Nowadays, almost every business is managed and developed with the help of the internet, i.e., by using web applications. Cybercrimes have increased over time and web application hacking has become very common. This is the reason why a lot of effort is put into ensuring the security of these web applications.
Encryption of communication is an obvious security mechanism, as it protects its confidentiality when in transit. This article assumes you know the basics and the terminology for:
● Asymmetric encryption
● Symmetric encryption
● Web communication
For web applications, secure communication happens when every message is encrypted, which we call HTTPS. Figure 1 gives the schematic representation of how this happens between the server and the client.
It is clear from Figure 1 that secure communication is done by encrypting the communication using a symmetric key [KSymm]. To exchange the symmetric key between end points, asymmetric key encryption is used [KPub and KPriv]. This scheme is less likely to break, as only the server has a private key with it.
Figure 1: Basics of communication between a web application and the browser
What if a private key is compromised?
Esta historia es de la edición September 2022 de Open Source For You.
Comience su prueba gratuita de Magzter GOLD de 7 días para acceder a miles de historias premium seleccionadas y a más de 9,000 revistas y periódicos.
Ya eres suscriptor ? Conectar
Esta historia es de la edición September 2022 de Open Source For You.
Comience su prueba gratuita de Magzter GOLD de 7 días para acceder a miles de historias premium seleccionadas y a más de 9,000 revistas y periódicos.
Ya eres suscriptor? Conectar
Red Hat unveils Red Hat OpenShift Virtualization Engine
Red Hat OpenShift Virtualization Engine is a new edition of Red Hat OpenShift that offers a dedicated solution for organisations to leverage the virtualisation capabilities already available within Red Hat OpenShift.
Spring AI: A Door to GenAI Heaven for Java Developers
Let's explore the Spring AI framework and its advantages, and look at how it is helping Java developers adopt AI.
Significant security vulnerabilities drive the release of Rsync 3.4
Rsync, the widely used utility for incremental file transfers and synchronisation, has released version 3.4. This update isn't packed with exciting new features but is instead critical due to several newly disclosed security vulnerabilities.
NVIDIA puts Grace Blackwell at every AI developer's fingertips
NVIDIA has introduced NVIDIA Project DIGITS, a groundbreaking personal AI supercomputer designed to empower AI researchers, data scientists, and students NVIDIA® NVIDIA GRACE BLACKWELL with the immense capabilities of the NVIDIA Grace Blackwell platform.
Top Tools for DevOps, Cybersecurity, and Cloud Management in 2025
In 2025, organisations will continue to rely on open source tools to retain a competitive edge. We look at why the best tools for DevOps, cybersecurity and cloud management will remain relevant and how best to integrate them into your organisation.
CREW: Open source platform to improve human-AI interaction
As human-AI collaboration deepens, critical questions arise: How should humans and AI complement one another? What kind of feedback enhances AI training? How can trust in AI be optimised to balance collaboration without over-reliance? Researchers at Duke University are addressing these challenges through CREW-an innovative platform designed to advance human-AI teaming.
Red Hat completes the acquisition of Neural Magic
Red Hat, Inc., has announced the completion of its acquisition of Neural Magic, a trailblazer in software and algorithms that accelerate generative AI (GenAI) inference workloads.
The Do's and Don'ts for Software Architects
Here's a list of best practices for software architects as well as the common mistakes they should try not to fall prey to.
openSUSE's Tumbleweed introduces Wayland support for the LXQt desktop environment
The openSUSE Project has announced that its Tumbleweed rolling release distribution now includes Wayland support for users of the LXQt desktop environment.
A Guide for Software Architects: Common Mistakes and Best Practices
Software architects play an invaluable role in the digital transformation of an organisation. To make a mark, they must imbibe certain qualities and avoid common errors.
