[Home]

Topics

Tutorial

HTML

Dreamweaver

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

s

Topic 11 - Current Issues

Copyrights

  • Copyright laws forbid copying the protected work of someone else and selling it for profit, they don't extend to copying an idea here and there.
  • You can copy ideas from other web pages - but beware, while copyright laws let you copy ideas here and there, they expressly forbid you to copy a sophisticated sequence of ideas.

Censorship

  • Blocking software - a program that blocks access to certain parts of the Internet deemed objectionable based on predetermined criteria.
  • Arguments for censorship claim that blocking software assumes computer-literate parents, and many do not and never will meet this standard.

Security

  • You can secure pages in several ways.
  • Secure Electronic Transaction (SET) - encrypting credit-card-transaction data for save passage over networks.
  • A digital signature method has also been developed to authenticate the identities of buyers and sellers.

Privacy

  • As more and more users begin to rely on the web for day-to-day business and personal tasks, the issue of privacy gows in importance.
  • Web designers should never quickly dismiss user concerns, as this would go against the very nature of user-centered design.
  • Consider the user's fear of privacy related to tracking their online movements.
  • A privacy policy should be written that overviews the collection and usage of sensitive information.
  • Organizations like TRUSTe will help sites create a privacy policy.
  • If sensitive or personal information is collected, provide an easily accessible and understandable privacy statement.

Common Site-Protection Methods

Method
Discussion

Use and rotate strong passwords

 

 Use longer, difficult-to-guess passwords. Make sure there is a limit to the life of passwords. Consider using hardware-generated passwords.

Maintain your OS

 

 Keep operating system software up-to-date by applying all patches and upgrades.

Limit access points

 

 

 Remove services that are not in common use. Limit web servers to only providing web services and consider removing any form of network protocol access to a server except HTTP.

Set up a firewall

 

 Configure a firewall so as to limit network traffic. Consider using both packet-filtering and application-protocol limitations.

Use strong encryption

 

 When transmitting sensitive data, either via email or HTTP, encrypt the information using the strongest possible ciphers allowed.

Use digital certificates

 

 Install digital certificates from organizations like VeriSign so that identity can be verified.

Reduce information leakage

 

 

 

 

 

 

 

 

 

 Don't freely expose information that a hacker could utilize to figure out a hole to exploit on your system. Don't allow a remote login, at least modify any prompts returned not to indicate the variant of the software or operating system in use. Modify your HTTP server headers not to reveal the type of web server in use. Don't reveal the type of technology used in programmed web pages like Perl. Consider using generic file extensions like .cgi instead of language specific ones like .pl. avoid exposing information about your network through domain name services. Avoid naming systems in such a way as to reveal their operating system. Modify your WHOIS record not to include personnel information that can be used in social engineering attacks.

Employ physical security

 

 Limit physical access to important servers. Destroy sensitive documents, including documents that detail network or server configurations.


 

backCGI Application Theory | Back to Main Pagenext

 

 

 

 

 

Copyrights Reserved © Web Publishing 2003

Assessment

  • Assignment 1
  • Assignment 2
  • Quiz 1
  • Quiz 2
  • Project

 

Announcement

To all my students!

Please visit this web site regularly.