Scribd
Upload
19 views

Group 8 Ism&csn

The document summarizes key aspects of web and e-commerce security. It discusses branches of web security such as network security, application security, security testing, and authentication/authorization. It also outlines branches of e-commerce security including secure payment gateways, data encryption, and privacy protection. Additionally, it provides overviews of Secure Sockets Layer (SSL), Pretty Good Privacy (PGP), and Public Key Infrastructure (PKI) in relation to secure data transmission and authentication.

Uploaded by

makangara22
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
19 views

Group 8 Ism&csn

The document summarizes key aspects of web and e-commerce security. It discusses branches of web security such as network security, application security, security testing, and authentication/authorization. It also outlines branches of e-commerce security including secure payment gateways, data encryption, and privacy protection. Additionally, it provides overviews of Secure Sockets Layer (SSL), Pretty Good Privacy (PGP), and Public Key Infrastructure (PKI) in relation to secure data transmission and authentication.

Uploaded by

makangara22
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 10

ARDHI UNIVERSITY

SCHOOL OF EARTH SCIENCE, REAL ESTATE, BUSINESS STUDIES


AND INFORMATICS
DEPARTMENT OF COMPUTER SYSTEM AND MATHEMATICS
BSC. INFORMATION SYSTEM AND MANAGEMENT
IS251 INFORMATION SYSTEM SECURITY
ASSIGNMENT 1
YEAR 2022/23
GROUP 8 MEMBERS
S/N NAME REGISTRATION NUMBER
1 EUNICE P. NGOYAI 26955/T.2021
2 WILLIAM E. KAVUMO 27021/T.2021
3 SHARON R. MATASO 27013/T.2021
4 MALCOLM R. MALIPULA 26985/T.2021
5 HERIETH P. MWALUKASA 27823/T.2021
6 RAYMOND DICKSON 27002/T.2021
7 ABDUZIAD HAWADHI 27717/T.2021
8 MAGOTI CHARLES 27772/T.2021
9 LILIAN MAKULU 27919/T.2021
10 HANIFA ABDALLAH 27750/T.2021
11 COLLIN MINJA 26373/T.2021
12 MARTIN EDGAR 27774/T.2021
13 FREDRICK YUSTINE 26958/T.2021
WEB SECURITY

Web Security: Refers to the protection of websites and web applications from
various threats and vulnerabilities.
Web security is crucial because websites and web applications are exposed to
numerous risks, including unauthorized access, data branches, identity theft,
malware infections and denial of services attacks.
BRANCHES OF WEB SECURITY
1. Network Security. Involves securing the communication channels between
web servers and clients by preventing unauthorized access, eavesdropping
and tampering of data during transmission.
2. Application Security. Focuses on protecting from vulnerabilities and
attacks by securing coding practices, input validation, output encoding and
proper handling of user input to prevent common attacks.
3. Security Testing. Involves assessing the security of web system by
identifying vulnerabilities and weakness. Includes penetration testing,
vulnerability scanning and security code reviews.
BRANCHES OF WEB SECURITY
4. Security incident response. Deals with responding to and managing
security incidents effectively. Includes incident detection, containment,
eradication and recovery.
5. Authentication and authorization. Branch deals with verifying the identity
of users and determining their access privileges involving implementing
strong authentication mechanism such as password, multifactor
authentication and biometrics.
E-COMMERCE SECURITY
E-COMMERCE SECURITY: Refers to the protection of online transactions
and the secure exchange of information during electronic commerce activities.
E-commerce focuses on safeguarding sensitive data such as customer payment
information, personal details and transaction records to prevent unauthorized
access, fraud and data breaches.
BRANCHES OF E-COMMERCE SECURITY

1. Secure Payment Gateways. Payment Gateways are third-party services that


handle the processing of online payments, they encrypt payment
information, verify authenticity of transactions and secure transmit data.
2. Data Encryption. Encryption is the process of converting data into a secure,
unreadable format to protect it from unauthorized access. E-commerce
platforms employ encryption techniques to secure sensitive information
including credit cards, password and personal data.
3. Privacy Protection. Involves safeguarding customers personal information
and ensuring compliance with privacy regulations such as the general data
protection regulation.
SECURE SOCKETS LAYER (SSL)

Secure Sockets Layer (SSL) is a cryptographic protocol that provides secure


communication over the internet. It establishes an encrypted connection
between a web server and a client browser ensuring data transmission.
SSL works with its successor Transport Layer Security (TLS) to provide
encryption and integrity for data transmission between a client such as, a web
browser and a server such as a website.
PRETTY GOOD PRIVACY (PGP)
Pretty Good Privacy (PGP). Is a form of cryptographic software
program that deals with the encryption and decryption of data as
well as authentication and integrity checking, which uses a
combination of symmetric and asymmetric encryption for securing
messages and files.
It is commonly used for securing email communication and file
transfers.
PUBLIC KEY INFRASTRUCTURE (PKI)
Public Key Infrastructure (PKI). Is a system which enables the secure
management and distribution of digital certificates. PKI also use asymmetric
encryption, where each user has a pair of cryptographic keys: a private key
kept secret while a corresponding public key shared with others. Digital
certificates, issued by trusted Certificate Authorities (CAs), bind the user's
identity to their public key, providing a means of verifying authenticity and
establishing secure communication.

You might also like