Embed Size (px)
Citation preview
Security and Privacy In Web
Outline1. Introduction
2. Privacy In Web
3. Privacy Challenges
4. Security In Web
5. Security Principles
6. Security Challenges
7. Security Tips For Your Website
8. Privacy Vs. Security
9. Recent Trend
10. Security Hints
11. References
Introduction What is Privacy ?In General Privacy is the right to keep alone and be free from interference or intrusion.
What is Security ?In General Security is the level of protection from harm. It applies to any vulnerable and valuable asset, such as a person, departments, community, item, or organization.
1
Privacy In WebInformation privacy in web is the right to have some control over how your personal
information is collected and used by the websites during using internet.
What is Personal information and non-personal information in web ?
Many culture have different views for the privacy.
2
Privacy ChallengesSome of the popular website which is important and need to be used by the user that store the user information and behavior to get a lot of data such as “ Gmail “.
Mainstream social media only gives control over privacy settings to those who upload photos not those who are in them.
Children's use a mobile phones and records some videos and share them, some of these videos shows a private properties that should not be showed to anyone.
3
Security In WebWeb application security is the process of securing confidential data stored online from unauthorized access and modification.
This is accomplished by enforcing stringent policy measures.
Security threats can compromise the data stored by an organization is hackers with malicious intentions try to gain access to sensitive information.
4
Security Princeples Confidentiality: A security principle that keeps informationfrom being disclosed to any one not authorized to access it.
Integrity: A security principle that keeps information from being modified ( changed) or corrupted.
Availability: A security principle that ensures that ability ofa system to keep working efficiently and to keep information accessible.
5
Security ChallengesNon-validated input -- Attackers can use information not validated before used by a Web application to reach backend components.
Broken authentication and session management -- Account credentials and session tokens not properly protected, allowing attackers to compromise passwords, keys, session cooker or tokens, and assume the identities of other users.
Denial of Service (DoS): An action or series of actions that prevents asystem or any of its resources from functioning efficiently and reliably.
6
Security Tips For Your Website Keep software up to date
Error messages
Passwords
7
Privacy Vs Security Privacy focused on the policies that keep the personal information used and collected in appropriate way.
Security focused on protecting data from being stolen and from malicious attack that try to has unauthorized access to the data.
8
Recent Trend WhatsApp Application …
Note:End-to-end encryption means only the people who are communicating can read the messages.
9
How to keep Information Private And Secure ?Protecting your personal information can help reduce your risk of identity theft.
There are four main ways to do it:
Know who you share information with.
Store and dispose of your personal information securely.
Read the privacy policy before deciding to share your personal information.
Maintain appropriate security on your computers and other electronic devices.
10
Security Hints https://www.youtube.com/watch?v=ni9GCLkHrQE
11
Any Questions ?
References1. https://www.weforum.org/agenda/2015/09/what-is-the-biggest-challenge-to-online-privacy/
2. https://iapp.org/about/what-is-privacy
3. https://www.techopedia.com/definition/24377/web-application-security
4. http://www.creativebloq.com/web-design/website-security-tips-protect-your-site-7122853
5. https://en.wikipedia.org/wiki/End-to-end_encryption
6. https://www.consumer.ftc.gov/articles/0272-how-keep-your-personal-information-secure
7. http://www.scmagazine.com/top-10-security-challenges-for-2013/article/281519/
8. Computer Data Security & Privacy - Computer Security Principles - Instructor: Dr. Abdul Raouf Khan
