Web Browser Security - Introduction to Computer Security - Lecture Slides, Slides of Computer Security

The major points which are very useful in understanding the concept of the computer security are:Web Browser Security, Human Usage, Static Web Pages, Current, Interactive Web Pages, Web Services, Semantic Web, Xml Technology, Semantic Web Services, Future

Typology: Slides

2012/2013

Uploaded on 04/22/2013

satheesh
satheesh 🇮🇳

4.5

(11)

85 documents

1 / 12

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Web Browser Security
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Web Browser Security - Introduction to Computer Security - Lecture Slides and more Slides Computer Security in PDF only on Docsity!

Web Browser Security

Web Evolution

2

 Past: Human usage

– HTTP
  • Static Web pages (HTML)

 Current: Human and some automated usage

  • Interactive Web pages
  • Web Services (WSDL, SOAP, SAML)
  • Semantic Web (RDF, OWL, RuleML, Web databases)
  • XML technology (data exchange, data representation)

 Future: Semantic Web Services

Information Assurance

Inference Control

Privacy

Security (^) Trust

Applications

Policy making Formal models

Protocol Analysis^ Negotiation

Anonymity

Access control

Semantic web security

Encryption

Information hiding

Data mining (^) Computer epidemic

Data provenance

Fraud

Biometrics

Internet Attacks

  • Download browser code
  • Privacy attack
  • Web site attack during surfing
  • Email

JavaScript

  • Not for standalone applications -- Resides

inside HTML documents

  • Interpreted into machine understandable

code

  • Can be downloaded automatically
    • Cannot read, write, create, delete, or list files
    • Has no networking capabilities
    • Can: capture and send user information

Java

  • Complete programming language –

standalone applications

  • Java applets: downloaded with HTML
  • Can perform processing
    • May harm computer
  • Defense: sandbox
  • Signed vs. unsigned Java applets

Privacy Attacks

  • Cookies: Web site to track whether a user has

previously visited the site

  • User specific information, stored on the user’s computer
  • First-party cookie vs. third-party cookie
  • Can reveal browsing habits of the individuals
  • Adware: delivers unsolicitated advertising

content

  • Pop-up windows

Attacks while surfing

  • Safe surfing? Passive surfing?
  • Redirecting web traffic:
    • Typing mistakes
    • Attacker: registering “wrong” URLs
  • Drive-by downloads
    • Use scripting to download malicious content
    • Spreading at an alarming rate