1. How are authentication and authorization related to one another? What problem

Question

1. How are authentication and authorization related to one another? What problem does each solve?

2. What are ACLs in the context of this class? What is RBAC? How does each address
the issue of security?

3. A user of a web browser enters an https:// URL. What is the process that the server
and the browser goes through in order for the browser to receive and decrypt the page?

4. Visit the OWASP Top 10 application security risks page
(https://www.owasp.org/index.php/Top_10_2010-Main). Choose 4 of the ten listed, and
discuss how the content in this course has addressed (or not addressed) the issue. Be sure to
provide examples.

Explanation / Answer

Authentication is any process by which you verify that someone is who they claim they are. This usually involves a username and a password, but can include any other method of demonstrating identity, such as a smart card, retina scan, voice recognition, or fingerprints. Authentication is equivalent to showing your drivers license at the ticket counter at the airport.

Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance. Authorization is equivalent to checking the guest list at an exclusive party, or checking for your ticket when you go to the opera.

authentication and authorization prevent accessing our personal details from our mail ids,accounts etc.

4)A1-injection

Injection flaws, such as SQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.