Website Security:- The most vital important fact of online retail company to ensure proper security. Without it total online system are destroyed as soon as possible. So it’s quiet important to ensure proper security. Some security options are discussion below.
The meaning of user authentication to identify the proper User and verifying that the users allowed to access some restricted service; for an example, a user must be identified as a particular student in order to get his or her grades/resource in bhuyan academy; must be identified a user as a member of the Columbia community in order to access the Oxford English Dictionary on-line; a user must be identified as a system administrator in order to access documents about web administration at bhuyan institute.
Generally a user identifying by user id and password.
The basic authentication access is a method which designed to allow a web browser, or other client program, to provide identification – in the form of a user name and password – when making a request. After successful combination of user name and password user are able to access the resource.
The meaning of ssl is secure socket layer which used for secure encrypting communication between users and e-commerce website to ensure data transaction security. In that way securing server to browser transactions. . SSL protocol encryption data to prevent eavesdropping and hampering of the transmitted data, and is used to secure information passed by a browser (such as a user credit card number or password) to a webserver (such as an online retail store).
data protection ensure by ssl when data submitted over the Internet from being intercepted and viewed by unintended recipients and as used by hundreds of thousands of websites in the protection of their online transactions with their customers, SSL is the effectively industry standard Internet transaction security technology.
Whenever a browser connects to a webserver (website) over https:// instead of http – this ensure that the communication will be encrypted and secure. The real complexities of the SSL protocol stay behind hidden to the end customer.
Web server need install an ssl certificate to create an ssl connection.
Certificate authorities maintain and provide ssl facility.
We can define firewall is a hardware or software system that used to prevents unauthorized access to or from a network.
Firewall can be implemented in both hardware and software, or a combination of both. Firewalls are most commonly used to prevent unauthorized Internet users from accessing private networks connected to the Internet.
In other hand, firewall is a set of combined programs, located at a network gateway server that protects the resources of a private network from users from other networks.
All data entering or leaving the Intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria.More sophisticated firewalls block traffic from the outside to the inside, but allow users on the inside to communicate a little more freely with the outside.
Mainly, a firewall, working closely with a router program. Firewall observes each network packet to determine whether to forward it toward its goal. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources.
There is a number of firewall monitoring methods. An easy one is to monitor requests to make sure that they come from acceptable (previously identified) domain name and Internet Protocol addresses. Firewall allows remote access in to the private network by the use of secure logon procedures and authentication certificates for mobile users.
Varies of companies make firewall products. Including logging and reporting Features, automatic alarms at given thresholds of attack, and a GUI (graphical user interface) for controlling the firewall. Its provide an significant logging and auditing function; often they provide summaries to the administrator about what type/volume of traffic has been processed through it
A term called firefighting, firewall concept borrow from this term. Computer security borrows this term from firefighting, where it originated. In firefighting, a firewall is an obstacle set up to prevent the spread of fire.
In short, firewall is a device (software or hardware) that configured to protect to access data against unauthenticated interactive logins from the outside network.
Kerberos is a network authentication protocol. Kerberos is designed to provide strong authentication in favor of client/server applications by using secret-key cryptography. Kerberos is available like other commercial products as well. Most of the protocols used in the Internet do not make available or provide any security. Dedicated authentication servers used by Kerberos which can be hosted on machines physically different from any other network services, such as file or print servers. The authentication servers possess secret keys for every client and server in the network. Kerberos is not a public-key system; its most important cryptosystem is DES, which alone makes it suspect due to DES’s small key size.
When log in by user, the client pass on the username to the authentication server, along with the identity of the service the client desires to connect to, for example a file server. The authentication server constructs a ticket, which contains a randomly generated session key, encrypted with the fileserver’s secret key, and sends it to the client as part of its documentations, which includes the session key encrypted with the client’s secret key. If the client or user typed the right password, then the client can decrypt the session key; present the ticket to the fileserver, and use the shared secret session key to communicate between them. Tickets are time stamped, and typically have an expiration time on the order a few hours.
In short, Kerberos is a solution to security problems. Kerberos provides the tools of authentication and strong cryptography over the network to help you secure information systems across entire enterprise.