实现安全的网路应用程式可能很困难,即使对于可能事先使用过各种加密构建块(例如加密和数位签名)的开发人员也是如此。为了让参与者了解这些加密原语的作用和用法,首先给出了安全通信的主要要求(安全确认、完整性、机密性、远端识别和匿名)的坚实基础,同时还介绍了可能破坏这些要求的典型问题以及实际解决方案。
由于网路安全的一个关键方面是密码学,因此还讨论了对称密码学、哈希、非对称密码学和密钥协定中最重要的加密演算法。这些元素不是提供深入的数学背景,而是从开发人员的角度进行讨论,展示了与加密使用相关的典型用例示例和实际考虑,例如公钥基础设施。介绍了安全通信的许多领域的安全协定,并深入讨论了最广泛使用的协定系列,例如 IPSEC 和 SSL/TLS。
讨论了与某些加密演算法和加密协定相关的典型加密漏洞,例如 BEAST、CRIME、TIME、BREACH、FREAK、Logjam、Padding oracle、Lucky Thirteen、POODLE 等,以及 RSA 计时攻击。在每种情况下,都会针对每个问题描述实际考虑和潜在后果,同样,无需深入数学细节。
最后,由于 XML 技术是网路应用程式数据交换的核心,因此描述了 XML 的安全方面。这包括在 Web 服务和 SOAP 消息中使用 XML 以及 XML 签名和 XML 加密等保护措施,以及这些保护措施中的弱点和 XML 特定的安全问题,例如 XML 注入、XML 外部实体 (XXE) 攻击、XML 炸弹和 XPath 注入。
参加本课程的学员将
- 了解安全、IT 安全和安全编码的基本概念
- 了解安全通信的要求
- 了解不同 OSI 层的网路攻击和防御
- 对密码学有实际的了解
- 了解基本安全协定
- 了解最近针对加密系统的一些攻击
- 获取有关一些最近的相关漏洞的资讯
- 了解 Web 服务的安全概念
- 获取有关安全编码实践的原始程式码和进一步阅读材料
观众
开发人员、专业人士
- IT 安全和安全编码
- 安全通信的要求
- 网路安全
- 网路安全
- 实用密码学
- 安全协定
- 加密漏洞
- Web 服务的安全性
- XML 安全性
- 知识来源
United Arab Emirates - Network Security and Secure Communication
Qatar - Network Security and Secure Communication
Egypt - Network Security and Secure Communication
Saudi Arabia - Network Security and Secure Communication
South Africa - Network Security and Secure Communication
Brasil - Network Security and Secure Communication
Canada - Network Security and Secure Communication
中国 - Network Security and Secure Communication
香港 - Network Security and Secure Communication
澳門 - Network Security and Secure Communication
台灣 - Network Security and Secure Communication
USA - Network Security and Secure Communication
Österreich - Network Security and Secure Communication
Schweiz - Network Security and Secure Communication
Deutschland - Network Security and Secure Communication
Czech Republic - Network Security and Secure Communication
Denmark - Network Security and Secure Communication
Estonia - Network Security and Secure Communication
Finland - Network Security and Secure Communication
Greece - Network Security and Secure Communication
Magyarország - Network Security and Secure Communication
Ireland - Network Security and Secure Communication
Luxembourg - Network Security and Secure Communication
Latvia - Network Security and Secure Communication
España - Seguridad de Red y Comunicación Segura
Italia - Network Security and Secure Communication
Lithuania - Network Security and Secure Communication
Nederland - Network Security and Secure Communication
Norway - Network Security and Secure Communication
Portugal - Network Security and Secure Communication
România - Network Security and Secure Communication
Sverige - Network Security and Secure Communication
Türkiye - Network Security and Secure Communication
Malta - Network Security and Secure Communication
Belgique - Network Security and Secure Communication
France - Network Security and Secure Communication
日本 - Network Security and Secure Communication
Australia - Network Security and Secure Communication
Malaysia - Network Security and Secure Communication
New Zealand - Network Security and Secure Communication
Philippines - Network Security and Secure Communication
Singapore - Network Security and Secure Communication
Thailand - Network Security and Secure Communication
Vietnam - Network Security and Secure Communication
India - Network Security and Secure Communication
Argentina - Seguridad de Red y Comunicación Segura
Chile - Seguridad de Red y Comunicación Segura
Costa Rica - Seguridad de Red y Comunicación Segura
Ecuador - Seguridad de Red y Comunicación Segura
Guatemala - Seguridad de Red y Comunicación Segura
Colombia - Seguridad de Red y Comunicación Segura
México - Seguridad de Red y Comunicación Segura
Panama - Seguridad de Red y Comunicación Segura
Peru - Seguridad de Red y Comunicación Segura
Uruguay - Seguridad de Red y Comunicación Segura
Venezuela - Seguridad de Red y Comunicación Segura
Polska - Network Security and Secure Communication
United Kingdom - Network Security and Secure Communication
South Korea - Network Security and Secure Communication
Pakistan - Network Security and Secure Communication
Sri Lanka - Network Security and Secure Communication
Bulgaria - Network Security and Secure Communication
Bolivia - Seguridad de Red y Comunicación Segura
Indonesia - Network Security and Secure Communication
Kazakhstan - Network Security and Secure Communication
Moldova - Network Security and Secure Communication
Morocco - Network Security and Secure Communication
Tunisia - Network Security and Secure Communication
Kuwait - Network Security and Secure Communication
Oman - Network Security and Secure Communication
Slovakia - Network Security and Secure Communication
Kenya - Network Security and Secure Communication
Nigeria - Network Security and Secure Communication
Botswana - Network Security and Secure Communication
Slovenia - Network Security and Secure Communication
Croatia - Network Security and Secure Communication
Serbia - Network Security and Secure Communication
Bhutan - Network Security and Secure Communication