Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Web security

Download as PPTX, PDF
L
Layla Tk

Computer and internet security involves establishing rules and measures to protect systems and data from attacks over the internet. Some key aspects of security include firewalls to control network access, encryption to securely transfer data, and protocols like SSL, TLS, PGP and IPsec which provide authentication and encryption for web traffic, email and networking. Other threats include phishing scams, malware, and denial of service attacks which aim to compromise or disrupt systems. A variety of techniques are used to implement security at different levels including network, transport, and application layers.

1 of 14
computeris a branch ofInternet security ,Internetspecifically related to thesecurity networkbut alsobrowser securityoften involving on a more general level as it applies to othersecurity on a whole.systemsoperatingorapplications Its objective is to establish rules and measures to use [against attacks over the Internet. The Internet represents an insecure channel for]1 exchanging information leading to a high risk or fraud,intrusionof .phishingsuch as Different methods have been used to protect the]2[ .encryptiontransfer of data, including Web Security
Types of security Firewalls Malicious software and antivirus service attack-of-Denial
Network layer security IPsec Protocol Security token Electronic mail security (E-mail)
can be made secure with the help ofTCP/IP cryptographic methods and protocols that have been developed for securing communications on the Internet. These protocols include SSL and TLS for web traffic, PGP for email, and IPsec for the network layer security. Network layer security
This protocol is designed to protect communication in a secure manner using TCP/IP. It is a set of security extensions developed , and it provides security and authentication at the IP layerIETFby by using cryptography. To protect the content, the data is transformed using encryption techniques. There are two main types of transformation that form the basis of IPsec: the Authentication Header (AH) and Encapsulating Security Payload (ESP). These two protocols provide data integrity, data origin authentication, and anti-replay service. These protocols can be used alone or in combination to provide the desired set of security (IP) layerInternet Protocolservices for the The basic components of the IPsec security architecture are IPsec Protocol
described in terms of the following functionalities • Security protocols for AH and ESP • Security association for policy management and traffic processing • Manual and automatic key management for the internet key exchange (IKE • Algorithms for authentication and encryption The set of security services provided at the IP layer includes access control, data origin integrity, protection against replays, and confidentiality. The algorithm allows these sets to work independently without affecting other parts of the implementation. The IPsec implementation is operated in a host or security gateway environment giving protection to IP traffic IPsec Protocol (cont.)
Some online sites offer customers the ability to use a six-digit code . Thesecurity tokenseconds on a60-30which randomly changes every key on the security token have mathematical computations built-in and manipulate numbers based on the current time built into the device. This means that every thirty seconds there's only a certain possible array of numbers which would be correct to validate access to the online account. The website that the user is logging into would be made aware of that devices' serial number and therefore would know the computation and correct time built into the device to verify that the number given is in deed one of the handful of six-digit numbers that would work in that given 30-60 second cycle. After the 30-60 seconds the device will present a new random six-digit number which can log into the website. Security token
Background Pretty Good Privacy (PGP) Multipurpose Internet Mail Extensions (MIME) Message Authentication Code Electronic mail security (E-mail)
A firewall controls access between networks. It generally consists of gateways and filters which vary from one firewall to another. Firewalls also screen network traffic and are able to block traffic that is dangerous. Firewalls act as the intermediate server between SMTP and HTTP connections.
Types of firewalls Packet filters Packet filters are one of several different types of firewalls that process network traffic on a packet-by-packet basis. Circuit-level gateways The circuit-level gateway is a proxy server that statically defines what traffic will be allowed. Circuit proxies always forward packets containing a given port number, provided the port number is permitted by the rules set. This gateway operates at the network level of an OSI model
Web security
Antivirus Antivirus programs and Internet security programs are useful in protecting a computer or programmable device from malware.
Denial-of-service attack is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of person or persons to fromserviceorsiteInternetprevent an functioning efficiently or at all, temporarily or indefinitely.
Web security

More Related Content

Web security

  • 1. computeris a branch ofInternet security ,Internetspecifically related to thesecurity networkbut alsobrowser securityoften involving on a more general level as it applies to othersecurity on a whole.systemsoperatingorapplications Its objective is to establish rules and measures to use [against attacks over the Internet. The Internet represents an insecure channel for]1 exchanging information leading to a high risk or fraud,intrusionof .phishingsuch as Different methods have been used to protect the]2[ .encryptiontransfer of data, including Web Security
  • 2. Types of security Firewalls Malicious software and antivirus service attack-of-Denial
  • 3. Network layer security IPsec Protocol Security token Electronic mail security (E-mail)
  • 4. can be made secure with the help ofTCP/IP cryptographic methods and protocols that have been developed for securing communications on the Internet. These protocols include SSL and TLS for web traffic, PGP for email, and IPsec for the network layer security. Network layer security
  • 5. This protocol is designed to protect communication in a secure manner using TCP/IP. It is a set of security extensions developed , and it provides security and authentication at the IP layerIETFby by using cryptography. To protect the content, the data is transformed using encryption techniques. There are two main types of transformation that form the basis of IPsec: the Authentication Header (AH) and Encapsulating Security Payload (ESP). These two protocols provide data integrity, data origin authentication, and anti-replay service. These protocols can be used alone or in combination to provide the desired set of security (IP) layerInternet Protocolservices for the The basic components of the IPsec security architecture are IPsec Protocol
  • 6. described in terms of the following functionalities • Security protocols for AH and ESP • Security association for policy management and traffic processing • Manual and automatic key management for the internet key exchange (IKE • Algorithms for authentication and encryption The set of security services provided at the IP layer includes access control, data origin integrity, protection against replays, and confidentiality. The algorithm allows these sets to work independently without affecting other parts of the implementation. The IPsec implementation is operated in a host or security gateway environment giving protection to IP traffic IPsec Protocol (cont.)
  • 7. Some online sites offer customers the ability to use a six-digit code . Thesecurity tokenseconds on a60-30which randomly changes every key on the security token have mathematical computations built-in and manipulate numbers based on the current time built into the device. This means that every thirty seconds there's only a certain possible array of numbers which would be correct to validate access to the online account. The website that the user is logging into would be made aware of that devices' serial number and therefore would know the computation and correct time built into the device to verify that the number given is in deed one of the handful of six-digit numbers that would work in that given 30-60 second cycle. After the 30-60 seconds the device will present a new random six-digit number which can log into the website. Security token
  • 8. Background Pretty Good Privacy (PGP) Multipurpose Internet Mail Extensions (MIME) Message Authentication Code Electronic mail security (E-mail)
  • 9. A firewall controls access between networks. It generally consists of gateways and filters which vary from one firewall to another. Firewalls also screen network traffic and are able to block traffic that is dangerous. Firewalls act as the intermediate server between SMTP and HTTP connections.
  • 10. Types of firewalls Packet filters Packet filters are one of several different types of firewalls that process network traffic on a packet-by-packet basis. Circuit-level gateways The circuit-level gateway is a proxy server that statically defines what traffic will be allowed. Circuit proxies always forward packets containing a given port number, provided the port number is permitted by the rules set. This gateway operates at the network level of an OSI model
  • 12. Antivirus Antivirus programs and Internet security programs are useful in protecting a computer or programmable device from malware.
  • 13. Denial-of-service attack is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of person or persons to fromserviceorsiteInternetprevent an functioning efficiently or at all, temporarily or indefinitely.