Beruflich Dokumente
Kultur Dokumente
Web Documents
Static Documents Dynamic Documents - Common Gateway Interface (CGI) - Scripting Technologies Embedded in HTML Page (Eg:- PHP, JSP, ASP) Active Documents - Java Applets - Client side scripting
CGI
9 8 CGI S/W 3 4 Web Server File System 7
11
Browser 1 Web Server
10 2
Database Server 5
Database
Protection Methods
Trust Based Security Security through Obscurity (STO)
Security through obscurity refers to a principle in security engineering, which attempts to use secrecy of design or implementation to provide security. A system relying on security through obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the faults are not known, then attackers will be unlikely to find them.
Protection Methods
Password Schemes Biometric System
Security
Data Security Message or Transaction Security - Message Confidentiality - Message Integrity - Error Detection codes - Check sum method - Message Sender Authentication - Digital Certificate
Digital Certificate
In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document which uses a digital signature to bind a public key with an identity information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
Importance of Firewall
Monitor incoming/out going security alerts Some firewalls can delete viruses,worm, Trojan horses or data collectors Blocking of selected sites on www
Firewall Architecture
Packet Filtering
Combination of Destination IP Address Protocol Source IP Address Source protocol port number Destination Protocol Port number
Firewall Policy
Permissive Approach Restrictive Approach - only those identified as permitted to pass
Components of Firewall
Hardware Software - Packet Filters - Proxy Servers - SOCKS Servers - SOCKet Secure (SOCKS) is an Internet protocol that routes network packets between a client and server through a proxy server. SOCKS5 additionally provides authentication so only authorized users may access a server. - Network address Transalation (NAT) - Logging and monitoring Software - Virtual Private Network (VPN) Services
Types of Firewalls
Static Firewall - Default Allow Policy - Default Denial Policy Dynamic Firewall - IP Packet Filtering Firewall - Application Level Firewall
Limitations of Firewall
A firewall is unable to offer protection from those threats do not pass through it Threats from Internal users Monitors, only authenticated & legitimated traffic flow not confidentiality Virus attack, Data driven attack
Selecting a Firewall
Ease of Use Level and Quality of protection Whether it is free Level of Intelligence Technique/Strategy to cope with Internet connection sharing
Advantages of a Website
Increased Awareness of Products and Services Freedom - sharing of information in the internet Cost Advantage