home | briefing notes | business contacts | contact us
home : catalog : network security : network security for web and e-commerce

Network Security for Web and e-Commerce Applications

The primary focus of this course is the rapidly changing, increasingly vital area of security in context of networked computer applications. This specifically includes addressing the risks and challenges associated with safe computing operations on the public Internet - and appropriately securing the corporate intranet (which may or may not be part of the Internet).

Heightened security awareness in recent years and a continuing, growing concern about the unregulated and uncontrollable aspects of the Internet all create an urgent priority for professionals and managers to have an effective understanding of the issues that comprise network security.

There is definitely a dark side to the Internet, and prudent corporate/enterprise network managers and professionals recognize their fundamental responsibility to ensure that appropriate measures are taken, and precautions put in place to protect corporate data and systems from these threats.

The objectives of this course are to:

  • Describe the important elements of network security, which range over a wide spectrum of measures and countermeasures, from creating barriers (e.g. firewalls) and restrictions (e.g. security policy) to rendering data and systems inaccessible through robust access control measures, Virtual Private Networks and data encryption.
  • Create an appreciation of where systems and networks are most vulnerable, and develop an understanding of the way in which vulnerabilities can be identified and appropriate countermeasures deployed.
  • Demystify, describe and explain the various types of malicious software that present a threat to safe, convenient use of tools like email and the World Wide Web - including viruses, Trojan Horse programs, worms and logic bombs.
  • Put the issues of personal privacy and individual preferences for confidential communication in perspective with the right and obligation of employers to protect corporate information and ensure prudent use of corporate network resources.
  • Describe the various aspects and features of the highly complex and mathematical topic of encryption at a level of technical detail suitable to IT professionals and managers who are not particularly interested in the mathematics of cryptography.
  • Develop an appreciation of trends (in both the threats and countermeasures to threats) that are evident in the industry, and attempt to put them into perspective.

Who Should Attend
This course is intended for IT professionals, engineers and technical managers who need an intensive, thorough exposure to the principles and issues that define network security. This subject is often presented in a mathematically intense format - but this course has been designed to minimize this aspect, so that professionals in all disciplines that are affected by these issues will be able to benefit from attending.

Many of the delegates who attend this course fit into these broad groups:

  • People newly appointed to a security-oriented position that need to develop a functional knowledge foundation covering the many aspects of the subject.
  • Junior to intermediate IT and networking personnel who need an effective grounding in the scope and principles of the subject.
  • More senior professionals in related fields that require a functional vocabulary and understanding of how these issues affect their individual disciplines.
  • Individuals with responsibility in other areas of security (such as physical security) and who need to broaden their knowledge of the business with an appreciation of network and IT security.

There are no technical prerequisites for this program. Our Network Security course has been designed as a freestanding treatment of the subject, although previous familiarity with networking technology is assumed.

Course Material and Program Features
Each delegate will be provided with a permanent, comprehensive workbook that is much more than a set of lecture notes. In addition to being a workbook designed to track with the lecture portion of the program, it is designed with features that give it real value as a permanent reference resource.

These include:

  • A complete descriptive text format, designed to be a highly readable, valuable reference on the job.
  • A textbook style Subject Index and a comprehensive Table of Contents, consistent with effective reference access to content details.
  • A thorough, highly readable subject-specific glossary that provides detailed descriptive treatment of key items of terminology.

Program Outline: Network Security for Web-Based and Client/Server Applications

(i) Introduction
The Networked Environment Differs From Traditional IT Security
Security in Distributed Systems
Authentication, Confidentiality, Integrity and Non-Repudiation
Elements of Risk in Client/Server Systems
Points of Security Exposure
The Orange Book Approach

(ii) Security-Related Features of Web-Based Computing
Summary Features of TCP and IP
World Wide Web Features and Security
Traditions of Trust in TCP/IP Networks
Roles of Clients and Servers and Open Systems Issues
An Increasingly Sophisticated Threat Community

(iii) Malicious Software
Challenges From the Rapid Proliferation of Malicious Software
Trojan Horses
Logic Bombs

(iv) Denial of Service Threats
The Opponent Does Not Need to Intrude to Threaten
Ways in Which DOS Attacks are Launched
Distributed Denial of Service Threats

(v) Introduction to Cryptography
Starting With a Secure Physical Environment
National Policy Issues
Traditional Symmetric Key Cryptography
The DES, AES and IDEA Algorithms
Public Key Cryptography
Hash Functions

(vi) Authentication
Limitations of User ID's and Passwords
Automated Authentication Services
Kerberos and Other Authentication Methods
Issues of Trust

(vii) The Public Key Infrastructure
PKI - a Systematic Hierarchy of Trust Relationships
The Public Key Infrastructure; Concepts and Features
Digital Certificates and Signatures
LDAP and X.500 Directory Services
Practical Implementation Challenges

(viii) Security and Internet/Intranet Connectivity
Inherent Risks With the Internet Architecture
Security Risks in the DNS
Cookies and Their Implications
Remote Access Issues; RADIUS and TACACS+
Network Management via SNMP

(ix) E-Commerce and Email Privacy
Demands of E-Commerce Solutions
Settlement Models
Secure Sockets Layer and SHTTP
Email Privacy; PEM, PGP and X-400

(x) Firewalls
Firewalls Design Objectives
Firewall Types; Stateless and Stateful
Network Address Translation
DMZ Configurations
Proxy-based Firewalls
Limitations with Firewall-Connected Environments
Intrusion Detection Systems

(xi) Creating A Security Solution and Defining Policy
Essential Elements of a Secure Environment
Promoting User Awareness
Elements of an Effective Security Policy
Communicating the Security Policy
Defining a Model for Internet Access

Glossary of Terminology
Suggestions For Further Reading

General Index


Click here to return to our catalog page