COMPSCI 1JC3 Chapter Notes - Chapter 7: Ransomware, Key Distribution, Direct Manipulation Interface
Document Summary
Integrity - preserving the original state of information. Authentication - verifying the identity of a person. Accountability - having the ability to find/trace the responsible parties for actions performed. Login pages under login control normally use https to protect info from being leaked while being transferred in the network. Once logged in, the user can access protected resources known as a security realm. Https is http over secure socket layer (ssl) over the newer transport layer security (tls) protocol. Ssl and tls provide secure communication between client and server by allowing mutual authentication and the use of digital signatures for integrity, and data encryption for confidentiality. To enable https, a server needs to install a valid web server certificate, and enable ssl/tls. Ssl/tls may be placed between a reliable connection -oriented transport protocol layer, such as tcp/ip and an application protocol layer such as http.