DispersedNet Root Glossary

This page contains the links to the glossaries that exist at DispersedNet.com

Active Directory Administration Unix Concepts Glossary Advanced Unix Shell Programming Unix-Shell Scripts
DHCP TCP/IP Glossary Installing Windows Internet Proxy Server Linux Network Admin
Unix Network Admin Unix System Admin Network Security Glossary  
Configure Linux Components Redhat Linux Admin Redhat System Admin  

Security and IT

Security is the most crucial aspect of information and communication technology. As applications deployed over the internet are prone to attacks from all over the world, securing web applications has become a major concern of developers. This paper presents an overview of different security techniques and mechanisms available for securing web applications. These techniques are classified with respect to the security trait they incorporate. This paper also includes an organized approach which can be adapted along with the development lifecycle of a web application to incorporate security mechanisms into the system.

Internet Applications

Internet is the most efficient way of distributing products and services globally. Thus, businesses are moving over the internet and web applications are being developed for providing the client-side interface. However, the global accessibility of the internet, makes web applications prone to attackers from all over the world. Even if the server of an application is confined within the secure boundary of organizations, the web application can be manipulated to penetrate into the server and ultimately the entire system can be compromised.
As assets of an organization decide its business value, protection of these assets is crucial. The goal of attackers is to get hold of these assets or hamper their use when required. Thus, a thorough analysis and proper selection of security techniques is necessarily required in order to protect the assets of the organization.
An effective security model is designed under the assumption that attackers are completely aware of the physical and logical structure of a system. They have complete knowledge of all the cryptographic algorithms and are aware of all the vulnerabilities. The idea behind this assumption is: if an attacker with complete system knowledge cannot get into the system, an attacker without knowledge cannot. The goal of a security model should be to protect the system against such attackers.