Intro To Information Security
Why Web Security ?
we worry about security when we have something of value and there is risk . It could be harmed
Individuals store a lot of sensitive data online. If stolen , criminals can profit from it.
Societies rely on internet bad person could profit by controlling it.
Business and Government information is often stored on the internet unauthorized access could be economically or politically disasterous.
Security Mindset ?
Threats, Vulnerabilities And Attacks :
Threat source: who want to do harmto us, in our online lines. Examples cybercriminals, hacktivists, nation-states.
Cybercriminals: who want to profit from our sensitive data for financial gain.
Hacktivists: Activists who do not like something you are or something you do.
Nation-states: Countries do it for political advantages.
Vulnerabilities And Attacks :
Threat actors exploit vulnerabilities to launch attacks. Example: weak password.
Vulnerabilites can be found in software, networks, and humans.
A real world example::
What is of valve ? → credit card data.
What is the threat source ? → cyber criminals.
What vulnerability was exploited ? → obtained credentials through phishing message to outside contractor company working with target
What should we do in Cyber Security ?
Makes threats go away.
Reduce vulnerabilites.
Strive to meet security requirements of sesitive information such as Confidentiality, Integrity, Availability.
Confidentiality: you want to stop and prevent disclosure. It could be seen but can only be seen by those who are authorized to see it.
Integrity: No one should be able to corrupt it. only authorized people should be able to write it or modify it.
Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed.
Web Security
How to web work ?
The web browser and web serever communicate using the hyper text markup language(http). The browser requests documents through the URL. The server responds with documents in http which can include not just the text, but also graphics, video, audio, postscript, javascripts etc. The browser display HTML documents and embeded graphics. It can run java script and other helper applications.
cookies:: A cookies is created by the web server when the user first logs in to the site. It contain not only user identity information but also security information. such as access expiration time and if SSL is required.
Web security ::
Web page contains both static and dynamic contents. Webpage offen runs dynanic contents such as scripts from websits.
Why we need web security?
In some cases browser can authenticate the websites, but in many cases authentication is not required, but even if a website is authenticated the contents that it sends may not be trustworthy because the website may have security vulnerabilites that allow attackers to inject malicious contents that get passed to the browser.
The websites contents are links to other websites which may also have security vulnerabilites.
On the server side a websites runs applications. These web application like any software may have security vulnerabilites.
When browser is compromised, the rest of the computer is not secure because if a browser is compromised, It can lead to malware installation on the computer.
Web server can be compromised because of exploits on web applications. Example- credit card information can be stolen from the backend servers.
Several attacks on web::
Cross-Site Scripting (XSS) attacks
XSS are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.
An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.
Cross-site request forgery attack(XSRF)
A browser runs a script from a good site and a malicious script from a bad site. This can happen when the user has looged in to the good site and keeps the session alive. For example , the usre has logged in to Gmail and has not logged off. Meanwhile the user maybe browsing other sites include the bad site that send malicious script to the browser. The malicious script can then forge a request to the good site using the users cookie. The good site does not know that the request was not sent by the user.
