Scribd Logo
Upload

Welcome to Scribd!

  • Group 8 Ism&csn

    Uploaded by

    makangara22
    5 views10 pages

    Original Title

    Group 8 ism&csn

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views10 pages

    Group 8 Ism&csn

    Uploaded by

    makangara22

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    ARDHI UNIVERSITY

    SCHOOL OF EARTH SCIENCE, REAL ESTATE, BUSINESS STUDIES


    AND INFORMATICS
    DEPARTMENT OF COMPUTER SYSTEM AND MATHEMATICS
    BSC. INFORMATION SYSTEM AND MANAGEMENT
    IS251 INFORMATION SYSTEM SECURITY
    ASSIGNMENT 1
    YEAR 2022/23
    GROUP 8 MEMBERS
    S/N NAME REGISTRATION NUMBER
    1 EUNICE P. NGOYAI 26955/T.2021
    2 WILLIAM E. KAVUMO 27021/T.2021
    3 SHARON R. MATASO 27013/T.2021
    4 MALCOLM R. MALIPULA 26985/T.2021
    5 HERIETH P. MWALUKASA 27823/T.2021
    6 RAYMOND DICKSON 27002/T.2021
    7 ABDUZIAD HAWADHI 27717/T.2021
    8 MAGOTI CHARLES 27772/T.2021
    9 LILIAN MAKULU 27919/T.2021
    10 HANIFA ABDALLAH 27750/T.2021
    11 COLLIN MINJA 26373/T.2021
    12 MARTIN EDGAR 27774/T.2021
    13 FREDRICK YUSTINE 26958/T.2021
    WEB SECURITY

    Web Security: Refers to the protection of websites and web applications from
    various threats and vulnerabilities.
    Web security is crucial because websites and web applications are exposed to
    numerous risks, including unauthorized access, data branches, identity theft,
    malware infections and denial of services attacks.
    BRANCHES OF WEB SECURITY
    1. Network Security. Involves securing the communication channels between
    web servers and clients by preventing unauthorized access, eavesdropping
    and tampering of data during transmission.
    2. Application Security. Focuses on protecting from vulnerabilities and
    attacks by securing coding practices, input validation, output encoding and
    proper handling of user input to prevent common attacks.
    3. Security Testing. Involves assessing the security of web system by
    identifying vulnerabilities and weakness. Includes penetration testing,
    vulnerability scanning and security code reviews.
    BRANCHES OF WEB SECURITY
    4. Security incident response. Deals with responding to and managing
    security incidents effectively. Includes incident detection, containment,
    eradication and recovery.
    5. Authentication and authorization. Branch deals with verifying the identity
    of users and determining their access privileges involving implementing
    strong authentication mechanism such as password, multifactor
    authentication and biometrics.
    E-COMMERCE SECURITY
    E-COMMERCE SECURITY: Refers to the protection of online transactions
    and the secure exchange of information during electronic commerce activities.
    E-commerce focuses on safeguarding sensitive data such as customer payment
    information, personal details and transaction records to prevent unauthorized
    access, fraud and data breaches.
    BRANCHES OF E-COMMERCE SECURITY

    1. Secure Payment Gateways. Payment Gateways are third-party services that


    handle the processing of online payments, they encrypt payment
    information, verify authenticity of transactions and secure transmit data.
    2. Data Encryption. Encryption is the process of converting data into a secure,
    unreadable format to protect it from unauthorized access. E-commerce
    platforms employ encryption techniques to secure sensitive information
    including credit cards, password and personal data.
    3. Privacy Protection. Involves safeguarding customers personal information
    and ensuring compliance with privacy regulations such as the general data
    protection regulation.
    SECURE SOCKETS LAYER (SSL)

    Secure Sockets Layer (SSL) is a cryptographic protocol that provides secure


    communication over the internet. It establishes an encrypted connection
    between a web server and a client browser ensuring data transmission.
    SSL works with its successor Transport Layer Security (TLS) to provide
    encryption and integrity for data transmission between a client such as, a web
    browser and a server such as a website.
    PRETTY GOOD PRIVACY (PGP)
    Pretty Good Privacy (PGP). Is a form of cryptographic software
    program that deals with the encryption and decryption of data as
    well as authentication and integrity checking, which uses a
    combination of symmetric and asymmetric encryption for securing
    messages and files.
    It is commonly used for securing email communication and file
    transfers.
    PUBLIC KEY INFRASTRUCTURE (PKI)
    Public Key Infrastructure (PKI). Is a system which enables the secure
    management and distribution of digital certificates. PKI also use asymmetric
    encryption, where each user has a pair of cryptographic keys: a private key
    kept secret while a corresponding public key shared with others. Digital
    certificates, issued by trusted Certificate Authorities (CAs), bind the user's
    identity to their public key, providing a means of verifying authenticity and
    establishing secure communication.

    You might also like