Security and the Web

Anyone looking to publish anything on the Web, be it a Web Site or a personal blog, needs to be aware of the need for security. In this increasingly busy and often hazardous environment, security is one area that can neither be ignored nor taken lightly.

Cookies

Cookies are small text files placed on a web site visitor’s computer so that Web site managers can gain marketing information about their visitors, and can customise their Web site with visitor preferences. Cookies are, most often, used to personally identify the visitor. Because cookies are simple text files, they do not, as such, present a security danger. They can however, be considered an invasion of privacy so most, if not all, browsers can be configured to block cookies. This can give peace of mind, but it will mean having to log-on to shopping sites, forums, and other sites that require your identity. With cookies enabled you can re-visit the type of sites and they will be able to “remember” you through the use of cookies.

Again, in most browsers you can configure them to block cookies, but make exceptions for known sites. This gives the best of both worlds, in that only sites you have chosen to trust can place cookies on your machine.

Sending Secure Data over the Web

Most business Web pages encourage you to subscribe to, register for, or purchase products from, their web pages. The pages are usually directly, or indirectly, soliciting personal information. If you fill in a Web form, how do you know if your personal details will be securely transmitted?

Both Netscape Navigator and Microsoft Internet Explorer display a security information alert, to warn you of potential security risks. This warning tells you that you are about to send un-encrypted information, allowing you the chance to cancel the operation.

Send Information DialogSecure Sites

When you enter a secure site, the browser will display a different warning:

View Page Source Security Connection DialogThis indicates that you are about to view pages over a secure connection. When completing and submitting a form in a secure web site, encryption is used to encode the data between your computer and the web server. Therefore, even if your data is intercepted, it will be unusable.

Encryption Protocols

There are several protocols that have been created to transfer information securely over the inherently insecure channels of the Internet.

  • Secure Sockets Layer (SSL). SSL is a lower-level protocol that works directly on top of TCP/IP and it is easily used to add security to protocols used for Web communication. SSL functions by using a number of key-based algorithms.
  • S/MIME. Secure/Multipurpose Internet Mail Extensions is emeging as the protocol of choice for asynchronous messaging over the Internet.

Digital Certificates

Digital Certificates prove the identity of an individual or company over the Web. They are equivalent to ID cards and are digitally signed by the creator of the certificate. Most often, they are created by and signed by a certificate authoroty who is a third party trusted by both the sender and receiver of the certificate.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close