Course Code: cl-anw
Duration: 21 hours
Overview:

實現安全的網路應用程式可能很困難,即使對於可能事先使用過各種加密構建塊(例如加密和數位簽名)的開發人員也是如此。為了讓參與者了解這些加密原語的作用和用法,首先給出了安全通信的主要要求(安全確認、完整性、機密性、遠端識別和匿名)的堅實基礎,同時還介紹了可能破壞這些要求的典型問題以及實際解決方案。

由於網路安全的一個關鍵方面是密碼學,因此還討論了對稱密碼學、哈希、非對稱密碼學和密鑰協定中最重要的加密演算法。這些元素不是提供深入的數學背景,而是從開發人員的角度進行討論,展示了與加密使用相關的典型用例示例和實際考慮,例如公鑰基礎設施。介紹了安全通信的許多領域的安全協定,並深入討論了最廣泛使用的協定系列,例如 IPSEC 和 SSL/TLS。

討論了與某些加密演算法和加密協定相關的典型加密漏洞,例如 BEAST、CRIME、TIME、BREACH、FREAK、Logjam、Padding oracle、Lucky Thirteen、POODLE 等,以及 RSA 計時攻擊。在每種情況下,都會針對每個問題描述實際考慮和潛在後果,同樣,無需深入數學細節。

最後,由於 XML 技術是網路應用程式數據交換的核心,因此描述了 XML 的安全方面。這包括在 Web 服務和 SOAP 消息中使用 XML 以及 XML 簽名和 XML 加密等保護措施,以及這些保護措施中的弱點和 XML 特定的安全問題,例如 XML 注入、XML 外部實體 (XXE) 攻擊、XML 炸彈和 XPath 注入。

參加本課程的學員將

  • 瞭解安全、IT 安全和安全編碼的基本概念
  • 瞭解安全通信的要求
  • 瞭解不同 OSI 層的網路攻擊和防禦
  • 對密碼學有實際的瞭解
  • 瞭解基本安全協定
  • 瞭解最近針對加密系統的一些攻擊
  • 獲取有關一些最近的相關漏洞的資訊
  • 瞭解 Web 服務的安全概念
  • 獲取有關安全編碼實踐的原始程式碼和進一步閱讀材料

觀眾

開發人員、專業人士

Course Outline:
  • IT 安全和安全編碼
  • 安全通信的要求
  • 網路安全
  • 網路安全
  • 實用密碼學
  • 安全協定
  • 加密漏洞
  • Web 服務的安全性
  • XML 安全性
  • 知識來源
Sites Published:

United Arab Emirates - Network Security and Secure Communication

Qatar - Network Security and Secure Communication

Egypt - Network Security and Secure Communication

Saudi Arabia - Network Security and Secure Communication

South Africa - Network Security and Secure Communication

Brasil - Network Security and Secure Communication

Canada - Network Security and Secure Communication

中国 - Network Security and Secure Communication

香港 - Network Security and Secure Communication

澳門 - Network Security and Secure Communication

台灣 - Network Security and Secure Communication

USA - Network Security and Secure Communication

Österreich - Network Security and Secure Communication

Schweiz - Network Security and Secure Communication

Deutschland - Network Security and Secure Communication

Czech Republic - Network Security and Secure Communication

Denmark - Network Security and Secure Communication

Estonia - Network Security and Secure Communication

Finland - Network Security and Secure Communication

Greece - Network Security and Secure Communication

Magyarország - Network Security and Secure Communication

Ireland - Network Security and Secure Communication

Luxembourg - Network Security and Secure Communication

Latvia - Network Security and Secure Communication

España - Seguridad de Red y Comunicación Segura

Italia - Network Security and Secure Communication

Lithuania - Network Security and Secure Communication

Nederland - Network Security and Secure Communication

Norway - Network Security and Secure Communication

Portugal - Network Security and Secure Communication

România - Network Security and Secure Communication

Sverige - Network Security and Secure Communication

Türkiye - Network Security and Secure Communication

Malta - Network Security and Secure Communication

Belgique - Network Security and Secure Communication

France - Network Security and Secure Communication

日本 - Network Security and Secure Communication

Australia - Network Security and Secure Communication

Malaysia - Network Security and Secure Communication

New Zealand - Network Security and Secure Communication

Philippines - Network Security and Secure Communication

Singapore - Network Security and Secure Communication

Thailand - Network Security and Secure Communication

Vietnam - Network Security and Secure Communication

India - Network Security and Secure Communication

Argentina - Seguridad de Red y Comunicación Segura

Chile - Seguridad de Red y Comunicación Segura

Costa Rica - Seguridad de Red y Comunicación Segura

Ecuador - Seguridad de Red y Comunicación Segura

Guatemala - Seguridad de Red y Comunicación Segura

Colombia - Seguridad de Red y Comunicación Segura

México - Seguridad de Red y Comunicación Segura

Panama - Seguridad de Red y Comunicación Segura

Peru - Seguridad de Red y Comunicación Segura

Uruguay - Seguridad de Red y Comunicación Segura

Venezuela - Seguridad de Red y Comunicación Segura

Polska - Network Security and Secure Communication

United Kingdom - Network Security and Secure Communication

South Korea - Network Security and Secure Communication

Pakistan - Network Security and Secure Communication

Sri Lanka - Network Security and Secure Communication

Bulgaria - Network Security and Secure Communication

Bolivia - Seguridad de Red y Comunicación Segura

Indonesia - Network Security and Secure Communication

Kazakhstan - Network Security and Secure Communication

Moldova - Network Security and Secure Communication

Morocco - Network Security and Secure Communication

Tunisia - Network Security and Secure Communication

Kuwait - Network Security and Secure Communication

Oman - Network Security and Secure Communication

Slovakia - Network Security and Secure Communication

Kenya - Network Security and Secure Communication

Nigeria - Network Security and Secure Communication

Botswana - Network Security and Secure Communication

Slovenia - Network Security and Secure Communication

Croatia - Network Security and Secure Communication

Serbia - Network Security and Secure Communication

Bhutan - Network Security and Secure Communication

Nepal - Network Security and Secure Communication

Uzbekistan - Network Security and Secure Communication