1. ◦ Intro ◦ Client-side security ◦ Server-side security ◦ Complete security ? 2.

Slides:



Advertisements
Similar presentations
Internet Security Protocols
Advertisements

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
A Survey Of Web Security Aviel D. Rubin Daniel E. Geer Jr. “...with an internationally connected user network and rapidly expand Web functionality, reliability.
Internet, Intranet and Extranets
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Server-Side vs. Client-Side Scripting Languages
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Administrative  Philosophy  Class survey  Grading  Proposal (5 points max)  Small projects (10 points each max)  Project (40 points max)  Presentation.
15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.
DATABASE APPLICATION DEVELOPMENT SAK 3408 The Web and DBMS.
Internet…issues Managing the Internet
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
INTERNET DATABASE. Internet and E-commerce Internet – a worldwide collection of interconnected computer network Internet – a worldwide collection of interconnected.
Nasca Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.
Multiple Tiers in Action
Technologies for EC/EB Walt Scacchi FEMBA 290 Winter 2003.
Introduction to Web Based Application. Web-based application TCP/IP (HTTP) protocol Using WWW technology & software Distributed environment.
Administrative  Philosophy  Class survey  Grading  Project  Presentation.
Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.
12 Chapter 12 Client/Server Systems Hachim Haddouti.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Computer Security and Penetration Testing
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.
Remote Networking Architectures
Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
Web-based Software Development - An introduction.
Software Development Architectures Ankur K. Rajopadhye Louisiana Tech University.
TOPIC 1 – SERVER SIDE APPLICATIONS IFS 234 – SERVER SIDE APPLICATION DEVELOPMENT.
System Architecture & Hardware Configurations Dr. D. Bilal IS 592 Spring 2005.
1 Web Database Processing. Web Database Applications Static Report Publishing a report is prepared from a database application and exported to HTML DB.
Web Based Applications
A Back-Stage Pass: What Every Hacker Wants Presented by: Art Jones.
Copyright © cs-tutorial.com. Introduction to Web Development In 1990 and 1991,Tim Berners-Lee created the World Wide Web at the European Laboratory for.
Databases and the Internet. Lecture Objectives Databases and the Internet Characteristics and Benefits of Internet Server-Side vs. Client-Side Special.
Week 7 Lecture Web Database Development Samuel Conn, Asst. Professor
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Lesson 15 Client Side Vulnerabilities and you. Active Server Pages MS’s answer to the scripting world of PERL and CGI on Unix Usually Written In Visual.
Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.
Networking Basics Lesson 1 Introduction to Networks.
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.
Introduction to Internet Programming (Web Based Application)
IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.
E-Learning Material Web Application Design 3. Web Application Design Architecture Which objects go where? The final model notation Summary.
Working with scripts. HTTP Was too limited Not dynamic.
Introduction  Client/Server technology is seen by many as the solution to the difficulty of linking together the various departments of corporation.
Mini Group Presentations: php by Veronica Black + Jia Xu.
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
Building Security into Your System Bill Major Gregory Ponto.
Modern JavaScript Develop And Design Instructor’s Notes Chapter 1 - (Re) Introducing JavaScript Modern JavaScript Design And Develop Copyright © 2012 by.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 14 Database Connectivity and Web Technologies.
1 MSCS 237 Overview of web technologies (A specific type of distributed systems)
Creating Web Documents: How the Web works Client / Server Protocols Access methods Homework: Complete experiment & report on Discussion Forum.
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
14 1 Chapter 14 Web Database Development Database Systems: Design, Implementation, and Management, Sixth Edition, Rob and Coronel.
Web Technologies Lecture 8 Server side web. Client Side vs. Server Side Web Client-side code executes on the end-user's computer, usually within a web.
Communications & Networks National 4 & 5 Computing Science.
Chapter 13Oracle9i DBA II: Backup/Recovery and Network Administration 1 Chapter 13 Network Administration and Server-side Configuration.
 Web pages originally static  Page is delivered exactly as stored on server  Same information displayed for all users, from all contexts  Dynamic.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 14 Database Connectivity and Web Technologies.
A Web-based Integrated Console for Controlling a Set of Networks (WICCSN) By Avinash & Amber For Web Security Class under Dr Yang Andrews.
Introduction to Networking
Foundation year Lec.4: Lec.4: Communication Software Internet & Security Lecturer: Dalia Mirghani Year : 2014/2015.
Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.
2 Copyright © Oracle Corporation, All rights reserved. Basic Oracle Net Architecture.
Web development. What is web development? - It is a broad term for the work involved in developing a web site for the Internet - It can range from developing.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Security on Peer-to-Peer Networks.
Security Issues.
Presentation transcript:

1

◦ Intro ◦ Client-side security ◦ Server-side security ◦ Complete security ? 2

◦ The security of a web-based information system requires security controls at each tier (client, web server, database server, …). browser  web server  application/database server HTTP/HTTPS application protocol(s) or HTTP/HTTPS Figure 11.1 ◦ A web client can become an easy target. ◦ The servers are prime targets to the hackers. ◦ The communication links must be secured as well. 3

 A challenge to provide total security to clients 1.Client devices tend to be handled by end users with varying levels of expertise. 2.There exist multiple types of client devices. 3.Various executables and/or attachments may be downloaded to a networked client device. 4.There exist various client applications, each of which requires different configurations, updates, etc. 5.Less physical security 4

 User awareness  Client configurations/updates ◦ anti-malware applications ◦ Web browsers ◦ client applications  How far and how long would sensitive data need to be protected? ◦ Encryption? (key management, …) ◦ MAC? ◦ Period of protection? 5

 What need to be secured? ◦ The server itself (physical, applications, data) ◦ The connections to the clients ◦ The connected clients  A centralized location to enable security controls 6

 Challenges? 1.A rewarding target (web presence, precious data) 2.Various server-side technologies  CGI scripts  Server APIs  Server-side includes  ASP  JSP/Servlets  PhP 7

 Challenges? (cont.) 3.Possibly high workload (many connections) 4.Need for layered security (application layer vs network or lower layer) 5.Configurations and updates 8

 That’s the goal.  Requires the cooperation of all participants, the security of all devices and communication links. ◦ Data security: When and where do sensitive data need to be protected?  Laws require corporations and organizations to implement proper measures to protect the data they process. 9

10

11

12

13

14

15

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.