Scribd Logo
Upload

Welcome to Scribd!

  • Web and Email Security Session 1 PDF

    Uploaded by

    Darmoni Laishram
    25 views12 pages

    Original Title

    Web and Email Security Session 1.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views12 pages

    Web and Email Security Session 1 PDF

    Uploaded by

    Darmoni Laishram

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Web and Email

    Security
    For BCA – 6th Semester
    Session 1
    Course Outline

     1st Day Web Browser, Web Server, HTTP, HTTPS, SSL

     2nd Day Cookies, Caching, Plug-in, Active X and SET

     3rd Day Email, Email Protocols (SMTP, POP3, ICMP), Spam

     4th Day PGP (Pretty Good Privacy), S/MIME

    (Secure/Multipurpose Internet Mail Extensions)


    Web Browser
    • Web Browser is an application software that allows Browser Vendor
    us to view and explore information on the web. Internet Explorer Microsoft
    User can request for any web page by just entering Google Chrome Google
    a URL into address bar. Mozilla Firefox Mozilla
    • Web browser can show text, audio, video, Netscape Netscape
    animation and more. It is the responsibility of a web Navigator Communications Corp.
    browser to interpret text and commands contained Opera Opera Software
    in the web page. Safari Apple

    3
    Web Server
    • Web server is a computer where the
    web content is stored. Basically web
    server is used to host the web sites
    but there exists other web servers
    also such as gaming, storage, FTP,
    email etc..

    Key Points
    • When client sends request for a web page, the web server search for the requested page if requested page is found then it will
    send it to client with an HTTP response.
    • If the requested web page is not found, web server will the send an HTTP response: Error 404 Not found.
    • If client has requested for some other resources then the web server will contact to the application server and data store to
    construct the HTTP response.
    4
    Web Browser Vs Web Server
    Sl No Key Web Browser Web Server
    Purpose Web Browser is a software which is used to Web server is a software which provides these
    1
    browse and display pages available over internet. documents when requested by web browsers.
    Process A web browser sends request to server for web Web server sees and approves those requests made
    2 based documents and services. by web browsers and sends the document in
    response.
    Process Web browser sends an HTTP Request and gets a Web server receives HTTP Request and sends a
    3
    HTTP Response. HTTP Response.
    Processing Web browser has no processing model. Web server follows three major processing models:
    4
    Model process based, thread based or hybrid.
    Data Web browsers stores user data in cookies in local Web server provide an area to store the website.
    5
    Storage machine.
    Installation Web Browser is installed on user's machine. Web server can be installed any where but it need
    6
    to be on a network or on local computer.
    7 Example Google Chrome Apache Server
    5
    Hyper Text Transfer Protocol(HTTP)
    • HTTP is a TCP/IP based communication protocol, that
    is used to deliver data (HTML files, image files, query
    results, etc.) on the World Wide Web.
    • The default port is TCP 80, but other ports can be
    used as well. It provides a standardized way for
    computers to communicate with each other.
    • HTTP specification specifies how clients' request data
    will be constructed and sent to the server, and how the
    servers respond to these requests.

    Basic Features
    There are three basic features that make HTTP a simple but powerful protocol:
    • HTTP is connectionless: The HTTP client, i.e., a browser initiates an HTTP request and after a request is made, the client waits
    for the response. The server processes the request and sends a response back after which client disconnect the connection.
    • HTTP is media independent: It means, any type of data can be sent by HTTP as long as both the client and the server know how
    to handle the data content.
    • HTTP is stateless: The server and client are aware of each other only during a current request. Afterwards, both of them forget
    about each other.
    6
    Hyper Text Transfer Protocol(HTTP)
    Whenever you issue a URL from your browser to get a web resource using HTTP, e.g. http://www.nowhere123.com/index.html,
    the browser turns the URL into a request message and sends it to the HTTP server. The HTTP server interprets the request
    message, and returns you an appropriate response message, which is either the resource you requested or an error message.
    This process is illustrated below:

    7
    Hyper Text Transfer Protocol Secured (HTTPS)
    • HTTPS stands for Hyper Text Transfer Protocol Secure. It is a protocol for securing the communication between
    two systems e.g. the browser and the web server.

    As you can see in the above figure, http transfers data between the browser and the web server in the hypertext
    format, whereas https transfers data in the encrypted format. Thus, https prevents hackers from reading and
    modifying the data during the transfer between the browser and the web server.
    HTTPS established an encrypted link between the browser and the web server using the Secure Socket Layer
    (SSL) or Transport Layer Security (TLS) protocols. TLS is the new version of SSL.

    8
    Advantages of HTTPS
    • Secure Communication: https makes a secure connection by establishing an encrypted link between the
    browser and the server or any two systems.
    • Data Integrity: https provides data integrity by encrypting the data and so, even if hackers manage to trap the
    data, they cannot read or modify it.
    • Privacy and Security: https protects the privacy and security of website users by preventing hackers to
    passively listen to communication between the browser and the server.
    • Faster Performance: https increases the speed of data transfer compared to http by encrypting and reducing
    the size of the data.
    • SEO: Use of https increases SEO ranking. In Google Chrome, Google shows the Not Secure label in the
    browser if users' data is collected over http.
    • Future: https represents the future of the web by making internet safe for users and website owners.

    9
    HTTP vs HTTPS

    http https

    Transfers data in hypertext (structured text) format Transfers data in encrypted format

    Uses port 80 by default Uses port 443 by default

    Not secure Secured using SSL technology

    Starts with http:// Starts with https://

    10
    Secure Socket Layer (SSL)
    • SSL is the standard security technology for establishing an encrypted link between the two
    systems.
    • These can be browser to server, server to server or client to server. Basically, SSL ensures
    that the data transfer between the two systems remains encrypted and private.
    • The https is essentially http over SSL. SSL establishes an encrypted link using an SSL
    certificate which is also known as a digital certificate.

    11

    You might also like