Advanced Java and Web Technologies for JNTUK
Blog providing beginner tutorials on different web technologies like HTML, CSS, Javascript, PHP, MYSQL, XML, Java Beans, Servlets, JSP and AJAX

22/01/2015 Categories: HTML. No Comments on Security Concepts

Security in the web relate to protecting your sensitive data (like passwords, credit card numbers, PINs etc) from being accessed or manipulated by the people whom you think are not deemed to do so. Most of the security concerns arise due to the vulnerabilities in the Internet and related technologies. To understand what are the security issues, consider an example of a transaction where you send your username and password to login to a website. Security issues for this transaction are as follows:

Privacy – It should not be possible for a third-party to steal your data while it is being sent to a server.

Integrity – It should not be possible for a third-party to modify your data before reaching the server.

Authentication – Both sides of the communication should be able to identify each other’s identity.

Non-repudiation – Both sides must be able to prove legally that the message was sent and received.

First two issues, privacy and integrity can be supported by using encryption which is way to convert human readable information to non-human readable. There are several algorithms widely available for encryption among which the popular ones are RSA, DES, AES and Triple DES.

There is another dimension which raises various problems regarding the security of the data. It is through malicious programs. Hackers (people with evil intensions) create malicious programs known as viruses, worms, time bombs and others. A virus is a malicious program which is transmitted through attachments of an e-mail or as a part of a software download that when executed on the victim’s computer, attaches itself with the other programs and makes them unusable or deletes data available in the memory or hard disk. A worm, unlike a virus, has the ability of self propagation. Viruses and worms allows an attacker to gain control of the victim’s computer which in turn are used as a part of attacks known as DoS (Denial of Service) attacks.

Suryateja Pericherla

Suryateja Pericherla

Hello, I am Suryateja Pericherla working as an Asst. Professor in CSE department at Vishnu Institute of Technology. I write articles to share my knowledge and make people knowledgeable regarding certain topics.
Suryateja Pericherla

Latest posts by Suryateja Pericherla (see all)

Related Links:

Note: Do you have a question on this article or have a suggestion to make this article better? You can ask or suggest us by filling in the below form. After commenting, your comment will be held for moderation and will be published in 24-48 hrs.

Leave a Reply

Scroll Up