Please note, this is a STATIC archive of website developer.mozilla.org from 03 Nov 2016, cach3.com does not collect or store any user information, there is no "phishing" involved.

Revision 775107 of Information Security Basics

  • Revision slug: Learn/tutorial/Information_Security_Basics
  • Revision title: Information Security Basics
  • Revision id: 775107
  • Created:
  • Creator: kscarfone
  • Is current revision? No
  • Comment Numbered articles
Tags: 

Revision Content

{{draft}}

One of the first steps toward being a great web developer is understanding the fundamental principles of information security. Understanding security basics helps you understand the role and importance of security throughout the development lifecycle. This will help you avoid unnecessarily unsecured software, allowing attackers to exploit weaknesses for financial gain or other malicious purposes. Protect yourself and your users from these sorts of problems by gaining practical knowledge of security basics.

The Basic Concepts

These articles are currently being developed. They are intended for anyone to read, regardless of what security knowledge they may have. The articles should be read in sequence, because the articles farther down the list are dependent on concepts presented in earlier articles.

1. Confidentiality, Integrity, and Availability
Describes the primary security objectives, which are absolutely fundamental to understanding security
2. Vulnerabilities
Defines the major categories of vulnerabilities and discusses the presence of vulnerabilities in all software
3. Threats
Briefly introduces major threat concepts
4. Security Controls
Defines major categories of security controls and discusses their potential disadvantages
5. Risk
Introduces the basic concepts behind cyber risk
6. Encryption and Decryption
Explains the fundamentals of the most common types of encryption and decryption
7. Digital Signatures
Provides a brief introduction to digital signatures
8. TCP/IP Security
An overview of the TCP/IP model, with a focus on the security considerations for SSL

Applying Basic Concepts

Before reading articles in this section, you should have already read the basic concepts articles or have the equivalent security knowledge.

Introduction to SSL
This article is being rewritten.
SSL and TLS
This article provides a brief introduction to SSL and TLS, and their key exchange algorithms, RSA and ECC.
Introduction to Public-Key Cryptography
This article is being modularized.

For More Information

More advanced articles on web security are available throughout MDN:

Browser security

Web security

Securing your site

Firefox Security Basics for Developers

Revision Source

 
<p>{{draft}}</p>

<p>One of the first steps toward being a great web developer is understanding the fundamental principles of information security. Understanding security basics helps you understand the role and importance of security throughout the development lifecycle. This will help you avoid unnecessarily unsecured software, allowing attackers to exploit weaknesses for financial gain or other malicious purposes. Protect yourself and your users from these sorts of problems by gaining practical knowledge of security basics.</p>

<h2 id="The_Basic_Concepts">The Basic Concepts</h2>

<p>These articles are currently being developed. They are intended for anyone to read, regardless of what security knowledge they may have. The articles should be read in sequence, because the articles farther down the list are dependent on concepts presented in earlier articles.</p>

<dl>
 <dt><a href="/en-US/Learn/Confidentiality,_Integrity,_and_Availability">1. Confidentiality, Integrity, and Availability</a></dt>
 <dd>Describes the primary security objectives, which are absolutely fundamental to understanding security</dd>
 <dt><a href="/en-US/Learn/Vulnerabilities">2. Vulnerabilities</a></dt>
 <dd>Defines the major categories of vulnerabilities and discusses the presence of vulnerabilities in all software</dd>
 <dt><a href="/en-US/Learn/Threats">3. Threats</a></dt>
 <dd>Briefly introduces major threat concepts</dd>
 <dt><a href="/en-US/Learn/Security_Controls">4. Security Controls</a></dt>
 <dd>Defines major categories of security controls and discusses their potential disadvantages</dd>
 <dt><a href="/en-US/docs/Learn/Risk">5. Risk</a></dt>
 <dd>Introduces the basic concepts behind cyber risk</dd>
 <dt><a href="/en-US/docs/Encryption_and_Decryption">6. Encryption and Decryption</a></dt>
 <dd>Explains the fundamentals of the most common types of encryption and decryption</dd>
 <dt><a href="/en-US/docs/Digital_Signatures">7. Digital Signatures</a></dt>
 <dd>Provides a brief introduction to digital signatures</dd>
 <dt><a href="/en-US/Learn/TCP_IP_Security">8. TCP/IP Security</a></dt>
 <dd>An overview of the TCP/IP model, with a focus on the security considerations for SSL</dd>
</dl>

<h2 id="Applying_Basic_Concepts">Applying Basic Concepts</h2>

<p>Before reading articles in this section, you should have already read the basic concepts articles or have the equivalent security knowledge.</p>

<dl>
 <dt><a href="/en-US/docs/Introduction_to_SSL">Introduction to SSL</a></dt>
 <dd>This article is being rewritten.</dd>
 <dt><a href="/en-US/Learn/SSL_and_TLS">SSL and TLS</a></dt>
 <dd>This article provides a brief introduction to SSL and TLS, and their key exchange algorithms, RSA and ECC.</dd>
 <dt><a href="/en-US/docs/Introduction_to_Public-Key_Cryptography">Introduction to Public-Key Cryptography</a></dt>
 <dd>This article is being modularized.</dd>
</dl>

<h2 id="For_More_Information">For More Information</h2>

<p>More advanced articles on web security are available throughout MDN:</p>

<p><a href="/en-US/docs/Mozilla/Security">Browser security</a></p>

<p><a href="/en-US/docs/Web/Security">Web security</a></p>

<p><a href="/en-US/docs/Web/Security/Securing_your_site">Securing your site</a></p>

<p><a href="/en-US/docs/Security/Firefox_Security_Basics_For_Developers">Firefox Security Basics for Developers</a></p>
Revert to this revision