Artificial Intelligence an Essential Expected Computer World Surveillance

A position paper toward an important and urgent discussion on how best uses the potential of Artificial Intelligence in the context of Computer World surveillance. AI is often cited in papers on Computer World surveillance. But what is meant is using pre-existing AI techniques in Computer World surveillance. AI techniques are established around applications. Computer World surveillance has never been an area of deliberation in AI. In this paper we argue that Computer World surveillance calls for new and specific AI techniques developed with that kind of application in mind. In practice, this paper is based on a broad overview of different slants, which have the budding to be game changers in Computer World surveillance. This paper focuses on web solicitation security and supporters the use of Knowledge Based Systems, probabilistic reasoning and Bayesian apprising to control the probability of false positives and false denials

Analysing the Security of Google's implementation of OpenID Connect

Many millions of users routinely use their Google accounts to log in to relying party (RP) websites supporting the Google OpenID Connect service. OpenID Connect, a newly standardised single-sign-on protocol, builds an identity layer on top of the OAuth 2.0 protocol, which has itself been widely adopted to support identity management services. It adds identity management functionality to the OAuth 2.0 system and allows an RP to obtain assurances regarding the authenticity of an end user. A number of authors have analysed the security of the OAuth 2.0 protocol, but whether OpenID Connect is secure in practice remains an open question. We report on a large-scale practical study of Google's implementation of OpenID Connect, involving forensic examination of 103 RP websites which support its use for sign-in. Our study reveals serious vulnerabilities of a number of types, all of which allow an attacker to log in to an RP website as a victim user. Further examination suggests that these vulnerabilities are caused by a combination of Google's design of its OpenID Connect service and RP developers making design decisions which sacrifice security for simplicity of implementation. We also give practical recommendations for both RPs and OPs to help improve the security of real world OpenID Connect systems

Enhancement of Web Security Against External Attack

The security of web-based services is currently playing a vital role for the software industry. In recent years, many technologies and standards have emerged in order to handle the security issues related to web services. This paper shows techniques to enhance the security of web services, and some of the recent challenges and recommendations of a proposed model to secure web services. It shows the security process of a real life web application, which includes; HTML5 forms, login security, and a single signon solution. This paper also aim to discuss the ten (10) most common web security vulnerabilities and how to prevent the web application from three (3) of the vulnerabilities. Amongst them are; SQL Injection, Cross Site Scripting and Broken Authentication, and Session Management

Web Server Security and Survey on Web Application Security

A web server is a computer host configured and connected to Internet, for serving the web pages on request. Information on the public web server is accessed by anyone and anywhere on the Internet. Since web servers are open to public access they can be subjected to attempts by hackers to compromise the servers security. Hackers can deface websites and steal data valuable data from systems. This can translate into significant loss of revenue if it is a financial institution or e-commerce site. In the case of corporate or government systems, loss of important data means launch of information espionages or information warfare on their sites. Apart from data loss or theft, web defacement can also result in significant damage to the image of company [1]. The fact that an attacker can strike remotely makes a Web server an appealing target. Understanding threats to Web server and being able to identify appropriate countermeasures permits to anticipate many attacks and thwart the ever-growing numbers of attackers [3]. This work begins by reviewing the most common threats that affect Web servers. It then uses this perspective to find certain countermeasures. A key concept of this work focuses on the survey of most prevailing attacks that occurs due to certain vulnerabilities present in the web technology or programming which are exploited by attackers and also presents general countermeasures. In addition, various methods to detect and prevent those attacks are discussed and highlighted the summary and comparative analysis of the approaches on the basis of different attacks that shows you how to improve Web servers security