▶ 15.2 Basic Web Security
The internet is a risky place, and the web offers a very large attack surface. Here we examine four basic aspects of web security:
Client policy issues: risks arising from web clients
Static website security: risks and defenses for static web pages
Server authentication: using SSL to authenticate a server
Server masquerades: techniques to masquerade as a particular server using SSL
First, we examine client policy issues. The other aspects appear in subsequent subsections.
Client Policy Issues
We looked at the evolution of internet use policies and the role of firewalls in enforcing them. (See Section 14.4.) Here we look more closely at problems arising from clients using web resources. The dilemma remains ...
Get Elementary Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
