Application security is the use of software, hardware, and procedural methods to protect applications from external threats. Security measures built into applications and a sound application security routine minimize the likelihood that hackers will be able to manipulate applications and access, steal, modify, or delete sensitive data. Once an afterthought in software design, security is becoming an increasingly important concern during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats.
Actions taken to ensure application security are sometimes called countermeasures. The most basic software countermeasure is an application firewall that limits the execution of files or the handling of data by specific installed programs. The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other countermeasures include conventional firewalls, encryption/decryption programs, anti-virus programs, spyware detection/removal programs, and biometric authentication systems.
Electronic mail
Electronic mail security is the type of security that is used to protect all the incoming personal mail from being accessed by unauthorized individuals. The use of this electronic mail security is a mandatory application for major companies and corporations so that they may secure their business from intruders obtaining their information sent through electronic mail.
Electronic mail has greatly improved whereby it is not only used in the sending of text messages, but also in the transfer of spreadsheets and documents. The more one uses the electronic emails the more the data transfer sensitivity increases. The data integrity is however, rarely questioned, which is a problem that may allow easy access of information between rival companies. The intrusion may also cause the falsification or modification of messages.
Security in email
- SMIME
- PGP
SMIME
S/MIME (Secure Multi-Purpose Internet Mail Extensions) - Short for Secure/MIME, a version of the MIME protocol that based on RSA's public-key encryption technology. It is a secure method of sending e-mail that uses the Rivest-Shamir-Adleman encryption system. S/MIME is included in the latest versions of the Web browsers from Microsoft and Netscape and has also been endorsed by other vendors that make messaging products. RSA has proposed S/MIME as a standard to the Internet Engineering Task Force (IETF). An alternative to S/MIME is PGP/MIME, which has also been proposed as a standard.
MIME itself, described in the IETF standard called Request for Comments 1521, spells out how an electronic message will be organized. S/MIME describes how encryption information and a digital certificate can be included as part of the message body. S/MIME follows the syntax provided in the Public-Key Cryptography Standard format #7.
PGP
PGP (Pretty good Privacy) is the most widely recognized public key encryption program in the world. It can be used to protect the privacy of email, data files, drives and instant messaging.
PGP is powerful, free cryptography package that lets people exchange files in a private, encrypted format, and also provides message authentication. PGP is called a public key system. Each person using PGP has both a public and a private key. Each key is actually a digital signature (a small file with a stream of uniquely generated characters). The public key is widely distributed to any correspondents, while the private key is guarded with secrecy.
Security in Web
- SSL
- SSH
- SET
- HTTPS
- SFTP
SSL
Short for Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:.SSH
Ssh (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over unsecure channels. It is intended as a replacement for rlogin, rsh, and rcp.Additionally, ssh provides secure X connections and secure forwarding of arbitrary TCP connections.
SET
Visa and MasterCard have jointly developed the Secure Electronic Transaction (SET) protocol as a method for secure, cost effective bankcard transactions over open networks. SET includes protocols for purchasing goods and services electronically, requesting authorization of payment, and requesting ``credentials'' (that is, certificates) binding public keys to identities, among other services. Once SET is fully adopted, the necessary confidence in secure electronic transactions will be in place, allowing merchants and customers to partake in electronic commerce.HTTPS
HTTPS is a technical acronym that stands for hypertext transfer protocol secure. As the name implies, it is the secure and safe version of the usual http (stands for 'hyper text transfer protocol'). In HTTPS, transferring of data is facilitated in a more secure manner to avoid discrepancies and unnecessary interference and interceptions from unwanted and unscrupulous parties. That is why HTTPS is basically ideal for ecommerce transactions, specifically online banking dealings.SFTP
SFTP, or secure FTP, is a program that uses SSH to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing passwords and sensitive information from being transmitted in the clear over the network. It is functionally similar to FTP, but because it uses a different protocol, you can't use a standard FTP client to talk to an SFTP server, nor can you connect to an FTP server with a client that supports only SFTP."sftp is an interactive file transfer program, similar to ftp, which performs all operations over an encrypted ssh transport".
0 comments:
Post a Comment