Author:
Foo Schubert,Chor Leong Peng,Cheung Hui Siu,Liu Shigong
Abstract
The study outlines a number of security requirements that are typical of a host of Web‐based applications using a case study of a real life online Web‐based customer support system. It subsequently proposes a security solution that employs a combination of Web server security measures and cryptographic techniques. The Web server security measures include the formulation and implementation of a policy for server physical security, configuration control, users’ access control and regular Web server log checks. Login passwords, in conjunction with public key cryptographic techniques and random nonces, are used to achieve user authentication, provide a safeguard against replay attacks, and prevent non‐repudiatory usage of system by users. These techniques, together with the use of session keys, will allow data integrity and confidentiality of the customer support system to be enforced. Furthermore, a number of security guidelines have been observed in the implementation of the relevant software to ensure further safety of the system.
Subject
Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems
Reference16 articles.
1. Abadi, M. and Needham, R. (1994), Prudent Engineering Practice for Cryptographic Protocols, SRC Research Report 125, Systems Research Centre, Digital Equipment Corporation.
2. AntiCrack Corporation (1998), AntiCrack,
3. Certicom Corporation (1998a), Current Public‐Key Cryptographic Systems,
4. Certicom Corporation (1998b), An Introduction to Information Security,
5. International Data Corporation (1997), Unprecedented Growth in Global Internet and World Wide Web Usage,
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献