Implementation of Embedded Web server using TEA algorithm
|
|
- Horace Ramsey
- 8 years ago
- Views:
Transcription
1 Implementation of Embedded Web server using TEA algorithm Arunkumar G 1, Dr. T.C. Manjunath 2, Harish H.M 3, Jayaprakasha.H 4 1 Department of E&C, S.T.J.I.T, Ranebennur 2 Principal, HKBKCE, Bangalore 3,4 Department of E&C, GEC, Haveri 1 arunkumar.stjit@gmail.com 2 manjuiitb@yahoo.com 3 hmharish@gmail.com 4 harshitajp@gmail.com Abstract- IP network has been evolving significantly during the last two decades, many computers and devices have been attached to the IP network and many applications were developed over it. Powerful microcontrollers are used as part of most home and office appliances of today. Integrating web servers to these intelligent devices will aid in controlling such devices over the Internet and also creating user interfaces for them in the form of web pages. Assigning multiple functionalities to a single button helps manufacturers to economize user interfaces but, this makes design more complicated. One of the interesting applications is building embedded control system which has connectivity to Internet. This work explains implementation of embedded web server with security support with an example of control application over IP network. A security algorithm, called Tiny Encryption Algorithm [4], is implemented in a microcontroller system together with TCP/IP stack. The microcontroller system is of ARM family which serves as a web server. The encryption algorithm is processed both on server and client. Therefore, in clients it needs a plug-in to run encryption mechanism so that they can access the embedded web server safely. Since the cost of web based interfaces is considerably low, they can be used to provide the infrastructure for the design of simple, user-friendly interfaces for household appliances. Also, a web page based interface is much easier to change as compared to a hardware interface. The approach used to develop our prototype system is lightweight design and utilization of widely available network components such as Common Gateway Interface [1]. Keywords- Internet Protocol (IP), Tiny Encryption Algorithm (TEA), Transmission Control Protocol/Internet Protocol (TCP/IP), Advanced RISC Machine (ARM). I. INTRODUCTION Now a day s Internet is the largest information or data exchange media, which can be used as media for remote monitoring and controlling. TCP/IP protocol, standard protocol of Internet, supports to develop these functions by adding an application in the top application layer. As most of the Internet users are familiar with application layer, such as web browser, the communication between client and server can be added in that monitoring and controlling function. With this consideration, an embedded web server based on ARM microcontroller is implemented. The open source groups like Picoweb group built embedded web server with AT90S8515 and Web51 group built web servers based on AT89C8252. These two systems were lacking in security support. They try to implement TCP/IP stack in microcontroller. They used assembly language that match with certain microcontrollers. Here an attempt is made to build better embedded web server which overcome these drawbacks of embedded web servers. This model makes use of high level language which is compatible with most of the microcontrollers. To solve security problems a security protocol was developed, which is known as Secure Socket Layer (SSL). It has ability to authenticate and communicate personally. Secure protocol SSL is developed over asymmetric cryptography algorithm RSA but its implementation requires large code memory. To handle this problem here Tiny Encryption Algorithm (TEA) is selected which needs less memory to replace RSA algorithm. Although the use of C language is considered inefficient in code memory, it can be implemented for many microcontroller types. This embedded web server is an early step to build internet based embedded control system. This project depicts a simple control structure with ON-OFF controller as illustrated in Fig.1 [1]. 381
2 II. International Journal of Emerging Technology and Advanced Engineering Fig.1 Simple Control Structure of Embedded Web Server [1]. PREVIOUS WORK Several books were referred to understand the concepts of Networks and Protocols. The following are few of the papers, which are referred to realize the basic ideas about working of embedded web server. The design concept is proposed to accomplish a full function web server on a strictly limited resource space [1]. Through this embedded web server user can access their equipments remotely. The equipment mentioned here could be home appliances and factory devices. A key goal of this present paper is to provide an effective approach of access to traditional equipments that have no Internet interface and a reduction policy of TCP/IP protocol suite [1]. The work on developing an efficient and lightweight embedded web server for Web-based network element management have propose the architecture of an embedded Web server that can provide a simple but powerful for network element management, then the design and implementation of embedded web server, which is an embedded Web server that have developed for Web-based network element management. Finally, the result of embedded web server s performance and embedded web server optimization methods is presented. There are many commercial embedded web server products on the market for Web appliances and the work is a good example of making an efficient and lightweight embedded web server suitable for Web-based network element management [2]. 382 The development of three industrial devices, which utilizes Ethernet interface. The first two are designed to allow connection of already existing systems to the LAN. Both systems assume that the connected system is already equipped with serial port and implements some type of communication protocol. The first one creates virtual serial port, so already existing software can be utilized. The second system works as a specialized web server. It implements a universal script language, which allows sending and receiving data through serial interface and dynamically creating web content. The third device is a data logger equipped with number of universal analog and digital inputs. The collected data are recorded in the memory of the data logger and accessible using embedded web and FTP server [3]. III. DESIGN AND IMPLEMENTATION OF EMBEDDED WEB SERVER Implementation of TEA aims to support security aspect of embedded web server [4]. The embedded web server is designed to operate with a hierarchy of system access consisting of an administrator and a guest. Administrator has the highest privilege so that it has full access to this embedded web server. First, an administrator has authority to make control commands to I/O ports both of digital I/O and serial port. Second, an administrator can make a change in setting function of each digital I/O pins. Third, an administrator also can monitor all status of I/O ports. This monitoring ability shows input status from each I/O ports. Fig3. Decryption Process Based on the administrator privileges, web page which will be sent to the administrator containing control of digital I/O pins and serial I/O, monitoring I/O, and setting of embedded web server. A guest has the lowest privilege in hierarchy. A guest only gets information about monitoring process of I/O ports and cannot make any changes. Authentication process in this embedded web server consists of three input references: ID, password and a key so that the embedded web server recognizes what type of user is accessing to the system. The first process which embedded web server does when there is a request from client is parsing process, is to translate the URL coding which is received from client.
3 The Server will detect the type of the request and then will continue the process with method related to type of request. If type of request is GET, the server directly send index.html file to client. If the type is POST, the server will continue to detect what the next code. Fig.2 Encryption process [1] The next step is to detect I/O condition which located in HTML form when user push 'GO' button. This information located in message body of URL coding. Form of message body which will be sent is: name input 1 = input value1 & name input2 = input value2 & name. Inputs are got from button, text box, password and hidden input. All these input values are initially saved in memory for next use[1]. Fig.3 Decryption Process [1] Fig.4 Dataflow Diagram of Client Side [1] After parsing process, the server will handle ciphertext description (password client) and authentication. The Password ciphertext will be detected and used to determine user privilege. The result of privilege, which is a web page with user privilege, will be sent back to client with a POST response. The web page has three element user interfaces. There are three textboxes for ID information, password, key and a hidden input as sign of the end of URL coding. The user gives input such as text in three textboxes. The server will parse to this URL coding and save input value to each user interface provided in memory location. Information about password still in ciphertext form needs to be encrypted by client before send to server. Information about name, password and key will be used to determine the privilege of that user [1]. 383
4 In the beginning of authentication process, the description of ciphertext password sent by the client is compared with database in server. If match is found, the server will store this information in "privilege memory". Then server will send the related web page. If there is no match, server once again sends the authentication page. The TEA algorithm plays an important role in encryption and decryption process of user and password information. The TEA algorithm is implemented in C language. Data for encryption and decryption is limited to 8 characters, but the key has 16 characters. Keys are defined both in client and server [1]. A. User Authentication and Identification In addition to domain-based security, most HTTP servers also support a more complicated method of security known as user authentication. When configured for user authentication, specified files or directories are set up to allow access only by certain users. A user attempting to open the URLs associated with these files is prompted for a name and password. The user name and password is checked by the server and if found legitimate, the user is allowed access. In addition to allowing the user access to the protected file, the server also maintains the user's name and passes it to any subsequent CGI programs that are called. The server passes the user name in the REMOTE_USER environment variable. A CGI script can therefore use server authentication information to identify users. This is not what user authentication was meant for, but if the information is available, it can come in mighty handy. Here is a snippet of code that illustrates what you can do with the REMOTE_USER environment variable: The HTTP_FROM environment variable also carries information that can be used to identify a user-generally, the user's address. However, this variable depends on the browser to make it available, and few browsers do, so HTTP_FROM is of limited use. Server authentication does not provide complete security. Since the user name and password are sent unencrypted over the network, it is possible for a "snoop" to look at this data. the request to the server. This query string can then be accessed by using the environment variable QUERY_STRING. The main advantage of GET is that you can access the CGI program with a query without using a form. The main advantage to the POST method is that query length can be unlimited. To get data sent by the POST method, the CGI program reads from standard input. C. Status Codes Status codes are used by the HTTP protocol to communicate the status of a request. For example, if a document does not exist, the server returns a "404" status code to the browser. If a document has been moved, a "301" status code is returned. CGI programs can send status information as part of a virtual document. Here is an arbitrary example that returns success if the remote host name is bu.edu and failure otherwise: The Status header consists of a three-digit numerical status code, followed by a string representing the code. A status value of 200 indicates success, while a value of 400 constitutes a bad request. In addition to these two, there are numerous other status codes you can use for a variety of situations, ranging from an unauthorized or forbidden request to internal system errors. D. Accessing Form Input The Web browser allows the user to select or type in information, and then sends it to the server when the Submit button is pressed. B. GET and POST method There are two methods for sending form data: GET and POST. The main difference between these methods is the way in which the form data is passed to the CGI program. If the GET method is used, the query string is simply appended to the URL of the program when the client issues Fig.5 FORM Interaction with CGI 384
5 E. Decoding Process In order to access the information contained within the form, a decoding protocol must be applied to the data. First, the program must determine how the data is passed by the client. This can be done by examining the value in the environment variable REQUEST_METHOD. If the value indicates a GET request, either the query string or the extra path information must be obtained from the environment variables. On the other hand, if it is a POST request, the number of bytes specified by the CONTENT_LENGTH environment variable must be read from standard input. The algorithm for decoding FORM data is as follows: 1. Determine request protocol (either GET or POST) by checking the REQUEST_METHOD environment variable. 2. If the protocol is GET, read the query string from QUERY_STRING and/or the extra path information from PATH_INFO. 3. If the protocol is POST, determine the size of the request using CONTENT_LENGTH and read that amount of data from the standard input. 4. Split the query string on the "&" character, which separates key-value pairs (the format is key=value & key=value). 5. Decode the hexadecimal and "+" characters in each key-value pair. 6. Create a key-value table with the key as the index. Say you have a form that sends a POST request, and a program that decodes both GET and POST requests. Suppose you know that there are three fields: user, age, and pass. You can fill out the form, and the client will send the information as a POST request. IV. RESULTS The embedded web server is made to run on the LAN, and then the results of this project are observed. The provision is made for two users namely Administrator and guest. The administrator has all rights to change the status of different home appliances. The guest can only view the status of different home appliances and he has no rights to change the status. If an unauthorized user tries to access the page, it will throw a webpage with a status message as unauthorized user. The URL address of this server is When we enter different URL address, it will throw the web page as the requested URL/google.com was not found at this server. V. CONCLUSION Web Services present a way to interconnect applications through Internet among computational systems. The general design concept of the mini embedded web server is to allow easy access to remote equipment. In this project, a potential solution for low-cost secure Embedded Web Server based on TEA encryption is proposed. This embedded web server is a good media device to Internet. Many applications can be developed using this system concept, primarily in field of remote monitoring and controlling. This system is simple to install and cost effective. Finally, ARM Linux installed the system kernel is configured and then Root File System is created. These things are downloaded on to ARM Processor to make it as an Embedded Web Server [1]. REFERENCES [1] First Step Toward Internet Based Embedded Control System, Eka Suwartadi, Candra Gunawan, Ary Setijadi P, Carmadi Machbub,1999. [2] An Efficient Embedded Web Server for Web-based Network Element Management, Mi-Joung Choi, Hong-TaekJu, Hyun-Jun Cha, IEEE [3] Ethernet Interface In Application Case Study, Cach Petr, Fiedler Petr, Department of Control and Instrumentation, Brno University of Technology. [4] D.Wheeler, R. Needham, TEA, a Tiny Encryption Algorithm, Computer Laboratory, Cambridge University, England, November [5] Adolfo Rodriguez and John Gatrell, TCP/IP Tutorial and Technical Overview (IBM, August 2001). [6] Douglas E.Comer, Internetworking with TCP/IP Volume I, fourth edition, Pearson Education Asia. [7] J.Breckling, Ed., The Analysis of Directional Time Series: Applications to Wind Speed and Direction, ser. Lecture Notes in Statistics. Berlin, Germany: Springer, 1989, vol. 61. [8] Alberto Leon Garcia, Communication Networks Fundamental Concepts and Key Architectures, Tata McGraw-Hill Edition [9] Andrew S.Tanenbaum, Computer Network, Third Edition, Pearson Education Asia. [10] An Embedded Web Server for Equipments, Tao Lin Hai Zhao Jiyong Wang Guangjie Han Jindong Wang, COMPUTER SOCIETY, IEEE [11] William Stallings, Cryptography and Network Security, Third Edition, Pearson Education Asia. 385
Embedded Web Server for Infra Red Remote Control
Embedded Web Server for Infra Red Remote Control 1 Nor Azarina Nordin, 2 Siti Zarina Mohd. Muji, 3 Mohd Helmy Abd Wahab, 4 Muhammad Syukri Ahmad 1,2,3 Department of Computer Engineering, Faculty of Electrical
More informationChapter 5. Data Communication And Internet Technology
Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN
More informationTCP/IP Networking, Part 2: Web-Based Control
TCP/IP Networking, Part 2: Web-Based Control Microchip TCP/IP Stack HTTP2 Module 2007 Microchip Technology Incorporated. All Rights Reserved. Building Embedded Web Applications Slide 1 Welcome to the next
More informationE-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
More informationSetting Up Scan to SMB on TaskALFA series MFP s.
Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and
More informationhttp://alice.teaparty.wonderland.com:23054/dormouse/bio.htm
Client/Server paradigm As we know, the World Wide Web is accessed thru the use of a Web Browser, more technically known as a Web Client. 1 A Web Client makes requests of a Web Server 2, which is software
More informationNIOS II Based Embedded Web Server Development for Networking Applications
NIOS II Based Embedded Web Server Development for Networking Applications 1 Sheetal Bhoyar, 2 Dr. D. V. Padole 1 Research Scholar, G. H. Raisoni College of Engineering, Nagpur, India 2 Professor, G. H.
More informationSecure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
More informationVolume SYSLOG JUNCTION. User s Guide. User s Guide
Volume 1 SYSLOG JUNCTION User s Guide User s Guide SYSLOG JUNCTION USER S GUIDE Introduction I n simple terms, Syslog junction is a log viewer with graphing capabilities. It can receive syslog messages
More informationDesign and Development of ARM Processor Based Web Server
Design and Development of ARM Processor Based Web Server V.Billy Rakesh Roy 1, Sanket Dessai 1, and S. G.Shiva Prasad Yadav 1 1 M S Ramaiah School of Advanced Studies in Collaboration with Coventry University
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationSecuring Ship-to-Shore Data Flow
Securing Ship-to-Shore Data Flow Background on Common File Transfer Methods Today corporations, government entities, and other organizations rely on Electronic File Transfers as an important part of their
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationGetting Started Guide with WIZ550web
1/21 WIZ550web is an embedded Web server module based on WIZnet s W5500 hardwired TCP/IP chip, Users can control & monitor the 16-configurable digital I/O and 4-ADC inputs on module via web pages. WIZ550web
More informationCGI-based applications for distributed embedded systems for monitoring temperature and humidity
CGI-based applications for distributed embedded systems for monitoring temperature and humidity Grisha Spasov, Nikolay Kakanakov Abstract: The paper discusses the using of Common Gateway Interface in developing
More informationNetwork Technologies
Network Technologies Glenn Strong Department of Computer Science School of Computer Science and Statistics Trinity College, Dublin January 28, 2014 What Happens When Browser Contacts Server I Top view:
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationERserver. iseries. Securing applications with SSL
ERserver iseries Securing applications with SSL ERserver iseries Securing applications with SSL Copyright International Business Machines Corporation 2000, 2001. All rights reserved. US Government Users
More informationRemotelyAnywhere Getting Started Guide
April 2007 About RemotelyAnywhere... 2 About RemotelyAnywhere... 2 About this Guide... 2 Installation of RemotelyAnywhere... 2 Software Activation...3 Accessing RemotelyAnywhere... 4 About Dynamic IP Addresses...
More informationSecurity Digital Certificate Manager
IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,
More informationSynapse s SNAP Network Operating System
Synapse s SNAP Network Operating System by David Ewing, Chief Technology Officer, Synapse Wireless Today we are surrounded by tiny embedded machines electro-mechanical systems that monitor the environment
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationChapter 6 Virtual Private Networking Using SSL Connections
Chapter 6 Virtual Private Networking Using SSL Connections The FVS336G ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN provides a hardwarebased SSL VPN solution designed specifically to provide
More informationXerox DocuShare Security Features. Security White Paper
Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a
More informationTechnical White Paper BlackBerry Enterprise Server
Technical White Paper BlackBerry Enterprise Server BlackBerry Enterprise Edition for Microsoft Exchange For GPRS Networks Research In Motion 1999-2001, Research In Motion Limited. All Rights Reserved Table
More informationThe following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate.
Course Assessment Answers-1 Course Assessment The following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate. 1. A person
More informationSSL VPN Technology White Paper
SSL VPN Technology White Paper Keywords: SSL VPN, HTTPS, Web access, TCP access, IP access Abstract: SSL VPN is an emerging VPN technology based on HTTPS. This document describes its implementation and
More informationCARRIOTS TECHNICAL PRESENTATION
CARRIOTS TECHNICAL PRESENTATION Alvaro Everlet, CTO alvaro.everlet@carriots.com @aeverlet Oct 2013 CARRIOTS TECHNICAL PRESENTATION 1. WHAT IS CARRIOTS 2. BUILDING AN IOT PROJECT 3. DEVICES 4. PLATFORM
More informationNetwork FAX Driver. Operation Guide
Network FAX Driver Operation Guide About this Operation Guide This Operation Guide explains the settings for the Network FAX driver as well as the procedures that are required in order to use the Network
More informationWeb Browsing Examples. How Web Browsing and HTTP Works
How Web Browsing and HTTP Works 1 1 2 Lets consider an example that shows how web browsing and HTTP work. The example will cover a simple, but very common case. There are many more details of HTTP that
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationGetting Started with PRTG Network Monitor 2012 Paessler AG
Getting Started with PRTG Network Monitor 2012 Paessler AG All rights reserved. No parts of this work may be reproduced in any form or by any means graphic, electronic, or mechanical, including photocopying,
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationIntegrating the Internet into Your Measurement System. DataSocket Technical Overview
Integrating the Internet into Your Measurement System DataSocket Technical Overview Introduction The Internet continues to become more integrated into our daily lives. This is particularly true for scientists
More informationNetwork Attached Storage. Jinfeng Yang Oct/19/2015
Network Attached Storage Jinfeng Yang Oct/19/2015 Outline Part A 1. What is the Network Attached Storage (NAS)? 2. What are the applications of NAS? 3. The benefits of NAS. 4. NAS s performance (Reliability
More informationLoad balancing Microsoft IAG
Load balancing Microsoft IAG Using ZXTM with Microsoft IAG (Intelligent Application Gateway) Server Zeus Technology Limited Zeus Technology UK: +44 (0)1223 525000 The Jeffreys Building 1955 Landings Drive
More informationInternet Technologies. World Wide Web (WWW) Proxy Server Network Address Translator (NAT)
Internet Technologies World Wide Web (WWW) Proxy Server Network Address Translator (NAT) What is WWW? System of interlinked Hypertext documents Text, Images, Videos, and other multimedia documents navigate
More informationCTIS 256 Web Technologies II. Week # 1 Serkan GENÇ
CTIS 256 Web Technologies II Week # 1 Serkan GENÇ Introduction Aim: to be able to develop web-based applications using PHP (programming language) and mysql(dbms). Internet is a huge network structure connecting
More informationConfiguring Digital Certificates
CHAPTER 36 This chapter describes how to configure digital certificates and includes the following sections: Information About Digital Certificates, page 36-1 Licensing Requirements for Digital Certificates,
More informationFirst Semester Examinations 2011/12 INTERNET PRINCIPLES
PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES
More informationSecure Transfers. Contents. SSL-Based Services: HTTPS and FTPS 2. Generating A Certificate 2. Creating A Self-Signed Certificate 3
Contents SSL-Based Services: HTTPS and FTPS 2 Generating A Certificate 2 Creating A Self-Signed Certificate 3 Obtaining A Signed Certificate 4 Enabling Secure Services 5 A Note About Ports 5 Connecting
More informationE-Commerce: Designing And Creating An Online Store
E-Commerce: Designing And Creating An Online Store Introduction About Steve Green Ministries Solo Performance Artist for 19 Years. Released over 26 Records, Several Kids Movies, and Books. My History With
More informationDMZ Network Visibility with Wireshark June 15, 2010
DMZ Network Visibility with Wireshark June 15, 2010 Ashok Desai Senior Network Specialist Intel Information Technology SHARKFEST 10 Stanford University June 14-17, 2010 Outline Presentation Objective DMZ
More informationERserver. iseries. Secure Sockets Layer (SSL)
ERserver iseries Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted
More informationSiteCelerate white paper
SiteCelerate white paper Arahe Solutions SITECELERATE OVERVIEW As enterprises increases their investment in Web applications, Portal and websites and as usage of these applications increase, performance
More informationOBM (Out of Band Management) Overview
OBM (Out of Band Management) Overview With the growth of IP, routers deployed into an IP network must not only be accessible by the network operator for maintenance and configuration purposes, but secure
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationPrintFleet Enterprise Security Overview
PrintFleet Inc. is committed to providing software products that are secure for use in all network environments. PrintFleet software products only collect the critical imaging device metrics necessary
More informationCore Syllabus. Version 2.6 C OPERATE KNOWLEDGE AREA: OPERATION AND SUPPORT OF INFORMATION SYSTEMS. June 2006
Core Syllabus C OPERATE KNOWLEDGE AREA: OPERATION AND SUPPORT OF INFORMATION SYSTEMS Version 2.6 June 2006 EUCIP CORE Version 2.6 Syllabus. The following is the Syllabus for EUCIP CORE Version 2.6, which
More information10. Java Servelet. Introduction
Chapter 10 Java Servlets 227 10. Java Servelet Introduction Java TM Servlet provides Web developers with a simple, consistent mechanism for extending the functionality of a Web server and for accessing
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationTable of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index
Table of Contents Chapter 1: Installing Endpoint Application Control System Requirements... 1-2 Installation Flow... 1-2 Required Components... 1-3 Welcome... 1-4 License Agreement... 1-5 Proxy Server...
More informationComputer Networks. Lecture 7: Application layer: FTP and HTTP. Marcin Bieńkowski. Institute of Computer Science University of Wrocław
Computer Networks Lecture 7: Application layer: FTP and Marcin Bieńkowski Institute of Computer Science University of Wrocław Computer networks (II UWr) Lecture 7 1 / 23 Reminder: Internet reference model
More informationUSER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity
USER GUIDE Lightweight Directory Access Protocol () Schoolwires Centricity TABLE OF CONTENTS Introduction... 1 Audience and Objectives... 1 Overview... 1 Servers Supported by Centricity... 1 Benefits of
More informationTable of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2
Table of Contents 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2 2 Features and Benefits 2-1 Key Features 2-1 Support for the Browser/Server Resource Access Model 2-1 Support for Client/Server
More informationWorking With Virtual Hosts on Pramati Server
Working With Virtual Hosts on Pramati Server 13 Overview Virtual hosting allows a single machine to be addressed by different names. There are two ways for configuring Virtual Hosts. They are: Domain Name
More informationLab Module 3 Network Protocol Analysis with Wireshark
Pacific Northwest National Laboratory Lab Module 3 Network Protocol Analysis with Wireshark NATO ASI on Energy Infrastructure Security October 2015 PNNL-##### Lab Module 3 Network Protocol Analysis with
More informationLabVIEW Internet Toolkit User Guide
LabVIEW Internet Toolkit User Guide Version 6.0 Contents The LabVIEW Internet Toolkit provides you with the ability to incorporate Internet capabilities into VIs. You can use LabVIEW to work with XML documents,
More informationEE984 Laboratory Experiment 2: Protocol Analysis
EE984 Laboratory Experiment 2: Protocol Analysis Abstract This experiment provides an introduction to protocols used in computer communications. The equipment used comprises of four PCs connected via a
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationINTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM
INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM Okumoku-Evroro Oniovosa Lecturer, Department of Computer Science Delta State University, Abraka, Nigeria Email: victorkleo@live.com ABSTRACT Internet security
More informationIP Link Best Practices for Network Integration and Security. Introduction...2. Passwords...4 ACL...5 VLAN...6. Protocols...6. Conclusion...
IP Link Best Practices for Network Integration and Security Table of Contents Introduction...2 Passwords...4 ACL...5 VLAN...6 Protocols...6 Conclusion...9 Abstract Extron IP Link technology enables A/V
More informationWhite Paper BMC Remedy Action Request System Security
White Paper BMC Remedy Action Request System Security June 2008 www.bmc.com Contacting BMC Software You can access the BMC Software website at http://www.bmc.com. From this website, you can obtain information
More informationS y s t e m A r c h i t e c t u r e
S y s t e m A r c h i t e c t u r e V e r s i o n 5. 0 Page 1 Enterprise etime automates and streamlines the management, collection, and distribution of employee hours, and eliminates the use of manual
More informationWeb Security School Entrance Exam
Web Security School Entrance Exam By Michael Cobb 1) What is SSL used for? a. Encrypt data as it travels over a network b. Encrypt files located on a Web server c. Encrypt passwords for storage in a database
More informationThe data between TC Monitor and remote devices is exchanged using HTTP protocol. Monitored devices operate either as server or client mode.
1. Introduction TC Monitor is easy to use Windows application for monitoring and control of some Teracom Ethernet (TCW) and GSM/GPRS (TCG) controllers. The supported devices are TCW122B-CM, TCW181B- CM,
More informationSymplified I: Windows User Identity. Matthew McNew and Lex Hubbard
Symplified I: Windows User Identity Matthew McNew and Lex Hubbard Table of Contents Abstract 1 Introduction to the Project 2 Project Description 2 Requirements Specification 2 Functional Requirements 2
More informationSSL VPN vs. IPSec VPN
SSL VPN vs. IPSec VPN White Paper 254 E. Hacienda Avenue Campbell, CA 95008 www.arraynetworks.net (408) 378-6800 1 SSL VPN vs. IPSec VPN Copyright 2002 Array Networks, Inc. SSL VPN vs. IPSec VPN White
More informationConfiguring Nex-Gen Web Load Balancer
Configuring Nex-Gen Web Load Balancer Table of Contents Load Balancing Scenarios & Concepts Creating Load Balancer Node using Administration Service Creating Load Balancer Node using NodeCreator Connecting
More informationCopyright is owned by the Author of the thesis. Permission is given for a copy to be downloaded by an individual for the purpose of research and
Copyright is owned by the Author of the thesis. Permission is given for a copy to be downloaded by an individual for the purpose of research and private study only. The thesis may not be reproduced elsewhere
More informationGigabyte Content Management System Console User s Guide. Version: 0.1
Gigabyte Content Management System Console User s Guide Version: 0.1 Table of Contents Using Your Gigabyte Content Management System Console... 2 Gigabyte Content Management System Key Features and Functions...
More informationWebsense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications
Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered
More informationDSI File Server Client Documentation
Updated 11/23/2009 Page 1 of 10 Table Of Contents 1.0 OVERVIEW... 3 1.0.1 CONNECTING USING AN FTP CLIENT... 3 1.0.2 CONNECTING USING THE WEB INTERFACE... 3 1.0.3 GETTING AN ACCOUNT... 3 2.0 TRANSFERRING
More informationSecure Data Transfer
Secure Data Transfer INSTRUCTIONS 3 Options to SECURELY TRANSMIT DATA 1. FTP 2. WinZip 3. Password Protection Version 2.0 Page 1 Table of Contents Acronyms & Abbreviations...1 Option 1: File Transfer Protocol
More informationComputer Networking LAB 2 HTTP
Computer Networking LAB 2 HTTP 1 OBJECTIVES The basic GET/response interaction HTTP message formats Retrieving large HTML files Retrieving HTML files with embedded objects HTTP authentication and security
More informationLecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I)
Lecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I) By: Dr. Ahmed ElShafee ١ Dr. Ahmed ElShafee, ACU : Fall 2015, Networks II Agenda Introduction to networking architecture Historical
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationForms, CGI Objectives. HTML forms. Form example. Form example...
The basics of HTML forms How form content is submitted GET, POST Elements that you can have in forms Responding to forms Common Gateway Interface (CGI) Later: Servlets Generation of dynamic Web content
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationEmbedded Based Web Server for CMS and Automation System
Embedded Based Web Server for CMS and Automation System ISSN: 2278 909X All Rights Reserved 2014 IJARECE 1073 ABSTRACT This research deals with designing a Embedded Based Web Server for CMS and Automation
More informationFast remote data access for control of TCP/IP network using android Mobile device
RESEARCH ARTICLE OPEN ACCESS Fast remote data access for control of TCP/IP network using android Mobile device Vaibhav Muddebihalkar *, R.M Gaudar** (Department of Computer Engineering, MIT AOE Alandi
More informationIf your organization is not already
Before you build your Web site, you need a solid design. Eden Watt At a Glance When you develop your first e-commerce site, you will discover that there are a few new things to learn about application
More informationHTTP 1.1 Web Server and Client
HTTP 1.1 Web Server and Client Finding Feature Information HTTP 1.1 Web Server and Client Last Updated: August 17, 2011 The HTTP 1.1 Web Server and Client feature provides a consistent interface for users
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationFiltering remote users with Websense remote filtering software v7.6
Filtering remote users with Websense remote filtering software v7.6 Websense Support Webinar April 2012 Websense 2012 Webinar Presenter Greg Didier Title: Support Specialist Accomplishments: 9 years supporting
More informationE-Book Security Assessment: NuvoMedia Rocket ebook TM
E-Book Security Assessment: NuvoMedia Rocket ebook TM July 1999 Prepared For: The Association of American Publishers Prepared By: Global Integrity Corporation 4180 La Jolla Village Drive, Suite 450 La
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationPrintFleet Enterprise 2.2 Security Overview
PrintFleet Enterprise 2.2 Security Overview PageTrac Support PrintFleet Enterprise 2.2 Security Overview PrintFleet Inc. is committed to providing software products that are secure for use in all network
More informationetrust Audit Using the Recorder for Check Point FireWall-1 1.5
etrust Audit Using the Recorder for Check Point FireWall-1 1.5 This documentation and related computer software program (hereinafter referred to as the Documentation ) is for the end user s informational
More informationWebmail Using the Hush Encryption Engine
Webmail Using the Hush Encryption Engine Introduction...2 Terms in this Document...2 Requirements...3 Architecture...3 Authentication...4 The Role of the Session...4 Steps...5 Private Key Retrieval...5
More informationA SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS
A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS *Dr Umesh Sehgal, #Shalini Guleria *Associate Professor,ARNI School of Computer Science,Arni University,KathagarhUmeshsehgalind@gmail.com
More informationFederated Access to an HTTP Web Service Using Apache (WSTIERIA Project Technical Note 1)
(WSTIERIA Project Technical Note 1) 1 Background 12/04/2010, Version 0 One of the outputs of the SEE-GEO project was façade code to sit in front of an HTTP web service, intercept client requests, and check
More informationUnderstanding PIC WEB boards and how to use Microchip's TCP-IP Stack. Rev.A, April 2008. Copyright(c) 2008, OLIMEX Ltd, All rights reserved
Understanding PIC WEB boards and how to use Microchip's TCP-IP Stack Rev.A, April 2008 Copyright(c) 2008, OLIMEX Ltd, All rights reserved INTRODUCTION: The PIC-WEB family of boards are development boards
More informationNetwork Security Essentials Chapter 5
Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 Transport-Level Security Use your mentality Wake up to reality From the song, "I've Got
More informationA Heterogeneous Internetworking Model with Enhanced Management and Security Functions
Session 1626 A Heterogeneous Internetworking Model with Enhanced Management and Security Functions Youlu Zheng Computer Science Department University of Montana Yan Zhu Sybase, Inc. To demonstrate how
More informationExploiting the Web with Tivoli Storage Manager
Exploiting the Web with Tivoli Storage Manager Oxford University ADSM Symposium 29th Sept. - 1st Oct. 1999 Roland Leins, IBM ITSO Center - San Jose leins@us.ibm.com Agenda The Web Client Concept Tivoli
More informationA network monitoring tool for student training
A network monitoring tool for student training Miguel A. Mateo Pla, M.P. Malumbres Departamento de Informática de Sistemas y Computadores (DISCA) Facultad de Informática (FI) Universidad Politécnica de
More informationIntroduction to Network Security Lab 1 - Wireshark
Introduction to Network Security Lab 1 - Wireshark Bridges To Computing 1 Introduction: In our last lecture we discussed the Internet the World Wide Web and the Protocols that are used to facilitate communication
More information