SlideShare a Scribd company logo

Web security

Download as PPTX, PDF
Himanshu Tyagi
Himanshu Tyagi
MarketingTechnology
1 of 15
WEB SECURITY HIMANSHU TYAGI VIJETA GANDHI JASPREET SINGH
REQUIRMENT FOR SECURE E-COMMERCE  Intellectual property threats  Client computer threats  Communication channel threats  Server threats
SECURITY TRIADS Confidentiality  Integrity Availability
Confidentiality  Ensures that data or an information system is accessed by only an authorized person. User Id’s and passwords, access control lists (ACL) and policy based security are some of the methods through which confidentiality is achieved
Integrity  Integrity assures that the data or information system can be trusted. Ensures that it is edited by only authorized persons and remains in its original state when at rest. Data encryption and hashing algorithms are key processes in providing integrity
Availability  Data and information systems are available when required. Hardware maintenance, software patching/upgrading and network optimization ensures availability
NETWORK SECURITY  Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals.
FIREWALLS  A firewall is a hardware or software system that prevents unauthorized access to or from a network. They can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All data entering or leaving the Intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria. Types of firewall:-  Network layer or packet filters  Application-layer  Proxies  Network address translation
Network layer or packet filters  Network layer firewalls generally make their decisions based on the source address, destination address and ports in individual IP packets. A simple router is the traditional network layer firewall, since it is not able to make particularly complicated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly more sophisticated, and now maintain internal information about the state of connections passing through them at any time.
Application-layer  Application layer firewalls defined, are hosts running proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. Since proxy applications are simply software running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other, after having passed through an application that effectively masks the origin of the initiating connection, Chris Partsenidis says.
Proxies  Proxy firewalls offer more security than other types of firewalls, but this is at the expense of speed and functionality, as they can limit which applications your network can support.In Proxy firewall traffic does not flow through a proxy. Instead, computers establish a connection to the proxy, which serves as an intermediary, and initiate a new network connection on behalf of the request. This prevents direct connections between systems on either side of the firewall and makes it harder for an attacker to discover where the network is, because they will never receive packets created directly by their target system.
Network address translation  Firewalls often have network address translation {NAT} functionality, and the hosts protected behind a firewall commonly have addresses in the "private address range“. Firewalls often have such functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance
Problems of CIA Triad  Although the CIA triad is a fundamental model for information security, it also focuses on a limited view of IT security that is centered on information. While the priority is to protect the information and ensure that data resources are available, the CIA model does not address prevention of an unauthorized person from using the system’s hardware resources.
Another issue is the information security professionals will concentrate on the “confidentiality” part of the triad, essentially ignoring the other components of a balanced security approach. For instance, when the “accessibility” component of the triad is neglected, this could mean severe disruptions to communications, costing millions and significantly impacting an industry. Thus, it is necessary for security professionals to contribute skills and knowledge during the purchasing and selection process for an organization’s communications network.
Conclusion  This Presentation gives a glimpse about the security concerns for E-Commerce and requirement for a secure E- Commerce environment . It comprises of Security Triads I.e C.I.A (Confidentiality , Integrity, Availability). It also explains about Firewall and its various types. Network security issue and the problems faced in Network triads are also discussed.

Recommended

Network srcurity
Network srcurityNetwork srcurity
Network srcuritysheikhparvez4
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data securitySaranSwathi1
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security ExplainedHappiest Minds Technologies
 
Data security
Data securityData security
Data securityForeSolutions
 
Internet_Interanet_Extranet
Internet_Interanet_ExtranetInternet_Interanet_Extranet
Internet_Interanet_Extranetvikashchauhan908
 
HIPAA
HIPAAHIPAA
HIPAADruce MacFarlane
 
Data security
Data securityData security
Data securityAbdulBasit938
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 

Recommended

Network srcurity
Network srcurityNetwork srcurity
Network srcuritysheikhparvez4
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data securitySaranSwathi1
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security ExplainedHappiest Minds Technologies
 
Data security
Data securityData security
Data securityForeSolutions
 
Internet_Interanet_Extranet
Internet_Interanet_ExtranetInternet_Interanet_Extranet
Internet_Interanet_Extranetvikashchauhan908
 
HIPAA
HIPAAHIPAA
HIPAADruce MacFarlane
 
Data security
Data securityData security
Data securityAbdulBasit938
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 
Data Security
Data SecurityData Security
Data SecurityMark Waltzer
 
Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With ITNainil Chheda
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
Umer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Securitymanoharparakh
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general attSHIVA101531
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiSHIVA101531
 
GTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteGTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteVCW Security Ltd
 
Practice case legal for data professional
Practice case legal for data professionalPractice case legal for data professional
Practice case legal for data professionalNovita Sari
 
Network security
Network securityNetwork security
Network securityROBERT S
 
HIPAA_CheatSheet
HIPAA_CheatSheetHIPAA_CheatSheet
HIPAA_CheatSheetDerrick McBreairty
 
1784 1788
1784 17881784 1788
1784 1788Editor IJARCET
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9ScottBreadmore
 
Een praktische aanpak naar GDPR met Microsoft 365
Een praktische aanpak naar GDPR met Microsoft 365Een praktische aanpak naar GDPR met Microsoft 365
Een praktische aanpak naar GDPR met Microsoft 365Marketing Team
 
Simple cloud security explanation
Simple cloud security explanationSimple cloud security explanation
Simple cloud security explanationindianadvisory
 
Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10ismaelhaider
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Awingu deck for eurosys gdpr march 2018
Awingu deck for eurosys gdpr march 2018Awingu deck for eurosys gdpr march 2018
Awingu deck for eurosys gdpr march 2018Marketing Team
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
Firewall
FirewallFirewall
Firewallsyeda zoya mehdi
 

More Related Content

What's hot

Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With ITNainil Chheda
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
Umer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Securitymanoharparakh
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general attSHIVA101531
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiSHIVA101531
 
GTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteGTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteVCW Security Ltd
 
Practice case legal for data professional
Practice case legal for data professionalPractice case legal for data professional
Practice case legal for data professionalNovita Sari
 
Network security
Network securityNetwork security
Network securityROBERT S
 
Een praktische aanpak naar GDPR met Microsoft 365
Een praktische aanpak naar GDPR met Microsoft 365Een praktische aanpak naar GDPR met Microsoft 365
Een praktische aanpak naar GDPR met Microsoft 365Marketing Team
 
Simple cloud security explanation
Simple cloud security explanationSimple cloud security explanation
Simple cloud security explanationindianadvisory
 
Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10ismaelhaider
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Awingu deck for eurosys gdpr march 2018
Awingu deck for eurosys gdpr march 2018Awingu deck for eurosys gdpr march 2018
Awingu deck for eurosys gdpr march 2018Marketing Team
 

What's hot (20)

Data Security
Data SecurityData Security
Data Security
 
Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With IT
 
Security and management
Security and managementSecurity and management
Security and management
 
Umer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid Thesis Abstract
Umer Khalid Thesis Abstract
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Security
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general att
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resi
 
GTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteGTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security Suite
 
Practice case legal for data professional
Practice case legal for data professionalPractice case legal for data professional
Practice case legal for data professional
 
Network security
Network securityNetwork security
Network security
 
HIPAA_CheatSheet
HIPAA_CheatSheetHIPAA_CheatSheet
HIPAA_CheatSheet
 
1784 1788
1784 17881784 1788
1784 1788
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
 
Een praktische aanpak naar GDPR met Microsoft 365
Een praktische aanpak naar GDPR met Microsoft 365Een praktische aanpak naar GDPR met Microsoft 365
Een praktische aanpak naar GDPR met Microsoft 365
 
Simple cloud security explanation
Simple cloud security explanationSimple cloud security explanation
Simple cloud security explanation
 
Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Awingu deck for eurosys gdpr march 2018
Awingu deck for eurosys gdpr march 2018Awingu deck for eurosys gdpr march 2018
Awingu deck for eurosys gdpr march 2018
 

Similar to Web security

unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhyasandeepsandy75
 
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docxvickeryr87
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewallsSapna Kumari
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)Amare Kassa
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfaquazac
 
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxTypes of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxwillcoxjanay
 

Similar to Web security (20)

unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptx
 
Firewall
FirewallFirewall
Firewall
 
ANS_Ch_04_Handouts.pdf
ANS_Ch_04_Handouts.pdfANS_Ch_04_Handouts.pdf
ANS_Ch_04_Handouts.pdf
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhya
 
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
 
How Does a Firewall Protect Against Hackers?
How Does a Firewall Protect Against Hackers?How Does a Firewall Protect Against Hackers?
How Does a Firewall Protect Against Hackers?
 
Sapna ppt
Sapna pptSapna ppt
Sapna ppt
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
Firewall
Firewall Firewall
Firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewalls
 
Network security
Network securityNetwork security
Network security
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
network security.pdf
network security.pdfnetwork security.pdf
network security.pdf
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdf
 
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxTypes of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
 

Recently uploaded

BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Unlocking the Mystery of the Voynich Manuscript
Unlocking the Mystery of the Voynich ManuscriptUnlocking the Mystery of the Voynich Manuscript
Unlocking the Mystery of the Voynich Manuscriptelizabethella096
 
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15SearchNorwich
 
The Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfThe Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfVWO
 
How to utilize calculated properties in your HubSpot setups
How to utilize calculated properties in your HubSpot setupsHow to utilize calculated properties in your HubSpot setups
How to utilize calculated properties in your HubSpot setupsssuser4571da
 
W.H.Bender Quote 61 -Influential restaurant and food service industry network...
W.H.Bender Quote 61 -Influential restaurant and food service industry network...W.H.Bender Quote 61 -Influential restaurant and food service industry network...
W.H.Bender Quote 61 -Influential restaurant and food service industry network...William (Bill) H. Bender, FCSI
 
Unraveling the Mystery of the Hinterkaifeck Murders.pptx
Unraveling the Mystery of the Hinterkaifeck Murders.pptxUnraveling the Mystery of the Hinterkaifeck Murders.pptx
Unraveling the Mystery of the Hinterkaifeck Murders.pptxelizabethella096
 
Unraveling the Mystery of The Circleville Letters.pptx
Unraveling the Mystery of The Circleville Letters.pptxUnraveling the Mystery of The Circleville Letters.pptx
Unraveling the Mystery of The Circleville Letters.pptxelizabethella096
 
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Kraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentationKraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentationtbatkhuu1
 
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptxDigital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptxZACGaming
 
The+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdfThe+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdfSocial Samosa
 
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756dollysharma2066
 

Recently uploaded (20)

BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
 
Unlocking the Mystery of the Voynich Manuscript
Unlocking the Mystery of the Voynich ManuscriptUnlocking the Mystery of the Voynich Manuscript
Unlocking the Mystery of the Voynich Manuscript
 
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
 
The Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfThe Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdf
 
How to utilize calculated properties in your HubSpot setups
How to utilize calculated properties in your HubSpot setupsHow to utilize calculated properties in your HubSpot setups
How to utilize calculated properties in your HubSpot setups
 
W.H.Bender Quote 61 -Influential restaurant and food service industry network...
W.H.Bender Quote 61 -Influential restaurant and food service industry network...W.H.Bender Quote 61 -Influential restaurant and food service industry network...
W.H.Bender Quote 61 -Influential restaurant and food service industry network...
 
Unraveling the Mystery of the Hinterkaifeck Murders.pptx
Unraveling the Mystery of the Hinterkaifeck Murders.pptxUnraveling the Mystery of the Hinterkaifeck Murders.pptx
Unraveling the Mystery of the Hinterkaifeck Murders.pptx
 
Pillar-Based Marketing Master Class - Ryan Brock
Pillar-Based Marketing Master Class - Ryan BrockPillar-Based Marketing Master Class - Ryan Brock
Pillar-Based Marketing Master Class - Ryan Brock
 
Unraveling the Mystery of The Circleville Letters.pptx
Unraveling the Mystery of The Circleville Letters.pptxUnraveling the Mystery of The Circleville Letters.pptx
Unraveling the Mystery of The Circleville Letters.pptx
 
The 100x Factor Growth with AI - Susan Diaz
The 100x Factor Growth with AI - Susan DiazThe 100x Factor Growth with AI - Susan Diaz
The 100x Factor Growth with AI - Susan Diaz
 
How to Create a Social Media Plan Like a Pro - Jordan Scheltgen
How to Create a Social Media Plan Like a Pro - Jordan ScheltgenHow to Create a Social Media Plan Like a Pro - Jordan Scheltgen
How to Create a Social Media Plan Like a Pro - Jordan Scheltgen
 
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 128 Noida Escorts >༒8448380779 Escort Service
 
Kraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentationKraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentation
 
SEO for Revenue, Grow Your Business, Not Just Your Rankings - Dale Bertrand
SEO for Revenue, Grow Your Business, Not Just Your Rankings - Dale BertrandSEO for Revenue, Grow Your Business, Not Just Your Rankings - Dale Bertrand
SEO for Revenue, Grow Your Business, Not Just Your Rankings - Dale Bertrand
 
Generative AI Content Creation - Andrew Jenkins
Generative AI Content Creation - Andrew JenkinsGenerative AI Content Creation - Andrew Jenkins
Generative AI Content Creation - Andrew Jenkins
 
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptxDigital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptx
 
The+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdfThe+State+of+Careers+In+Retention+Marketing-2.pdf
The+State+of+Careers+In+Retention+Marketing-2.pdf
 
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu.Ka.Tilla Delhi Contact Us 8377877756
 
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel LeminTurn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
 
The Future of Brands on LinkedIn - Alison Kaltman
The Future of Brands on LinkedIn - Alison KaltmanThe Future of Brands on LinkedIn - Alison Kaltman
The Future of Brands on LinkedIn - Alison Kaltman
 

Web security

  • 1. WEB SECURITY HIMANSHU TYAGI VIJETA GANDHI JASPREET SINGH
  • 2. REQUIRMENT FOR SECURE E-COMMERCE  Intellectual property threats  Client computer threats  Communication channel threats  Server threats
  • 4. Confidentiality  Ensures that data or an information system is accessed by only an authorized person. User Id’s and passwords, access control lists (ACL) and policy based security are some of the methods through which confidentiality is achieved
  • 5. Integrity  Integrity assures that the data or information system can be trusted. Ensures that it is edited by only authorized persons and remains in its original state when at rest. Data encryption and hashing algorithms are key processes in providing integrity
  • 6. Availability  Data and information systems are available when required. Hardware maintenance, software patching/upgrading and network optimization ensures availability
  • 7. NETWORK SECURITY  Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals.
  • 8. FIREWALLS  A firewall is a hardware or software system that prevents unauthorized access to or from a network. They can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All data entering or leaving the Intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria. Types of firewall:-  Network layer or packet filters  Application-layer  Proxies  Network address translation
  • 9. Network layer or packet filters  Network layer firewalls generally make their decisions based on the source address, destination address and ports in individual IP packets. A simple router is the traditional network layer firewall, since it is not able to make particularly complicated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly more sophisticated, and now maintain internal information about the state of connections passing through them at any time.
  • 10. Application-layer  Application layer firewalls defined, are hosts running proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. Since proxy applications are simply software running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other, after having passed through an application that effectively masks the origin of the initiating connection, Chris Partsenidis says.
  • 11. Proxies  Proxy firewalls offer more security than other types of firewalls, but this is at the expense of speed and functionality, as they can limit which applications your network can support.In Proxy firewall traffic does not flow through a proxy. Instead, computers establish a connection to the proxy, which serves as an intermediary, and initiate a new network connection on behalf of the request. This prevents direct connections between systems on either side of the firewall and makes it harder for an attacker to discover where the network is, because they will never receive packets created directly by their target system.
  • 12. Network address translation  Firewalls often have network address translation {NAT} functionality, and the hosts protected behind a firewall commonly have addresses in the "private address range“. Firewalls often have such functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance
  • 13. Problems of CIA Triad  Although the CIA triad is a fundamental model for information security, it also focuses on a limited view of IT security that is centered on information. While the priority is to protect the information and ensure that data resources are available, the CIA model does not address prevention of an unauthorized person from using the system’s hardware resources.
  • 14. Another issue is the information security professionals will concentrate on the “confidentiality” part of the triad, essentially ignoring the other components of a balanced security approach. For instance, when the “accessibility” component of the triad is neglected, this could mean severe disruptions to communications, costing millions and significantly impacting an industry. Thus, it is necessary for security professionals to contribute skills and knowledge during the purchasing and selection process for an organization’s communications network.
  • 15. Conclusion  This Presentation gives a glimpse about the security concerns for E-Commerce and requirement for a secure E- Commerce environment . It comprises of Security Triads I.e C.I.A (Confidentiality , Integrity, Availability). It also explains about Firewall and its various types. Network security issue and the problems faced in Network triads are also discussed.