ArticleDirectory
Authentication
Authorization
Secure Communication
I feel very lacking in website security, so I want to study it well, so I ran to the MS website to find information ~
Http://www.microsoft.com/china/technet/security/guidance/secmod01.mspx
I learned to keep some text ~
Article 1 Construct a secure distributed Web ApplicationProgramAnd a group of important security principles to be followed
The foundation for building secure distributed Web application
Some time ago, due to work needs, some Intranet security things were required. To prevent files in the LAN from being kept confidential, some transparent encryption technologies were involved. Take a look at the materials and take notes.
1. Transparent file-based Encryption
Based on the name of the accessed file, the transparent encryption system based on the file suffix or
To determine whether to perform encryption and decryption [23].
Specifically,
message headers cannot be used for reverse engineering of keys.
One way to compromise the data encrypted with this type of password is to perform a exhaustive search for each possible key. Based on the size of the key used to perform encryption, it is extremely time-consuming, and therefore difficult to implement, even if you use the fastest computer to perform such a search. Using a large key size makes decryption more difficult. Although theoretically, encryption won't make the opponent una
, you need this permission. However, please prevent the administrator from adding too many potentially dangerous permissions to your account or requiring your users to have too many unnecessary permissions.
Use LSA secretLocal security authorization (LSA) can store confidential data for applications. APIS that control LSA confidentiality include lsastoreprivatedata and lsaretrieveprivatedata. Here, a problem occurs: to use LSA Secrets, the processes
and dropping copies, printing, mail sending, third-party software plug-ins, screen recording, and so on.2) programming is required, such as memory reading, API hook mounting, window messages, and custom plug-ins.In general, there are many ways to prevent them. A variety of products are more or less blocked, and it is difficult to be foolproof.2. Compared with traditional encryption tools (such as encryption file cabinets), file system filter drives encryption products to transparently encrypt a
In the privacy mode of the Internet, you can save and manage open pages, bookmarks, and stored pages separately. You can also use password and fingerprint locking mode, and if you want to enable this feature, follow these steps:
Note: 1. In confidential mode, some features are not available, such as screenshots.
2. In a confidential mode, the device changes the color of the toolbar.
1. Under the St
Mirosoft windows and Cisco IOS. I say it's a misunderstanding, not a betrayal, because the idea of Unix may never have been really understood. Perhaps this is a misunderstanding of Unix caused by the misunderstanding of the macro kernel.
UNIX's macro kernel thought has a big impact, but it's not meant to cram all the operations into the kernel, but only the confidential operation into the kernel, to maintain the compactness and efficiency of the core
HTTP Stateless httpprotocol is stateless and will not remember the last time and the page "What Happened" (the story of the firstLove -times "). Test:Private field + +. Server does not remember the last to give the browser what, otherwise the server pressure will be too large, the browser needs to remember these values, the next time to submit the server (please add ten on my width ), it is necessary to submit the last value to the server, let him think up. If you want to know the last state, on
on your device is sent out with both hands. Services for it and Bluetooth also have some threat factors. amap and Baidu suggested that users only turn them on during navigation and turn them off when they don't need them.
8. Avoid replying to account passwords or other information in text messages and emails.
We recommend that you compress and encrypt the confidential file if you send confidential inform
Recently, public and corporate awareness of private and private information protection has been significantly enhanced. With specific regulations introduced by many countries and regions, protecting personal information is not only a matter of public relations, but also a legal obligation.
In any case, protecting confidential data in the IT system (whether in the transaction processing (OLTP) or in the data warehouse environment) is the primary consid
science, cryptography, and other aspects of knowledge, its main task is to study the protection methods of information in computer systems and communication networks to ensure the security, confidentiality, authenticity and integrity of information in the system. Password technology is the core of information security. Cryptographic technology is a cross-discipline that combines mathematics, computer science, electronics and communication among other disciplines. It not only ensures the encrypt
permissions to improve on the most primitive ACL models. If necessary, you can even assign permissions to departments, positions.MAC (Mandatory access Control) (Mandatory access controls)The Mac was born to compensate for the problem of too fragmented DAC permissions control. In the design of the Mac, each object has some permissions identified, each user also has some permissions to identify, and whether the user can manipulate the object depends on the relationship between the identity of the
Building Software Digital Security belt series course (18): ultimate security guide. Zip
Lecture content: as a very important field, security not only has complicated theoretical support, but also pays great attention to the specific application of practical engineering. In practical applications, our designers, developers, and testers need to pay attention to many scattered places. In this course, we will discuss with you some fragmented security applications, but very
This article describes the principles and background of PGP implementation. For more information about PGP installation and use, see other documents provided in this document. PGP pretty good privacy is a mail encryption software based on the RSA public key encryption system. You can use it to keep your email confidential to prevent unauthorized users from reading it. It can also add a digital signature to your email so that the recipient can be confi
To understand SSL, you must understand the cryptography system, message digest functions (one-way or hash functions), and digital signatures, which are topics discussed in many literatures (such as [AC96), providing the basis for confidentiality, integrity, and authentication.Password systemSuppose Alice wants to send a message to her bank to transfer funds and hopes the news is confidential because it contains information such as her account number a
: OA complex processHorizontal dimension: Branch Office, Department, employee, attendance type, etc.Time Dimension: DateV. Design of the reportGenerally speaking, a complete report design process is broadly divided into the following steps:Open the designer, skip the configuration data source These simple steps, go straight to the design report topic, for example, the group to sign the report, first, to understand the needs of the signing of the field, usually the group
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.