Scribd Logo
Upload

Welcome to Scribd!

  • 20 views

    Web Security: Dr. H.R. Chennamma

    Uploaded by

    Rajendra Prasad
    The document discusses various challenges and threats related to web security. It notes that casual web users and outdated systems are vulnerable to attacks. Both passive and active attacks threaten web servers, browsers and network traffic. The document also outlines how Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL) provide encryption and integrity to secure communications between clients and servers. TLS/SSL sit above the TCP layer to ensure confidentiality and protect against threats located at web servers, browsers or in network traffic.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Web Security: Dr. H.R. Chennamma

    Uploaded by

    Rajendra Prasad
    20 views14 pages
    The document discusses various challenges and threats related to web security. It notes that casual web users and outdated systems are vulnerable to attacks. Both passive and active attacks threaten web servers, browsers and network traffic. The document also outlines how Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL) provide encryption and integrity to secure communications between clients and servers. TLS/SSL sit above the TCP layer to ensure confidentiality and protect against threats located at web servers, browsers or in network traffic.

    Original Description:

    About Security

    Original Title

    Web Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses various challenges and threats related to web security. It notes that casual web users and outdated systems are vulnerable to attacks. Both passive and active attacks threaten web servers, browsers and network traffic. The document also outlines how Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL) provide encryption and integrity to secure communications between clients and servers. TLS/SSL sit above the TCP layer to ensure confidentiality and protect against threats located at web servers, browsers or in network traffic.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    20 views14 pages

    Web Security: Dr. H.R. Chennamma

    Uploaded by

    Rajendra Prasad
    The document discusses various challenges and threats related to web security. It notes that casual web users and outdated systems are vulnerable to attacks. Both passive and active attacks threaten web servers, browsers and network traffic. The document also outlines how Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL) provide encryption and integrity to secure communications between clients and servers. TLS/SSL sit above the TCP layer to ensure confidentiality and protect against threats located at web servers, browsers or in network traffic.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 14

    Web Security

    Dr. H.R. Chennamma


    Asst. Professor, Dept. of MCA
    SJCE, Mysore - 6

    13/03/2015 1
    Challenges for Web Security
    • Casual and untrained (in security matters)
    users are common clients for web-based
    services.
    • The short history of the Web is filled with
    examples of new and upgraded systems, that
    are vulnerable to a variety of security attacks.
    • Reputations can be damaged and money can
    be lost if the Web servers are subverted.
    Web Security Threats
    Two types of security threats:
    • Passive attacks
    • Active attacks

    Another way to classify Web security threats is in


    terms of the location of the threat:
    • Web Server
    • Web Browser
    • Network traffic between browser and server
    Location of Security Facilities in TCP/IP
    Transport- Layer Security
    In fact, it uses the security for the application layer,
    which uses the services of TCP as a connection-
    oriented protocol
    UDP and E-mail applications cannot benefit from the
    transport layer security.

    Two protocols are used to provide security:


    – Secure Sockets Layer (SSL) Protocol
    – Transport Layer Security (TLS) protocol
    SSL Architecture
    SSL is designed to make use of TCP to provide a
    reliable end-to-end secure service.

    SSL is not a single protocol but rather two layers


    of protocols.
    SSL Record Protocol
    It provides two services for SSL Connections:

    • Confidentiality
    • Message Integrity
    SSL Record Protocol

    You might also like