WWW Security: Introduction

What is Security?

System Security Issues

Basic Authentification, Authorization Schemes

Cryptographic Techniques

Applications of Asymmetric Techniques

Digital Certificates: whom can we trust?

Certification Authority (CA) Issues:

Digital Certificates

(The Above Information signed by CA)

WWW With Cryptographic Techniques

Secure-HTTP (Enterprise Integration Technologies)

[Application Level Security]

Protocol: shttp
Secure secretpage.html Secure-HTTP/1.1

Hyperlinks with Special Attributes:

CERTS Tags for Embedding Digital Certificates

Reference Implementation on NCSA Mosaic/httpd

Secure Socket Layer (Netscape)

[Network Level Security]

URL Identifier: https://somehost/secretpage.html

Establishing Secure Communication thru SSL Handshake

Comparing App-Level and Net-Level Approaches

Application Level Approaches: Network Level Approaches: