Yorkville High School Computer Science Department
Yorkville High School Computer Science Department on Facebook  Yorkville High School Computer Science Department Twitter Feed  Yorkville High School Computer Science Department on Instagram

Yorkville High School Computer Science

ASSIGNMENTS: Build a Computer - September 25, 2018 :: Network App - December 14, 2018

Computer Security :: Lessons :: SSL

Web Security

The internet is basically a client/server application, but the characteristics of the web suggest that it needs its own security tools:

Below are a number of threats on the internet along with their potential consequences and countermeasures.

Threats Consequences Countermeasures
Integrity
  • Modification of user data
  • Trojan horse browser
  • Modification of memory
  • Modification of message traffic in transit
  • Loss of information
  • Compromise of machine
  • Vulnerability to all other threats
Cryptographic checksums
Confidentiality
  • Eavesdropping on the net
  • Theft of info from server
  • Theft of data from client
  • Info about network configuration
  • Info about which client talks to server
  • Loss of information
  • Loss of privacy
Encryption, web proxies
Denial of Service
  • Killing of user threads
  • Flooding machine with bogus requests
  • Filling up disk or memory
  • Isolating machine by DNS attacks
  • Disruptive
  • Annoying
  • Prevent users from getting work done
Difficult to prevent
Authentication
  • Impersonation of legitimate users
  • Data forgery
  • Misrepresentation of user
  • Belief that false information is valid
Cryptographic techniques
TCP/IP Security

A number of approaches can be taken to provide web security. One way is to use IP security (IPsec). This type of security is transparent to end users and applications and allows filtering so only selected traffic needs to go through the IPsec processing.

The Secure Sockets Layer (SSL) is just above TCP and is typically provided on web servers as well as end-use applications such as web browsers.

Finally, application-specific security such as Kerberos of S/MIME has the advantage of being tailored to a specific application.

Secure Sockets Layer

SSL is a general-purpose service implemented as a set of protocols that rely on TCP. SSLv3 was deprecated in June of 2015 and was followed up by Transport Layer Security (TLS).

Yorkville High School Computer Science Department on Facebook Yorkville High School Computer Science Department Twitter Feed Yorkville High School Computer Science Department on Instagram