WWW Security: Introduction
















What is Security?
















System Security Issues
















Basic Authentification, Authorization Schemes
















Cryptographic Techniques
















Applications of Asymmetric Techniques
















Digital Certificates: whom can we trust?

Certification Authority (CA) Issues:

Digital Certificates

(The Above Information signed by CA)
















WWW With Cryptographic Techniques
















Secure-HTTP (Enterprise Integration Technologies)

[Application Level Security]

Protocol: shttp
Secure secretpage.html Secure-HTTP/1.1

Hyperlinks with Special Attributes:

CERTS Tags for Embedding Digital Certificates

Reference Implementation on NCSA Mosaic/httpd
















Secure Socket Layer (Netscape)

[Network Level Security]

URL Identifier: https://somehost/secretpage.html

Establishing Secure Communication thru SSL Handshake
















Comparing App-Level and Net-Level Approaches

Application Level Approaches: Network Level Approaches:
















Conclusion