Presentation is loading. Please wait.

Presentation is loading. Please wait.

Taewan kang, Kevin huangfu

Published byWidyawati Tedjo Modified over 6 years ago

Similar presentations

Presentation on theme: "Taewan kang, Kevin huangfu"— Presentation transcript:

1 Taewan kang, Kevin huangfu
Application Security Taewan kang, Kevin huangfu

2 Importance of Application Security
1.jpg

3

4 Did we get better? According to IBM X-Force, the annual growth rate in disclosed application vulnerabilities was 60% from 1996 to 2006, and is only 9% from 2006 to 2014.

5 How it improved? more compliance standards
adopting secure coding practices.

6 Two-Factor Authentication
Multi-Factor Authentication One-Factor: Something the user knows (i.e. password) Two-Factor: Something the user has (i.e. verification code) Three-Factor: Something the user is (i.e. fingerprint scan)

7 How It Works A secondary check in addition to a password (one-factor)
Uses tokens during a secondary authentication step Tokens Hard Tokens: hardware devices that user carries Soft Tokens: software-based security tokens

8 Mobile Authentication
Hard token Soft Token Three-Factor

9 Pros and Cons: Two-Factor
Provides high level protection at reasonable costs (98% coverage) Easy to implement Many ways to implement Less effective than three-factor authentication (99.99% coverage) Near useless if hackers hack into your method of secondary authentication

10 Web-Application Demonstration

11 Simple Mail Transfer Protocol
Simple Mail Transfer Protocol (SMTP) Internet standard for electronic mail SMTP servers are responsible for delivery

Download ppt "Taewan kang, Kevin huangfu"

Similar presentations

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.
User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa.

User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa.
By Won Lee.  Stands for Simple Mail Transfer Protocol  Used for sending and receiving electronic mail efficiently and reliably  Daily function of life.

By Won Lee.  Stands for Simple Mail Transfer Protocol  Used for sending and receiving electronic mail efficiently and reliably  Daily function of life.
Computer Networks An Overview. A Computer Network!

Computer Networks An Overview. A Computer Network!
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Chapter 11 Enterprise Networks & Internet Enterprise Network Architecture Internet Enterprise Network & Internet.

Chapter 11 Enterprise Networks & Internet Enterprise Network Architecture Internet Enterprise Network & Internet.
Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an email client uses.

Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an client uses.
Application Layer. This graphic is taken from The Abdus Salam International Centre for Theoretical Physics.

Application Layer. This graphic is taken from The Abdus Salam International Centre for Theoretical Physics.
Setting up Your New Mail Domain in MS Outlook and Outlook Express By CS Ling (Global Visibility Solution)

Setting up Your New Mail Domain in MS Outlook and Outlook Express By CS Ling (Global Visibility Solution)
Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.

Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
? INTERNET WHAT, WHY, HOW. DEFINITION The Internet is a massive public spiderweb of computer connections. It connects personal computers, laptops, tablets,

? INTERNET WHAT, WHY, HOW. DEFINITION The Internet is a massive public spiderweb of computer connections. It connects personal computers, laptops, tablets,
CSE 4482, Fall 2009, D Chan Session 2 – Common Security Techniques.

CSE 4482, Fall 2009, D Chan Session 2 – Common Security Techniques.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.

 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
© 2005-07 NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
LOGO Email Server. Contents Introduction 1 Problem Definition 2 Proposed Solution 3 Architecture Diagram 4 Email Server Technology 5 Hardware and Software.

LOGO Server. Contents Introduction 1 Problem Definition 2 Proposed Solution 3 Architecture Diagram 4 Server Technology 5 Hardware and Software.
Protocols. Protocol Set of rules that govern: Connection Communication data transfer Protocols regulate: access method allowed physical topologies types.

Protocols. Protocol Set of rules that govern: Connection Communication data transfer Protocols regulate: access method allowed physical topologies types.

Similar presentations

Ads by Google