DispersedNet Root Glossary
This page contains the links to the glossaries that exist at DispersedNet.com
Security and IT
Security is the most crucial aspect of information and communication technology. As applications
deployed over the internet are prone to attacks from all over the world, securing web applications has become a major
concern of developers. This paper presents an overview of different security techniques and mechanisms available for
securing web applications. These techniques are classified with respect to the security trait they incorporate. This paper
also includes an organized approach which can be adapted along with the development lifecycle of a web application to
incorporate security mechanisms into the system.
Internet is the most efficient way of distributing products and services globally. Thus, businesses are moving over the
internet and web applications are being developed for providing the client-side interface.
However, the global accessibility of the internet, makes web applications prone to attackers from all over the world.
Even if the server of an application is confined within the secure boundary of organizations,
the web application can be manipulated to penetrate into the server and ultimately the entire system can be compromised.
As assets of an organization decide its business value, protection of these assets is crucial.
The goal of attackers is to get hold of these assets or hamper their use when required.
Thus, a thorough analysis and proper selection of security techniques is necessarily required in order to protect the assets of the organization.
An effective security model is designed under the assumption that attackers are completely aware of the physical and logical structure of a system.
They have complete knowledge of all the cryptographic algorithms and are aware of all the vulnerabilities. The idea behind this assumption is: if an attacker with complete system knowledge cannot get into the system, an attacker without knowledge cannot. The goal of a security model should be to protect the
system against such attackers.