| |
| Seminar: |
Fundamentals of WWW Security |
| Lecturer(s): |
Lincoln Stein |
| Overview: |
The Mercury Project was created to extend the boundaries of pervasive access to information and wireless communication. The results of the project will facilitate the access to all personal data, of any type, from anywhere, any time, securely. The Mercury Project is creating both hardware --- the BackPAQ expansion pack, which is a platform for handheld research --- and software --- consisting of networking technology, middleware, and applications.
The Mercury BackPAQ is a research prototype enabling experimentation not currently possible with off-the-shelf products. The Mercury Project leverages the expandability of Compaq popular iPAQ H3600 design by adding a custom-designed expansion pack called the BackPAQ. The BackPAQ consists of a low power CMOS VGA imager, two PC Card slots, 32MB of flash, an accelerometer, and a cellphone headset jack and audio codec. The combination of these features enables applications such as voice or video conferencing, and roaming across multiple physical networks.
The Mercury software is based on Linux on the iPAQ. Linux was ported to the iPAQ by Compaq as part of the Open Handhelds Project(www.handhelds.org).
In the talk, I will discuss the project, its foundations in Open Handhelds, and demonstrate some of the mobility features investigated by the project. For more information on Project Mercury, go to http://crl.research.compaq.com/projects/mercury. where semID = '31';
|
| Objectives: |
This tutorial will disentangle the jargon-laden
and over-hyped field of security on the World Wide Web. The three sections
of this tutorial will take you through the three main divisions of Web
security: client-side security, server-side security and document confidentiality.
In each section, the specific risks will be explained in realistic terms,
and you will be shown practical measures you can take to minimize them. |
| Seminar Topics: |
- Client-Side Security
- the risks of active content
- browser bugs that sting
- what webmasters can find out about you
- server log uses & abuses
- cookies
- what SSL is (and isn’t) good for
- Document Security
- server-side access control
- authentication systems
- public Key Encryption
- secure sockets layer
- Server-Side Security
- general system security
- Web server bugs that bite
- safe CGI scripting
- using firewalls effectively
- managing authors and authoring tools
|
| Lecturer(s) Biography: |
Lincoln Stein is an M.D. and Ph.D. who was
Director of Informatics at the MIT Genome Center between 1992 and 1996
and is now a research scientist at Cold Spring Harbor Laboratories. He
is author and maintainer of the World Wide Web Security FAQ (part of the
W3C security pages http://www.w3c.org/Security
) and speaks on Web Security issues for Computer Security Institute and
Web Design and Development. |
| Location: |
MIT room 34-101, Edgerton Hall |
| Date: |
Saturday, 04/10/1999 |
| Time: |
9:00 am - 4:30 pm |
| Pricing: |
Advanced Registration Price: $75.00 Good until Tuesday, 03/30/1999
Regular Price: $85.00 |
| Session Chair: |
Peter Mager |
Directions: |
|
| Books: |
| Title: | The Web Security Reference Guide |
| Author(s): | Lincoln Stein |
| Publisher: | Addison-Wesley |
| List price: | $29.95 |
| PDS price: | $20.00 |
|
|
| |
|
