tailieunhanh - Lecture Introduction to web engineering - Lec 10: Web application security
After studying this chapter you will be able to understand: Promoting a web application, content management, usage analysis, web security overview, secure transmission of data, user’s security issues, service provider’s issues. | Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 1 Promoting a web application Newsletter Affiliate marketing Search engine marketing Content management Usage analysis Techniques Indicators Use behavior analysis Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 2 Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 3 Web security overview Secure transmission of data User’s security issues Service provider’s issues Web client expect web applications to be secure preventing access from untrusted or malicious sources to private data service providers do not misuse their data by exchanging data with third party Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 4 Several risks exist for service providers as well prevent access from attackers credit card number can be stolen data can be accessed and modified availability of service can be reduced can influence agreements and cause financial . | Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 1 Promoting a web application Newsletter Affiliate marketing Search engine marketing Content management Usage analysis Techniques Indicators Use behavior analysis Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 2 Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 3 Web security overview Secure transmission of data User’s security issues Service provider’s issues Web client expect web applications to be secure preventing access from untrusted or malicious sources to private data service providers do not misuse their data by exchanging data with third party Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 4 Several risks exist for service providers as well prevent access from attackers credit card number can be stolen data can be accessed and modified availability of service can be reduced can influence agreements and cause financial lose Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 5 We can define security according to notions of users and service providers as securing the end user’s computer and personal data stored on it securing information in transit securing the server and data stored on it Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 6 Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 7 Desktop security Security of personal data security of the host Service availability Network security Secure communication Security aspects Confidentiality: means communication between a customer and a provider cannot be read by a third party data encryption can be used Integrity: nobody is able to modify the exchanged information Basharat Mahmood, Department of Computer Science,CIIT,Islamabad, Pakistan. 8 Security aspects Non-repudiation: originators of messages should not be able to deny customers ordering books at an online store .
đang nạp các trang xem trước
