Ch1. The Internet
Ch2. The Internet protocol stack
Ch3. Web Servers
Ch4. HTML
Ch5. Apache and PHP
Ch6. Databases
Ch7. Databases and PHP
Ch8. Business Logic and JavaScript
Ch9. Security
Ch9. Security
I. Basic security concept
1. Definitions
Processes and methodologies involved in protecting information and information systems
against unauthorized access, use, disclosure, disruption, modification, or destruction.
2. Security Components:
Security Services: A service that enhances the security of the data processing systems and the
information transfers. ➔ Uses one or more security mechanisms.
➢ Confidentiality: protection of data from unauthorized disclosure.
➢ Integrity: assurance that data received are exactly sent by authorized entity → no
modification, insertion, deletion or replay.
➢ Availability: system resource being only accessible or usable for authorized entity.
➢ Authentication: assurance that the communication entity is the one that it claims to be.
Security mechanisms: Any mechanism designed to prevent, or recover from a security attack.
e.g. ◼ Encryption ◼ Hashing ◼ Digital Signatures ◼ Passwords ◼ Key Exchange
➔ All of them are called: Cryptography
II. Foundations of Cryptography (Fundamental knowledge)
Cryptosystem: 5 ingredients (P, E, D, K, C): Transform P → C
- Plaintext (P) original message
- Encryption Algorithm (E): applies transformations to the plain text.
- Keys (K): input to algorithms; transformations depend on key values.
- Cyphertext (C): scrambled message produced as output; apparently random stream of
data unintelligible.
- Decryption Algorithm (D): reverse transformation: takes the cyphertext and key as
input; return the original text as output.
Cryptography:
- Provide confidentiality and authenticity.
- Studying these techniques to understand the building blocks of cryptosystems.
- Modern cryptography starts: 2nd half of 20th century.
Ch2. The Internet protocol stack
Ch3. Web Servers
Ch4. HTML
Ch5. Apache and PHP
Ch6. Databases
Ch7. Databases and PHP
Ch8. Business Logic and JavaScript
Ch9. Security
Ch9. Security
I. Basic security concept
1. Definitions
Processes and methodologies involved in protecting information and information systems
against unauthorized access, use, disclosure, disruption, modification, or destruction.
2. Security Components:
Security Services: A service that enhances the security of the data processing systems and the
information transfers. ➔ Uses one or more security mechanisms.
➢ Confidentiality: protection of data from unauthorized disclosure.
➢ Integrity: assurance that data received are exactly sent by authorized entity → no
modification, insertion, deletion or replay.
➢ Availability: system resource being only accessible or usable for authorized entity.
➢ Authentication: assurance that the communication entity is the one that it claims to be.
Security mechanisms: Any mechanism designed to prevent, or recover from a security attack.
e.g. ◼ Encryption ◼ Hashing ◼ Digital Signatures ◼ Passwords ◼ Key Exchange
➔ All of them are called: Cryptography
II. Foundations of Cryptography (Fundamental knowledge)
Cryptosystem: 5 ingredients (P, E, D, K, C): Transform P → C
- Plaintext (P) original message
- Encryption Algorithm (E): applies transformations to the plain text.
- Keys (K): input to algorithms; transformations depend on key values.
- Cyphertext (C): scrambled message produced as output; apparently random stream of
data unintelligible.
- Decryption Algorithm (D): reverse transformation: takes the cyphertext and key as
input; return the original text as output.
Cryptography:
- Provide confidentiality and authenticity.
- Studying these techniques to understand the building blocks of cryptosystems.
- Modern cryptography starts: 2nd half of 20th century.
