECURITY The Internet allows an attacker to attack from anywhere in the world from.

Welcome Topic : Security.

Borders Business Programme IT and Marketing Functions of Web-based Systems Russell Taylor Lecturer in Computing Borders Business Programme.

Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.

Networking Network Classification, by there: 3 Security And Communications software.

Networks. Learning Objectives: By the end of this lesson you should be able to:

VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.

Security Issues Introduction.. Security All the connectivity schemes you will hear about have security implications. –4 computer security incidents in.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Information Systems Design and Development Security Precautions Computing Science.

What is Cloud Computing 1. Cloud computing is a service that helps you to perform the tasks over the Internet. The users can access resources as they.

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.

Securing Information Systems

ICE Integrated Cloud Environment Cloud Scanning and Mobile Printing

Dibyajit Computer Security Hacking dibyajit

Cloud Faxing for Law Firms

3.1 Types of Servers.

Year 10 Network Security.

Common Methods Used to Commit Computer Crimes

People used to install software on their computers

3.1 Types of Servers.

Some bits on how it works

CIW Lesson 7 Part A Name: _______________________________________

Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

COMPUTER PRIVACY.

Juno Password Reset Number

Google 2 Step Verification Backup Codes Google 2 Steps Verification Backup Codes is very important to get access Gmail account. Backup codes is usually.

Ways to Secure CMS Websites. The most widely used Content Management Systems are Wordpress, Joomla and Drupal as per statistics. The highest CMS platforms.

Operating Systems Security

Multi-Factor Authentication

الانترنت والبريد الإلكتروني

Strong Password Authentication Protocols

1/16/2019 4:44 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Using Two Factor Authentication To Secure Users Alan P. Barber

Protocols 2 Key Revision Points.

Net301 LECTURE 11 11/23/2015 Lect13 NET301.

Operating Systems Tasks 04/04/2019.

Zachary blum Sam Garcia Courtney Sullivan

Chapter 7 Network Applications

Module 4 System and Application Security

COMPLETE BUSINESS TEXTING SOLUTION

Operating Systems Tasks 05/08/2019.

Presentation transcript:

Taewan kang, Kevin huangfu Application Security Taewan kang, Kevin huangfu

Importance of Application Security http://www.quotium.com/content/uploads/2014/10/quotium-2014- 1.jpg

Did we get better? According to IBM X-Force, the annual growth rate in disclosed application vulnerabilities was 60% from 1996 to 2006, and is only 9% from 2006 to 2014.

How it improved? more compliance standards adopting secure coding practices.

Two-Factor Authentication Multi-Factor Authentication One-Factor: Something the user knows (i.e. password) Two-Factor: Something the user has (i.e. verification code) Three-Factor: Something the user is (i.e. fingerprint scan)

How It Works A secondary check in addition to a password (one-factor) Uses tokens during a secondary authentication step Tokens Hard Tokens: hardware devices that user carries Soft Tokens: software-based security tokens

Mobile Authentication Hard token Soft Token Three-Factor

Pros and Cons: Two-Factor Provides high level protection at reasonable costs (98% coverage) Easy to implement Many ways to implement Less effective than three-factor authentication (99.99% coverage) Near useless if hackers hack into your method of secondary authentication

Web-Application Demonstration https://twofactorauthtest.herokuapp.com/

Simple Mail Transfer Protocol Simple Mail Transfer Protocol (SMTP) Internet standard for electronic mail SMTP servers are responsible for email delivery