Who should attend: Anyone running a Web site who wants to understand the tradeoffs in making it secure; anyone worried about Java and ActiveX who wants to understand what the fuss is about. You should understand basic WWW client-server architecture, basic protocol concepts (packets, messages, headers), and basic security concepts (user names, passwords).

What you will learn: Web security issues and available technologies for dealing with them.

The World Wide Web is the most important enabler of electronic commerce, but was designed with little thought to industrial-strength security - a crucial issue if you're trying to avoid monetary loss or bad publicity. Many electronic commerce implementors focus on the look of their site, rather than its security, not fully understanding how the implementation language they use can impact security.

This course will show you how systems such as Web servers, browsers, databases and firewalls fit together and how the various information flows are secured. You will gain an understanding of the tradeoffs in making your systems secure, and you will be able to answer questions such as:

"Is it okay to use SSL to transfer credit card information?" "How secure is the 40-bit encryption in international browsers?" "How risky are Java and ActiveX and what is the difference between them?"

Topics include:

	Encryption overview
	Simple schemes (basic authentication/cookies)
	Prevailing protocols    Secure Sockets Layer (SSL)    Secure HyperText Transfer Protocol (S-HTTP)    Private Communications Technology (PCT)
	Downloadable execution    Java    ActiveX

Karl Andersen is a founder of System Experts Corporation, a consulting company with architectural, implementation, and deployment expertise. Karl has worked extensively with major Wall Street firms, commercial and industrial manufacturing companies, and leading on-line service providers, helping them to design and implement manageable and secure open systems.

Tutorials at-a-Glance     Tutorial Instructors