Web Security Technology (2)-Security Overview

Web Security Technology (2)-Security Overview
I. Security elements the core issue of information security is to ensure that legal users of data can obtain confidential data that has not been illegally modified when they need it. It has the following elements:
Confidentiality
Ensure that the data content cannot be disclosed. The user's password is saved in plain text, which destroys the confidentiality.

Integrity

Ensure that the data content is not tampered. When HTTP is used to submit data, the data is tampered during transmission and then sent to the server, which damages the integrity.

Availability

Ensure that data can be accessed and used properly. Denial of Service (DoS) attacks destroy availability.

The most basic security elements are the above three. There are some other elements below.

Auditability

Records data generation operations for future analysis and review.

Non-Repudiation

First, ensure data integrity. Then, the transmitted data must carry the information used for identity recognition, and this part of information cannot be collided between different subjects. Use of encryption technology

In the previous article "Web security technology (1)-understanding of encryption mechanisms", we mentioned three types of encryption algorithms that can be applied to security protection of certain elements. See the following description:

Symmetric encryption

Confidentiality is guaranteed. encrypted data is stored, so that people without keys cannot obtain data content.

Asymmetric encryption

Data can be encrypted and decrypted, so the confidentiality can be guaranteed just like symmetric encryption. Because asymmetric encryption can implement digital signatures, data integrity can be guaranteed. In addition, because the private key is signed by the private key, and the private key is only available for data transmission, if the public key can be verified successfully, the sender is not allowed to deny.

Summary Encryption

Abstract algorithms ensure data integrity.

On software download pages of some websites, there is sometimes an MD5 code next to it. This MD5 is the digest encryption for the downloaded software. After the download is complete, perform MD5 on the downloaded software on the local machine and compare the MD5 value displayed on the website. If the MD5 value is the same, the software is successfully downloaded, the software content is not tampered with during the download process. In the system, we often encrypt the passwords and save them again, because one feature of digest encryption is irreversible, in this way, the encrypted password stored in the database cannot be restored to the real password of the user. When a user logs on, the user only needs to encrypt the summary of the password submitted by the user, and then compare it with the password saved in the database to determine whether the user has entered the correct password. Ii. Risk Analysis

The following is a threat model called STRIDE:

How to assess risks?

 

If data is threatened, it may cause losses, but the loss may be large or small, and the probability of a threat may also be high or low. We need to determine the risk based on the specific situation. There is a model named DREAD that guides us to determine the risk level of a threat.

 

Each factor has three levels: High, Medium, and low. The weights are 3, 2, and 1 respectively.

When there is a threat, we add the weight values of each factor to obtain the risk coefficient.

Suppose we define the scope of risk coefficient as follows:

High risk: 12 ~ 15 points, moderate: 8 ~ , Low: 5 ~ 7 points.

If you use Plaintext to save the password as an example, the risk coefficient may be calculated as follows:

Risk = D (3) + R (1) + E (1) + A (3) + D (1) = 9, which is A medium risk.

The subsequent handling of threats should be balanced based on the risk size and the difficulty of repair.