1 / 9

Knowledge Portal on E-commerce Security Mechanism s

Team - CA CSCI 5234 Web Security. Knowledge Portal on E-commerce Security Mechanism s. Collect and document information of ecommerce security mechanisms. Using: wiki engine for collaboration. Purpose: . Tier Diagrams. Conceptual Design. Detailed Design. Security Measures Included.

luce
Download Presentation

Knowledge Portal on E-commerce Security Mechanism s

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Team - CA CSCI 5234 Web Security Knowledge Portal on E-commerce Security Mechanisms

  2. Collect and document information of ecommerce security mechanisms. Using: wiki engine for collaboration Purpose:

  3. Tier Diagrams

  4. Conceptual Design

  5. Detailed Design

  6. Security Measures Included HTTPS – Authenticate server to the client Demo - SSL certificate invocation Database Firewall – Port management rules limit vulnerability of direct attack on database Illustrate – rules and ports Database SSH – Secure tunnel between the application and the database Demo – SSH tunnel creation

  7. Security Measures Application Security – user access, database information hiding, cookie and session timeouts Cross Side Scripting – Disable unused features on the wiki. Limit access to the scripting variables. E.g $wguseFilesCss Hide database information – put the database information on a separate file, then include it during runtime. require_once (“c:\mysql_info.php”); $db_name=”wikidb”;

  8. Statistics and Ranking Implement ranking using extensions Add the extensions to the ./extensions folder. Call the extension at runtime using require_once() function Contributions.php ContributionsScore.php Ranking can be based on the number of edits or the volume contained in each edit a user posts to the wiki.

  9. Thanks

More Related