Website Security And User Authentication Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The most vital fact of online retail company ensures proper security. Without it total online system are destroy as soon as possible. Therefore, it is quiet important to ensure proper security. Some security options are discussion below.

User authentication:-

The meaning of user authentication to identify the proper User and verifying that the users allowed to access some restricted service; for an example, a user must identified as a client in order to get service and access resource in online retailing company. Generally a user identify by user id and password.

The basic authentication access is a method, which designed to allow a web browser, or other client program, to provide identification - in the form of a user name and password - when making a request. After successful combination of user name and password user are able to access the resource.


The meaning of ssl is secure socket layer, which used for secure encrypting communication between users and e-commerce website to ensure data transaction security. In that way, secure server to browser transactions. . SSL protocol encryption data to prevent eavesdropping and hampering of the transmitted data, and is used to secure information passed by a browser (such as a user credit card number or password) to a webserver (such as an online retail store).

data protection ensure by ssl when data submitted over the Internet from being intercepted and viewed by unintended recipients and as used by hundreds of thousands of websites in the protection of their online transactions with their customers, SSL is the effectively industry standard Internet transaction security technology.

Whenever a browser connects to a webserver (website) over https:// instead of http - this ensure that the communication will be encrypted and secure. The real complexities of the SSL protocol stay behind hidden to the end customer.

Web server need install an ssl certificate to create an ssl connection.

Certificate authorities maintain and provide ssl facility.


We can define firewall is a hardware or software system that used to prevents unauthorized access from a network. Firewalls most commonly used to prevent unauthorized Internet users from accessing private networks connected to the Internet.

In other hand, firewall is a set of combined programs, located at a network gateway server that protects the resources of a private network from users from other networks.

All data entering or leaving the Intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria. Firewalls that are more sophisticated block traffic from the outside to the inside, but allow users on the inside to communicate a little more freely with the outside.

Mainly, firewalls work closely with a router program. Firewall observes each network packet to determine whether to forward it toward its goal. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often install in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources.

There is a number of firewall monitoring methods. An easy one is to monitor requests to make sure that they come from acceptable (previously identified) domain name and Internet Protocol addresses. Firewall allows remote access in to the private network by the use of secure logon procedures and authentication certificates for mobile users.

Varies of companies make firewall products. Including logging and reporting Features, automatic alarms at given thresholds of attack, and a GUI (graphical user interface) for controlling the firewall. Logging and auditing function provide by firewall; often they provide summaries to the administrator about what type/volume of traffic have been processes through it.

A term called firefighting, firewall concept borrow from this term. Computer security borrows this term from firefighting, where it originated. In firefighting, a firewall is an obstacle set up to prevent the spread of fire.


Kerberos is a network authentication protocol. Kerberos designed to provide strong authentication in favor of client/server applications by using secret-key cryptography. Kerberos is available like other commercial products as well. Most of the protocols used in the Internet do not make available or provide any security. Dedicated authentication servers used by Kerberos, which can hosted on machines. Like other network services it physically different. A secret key processed by Kerberos for every client and server in a network. Kerberos is Private Key system, DES is its most vital cryptosystem.

When log in by user, the user name passed by the client to the Kerberos server, Kerberos server identify user and provide requested service. The authentication server constructs a ticket, which contains a randomly generated session key, encrypted with the fileserver's secret key, and sends it to the client as part of its documentations, which includes the session key encrypted with the client's secret key. If the client or user typed the right password, then the client can decrypt the session key; present the ticket to the fileserver, and use the shared secret session key to communicate between them. Tickets are time stamped, and typically have an expiration time on the order a few hours.


Technology, which appropriate for us:-

By investing all of feature we are decide to use two technologies. Below brief describe of them-

user authentication


User authentication:-we decide to use this service for reason below-

Users are able to access resource after identified.

No cost or Less costly

Secure when integrated with ssl.

SSL: - We decide to use secure socket layer for reason below.

Most secure environment.

Low maintains fee $100 us per year.

World Leading Corporation maintains the sites.

If any problem occurred, the corporations bear all responsibilities.