[RUBY] Summary of information security

Information security

Information security refers to the security of web services. Ideally, it should improve the convenience of authorized users while preventing information leakage and unauthorized access.

It is the mission of the WEB service to maintain the following three.

Confidentiality -Prevent unauthorized persons from viewing or using information assets
Integrity -Prevent unauthorized persons from erasing or rewriting information
Availability -Make the service available to authorized persons (users) at any time

Defects and problems that threaten security in all are called vulnerabilities </ strong>. Also, vulnerabilities </ strong> are created by under-checking and bugs by developers.

Specific examples of vulnerabilities </ strong> are as follows -Personal information can be viewed without permission (infringement of confidentiality) -The content of the WEB page is tampered with (infringement of integrity) -Web page cannot be used (availability infringement)

It is necessary to take proper measures against vulnerabilities </ strong> because it causes damages such as financial compensation to users, loss of trust of developers, and loss of opportunities.

Recommended Posts
Summary of information security

Information security

Summary of OpenJDK sources

Summary of jar files

Summary of using FragmentArgs

Summary of using DBFlow

Summary of Java support 2018

Summary of FileInputStream and BufferedInputStream

[Java11] Stream Summary -Advantages of Stream-

Summary of using Butter Knife

[Java] Summary of regular expressions

[Java] Summary of operators (operator)

Summary of "abstract interface differences"

Summary of Java language basics

[Java] Summary of for statements

Summary of Java Math class

Summary of basic functions of ImageJ

Summary of 2020 programming learning output

[Java] Summary of control syntax

Summary of java error processing

[Java] Summary of design patterns

[Java] Summary of mathematical operations

[Rails Struggle/Rails Tutorial] Summary of Rails Tutorial Chapter 2

Summary of rails validation (for myself)

Spring Framework 5.0 Summary of major changes

[For beginners] Summary of java constructor

[Rails] Summary of complicated routing configurations

Summary of devise controller initial state

Summary

Summary of frequently used Docker commands

Acquisition of location information using FusedLocationProviderClient

Summary of object-oriented programming using Java

Summary about the introduction of Device

A brief summary of DI and DI containers

[Java Silver] Summary of access modifier points

Summary of in-house newcomer study session [Java]

Acquisition of article information in ruby scraping

Summary of stumbling blocks related to form_with

[2020 edition] Summary of introductory articles on Struts2

Directory information of DEFAULT_CERT_FILE in Mac ruby 2.0.0

[java] Summary of how to handle char

Summary of changes other than JEP of Java10

Summary of Docker understanding by beginners ② ~ docker-compose ~

[Rails Struggle/Rails Tutorial] Summary of Heroku commands

[Java] Personal summary of conditional statements (basic)

Summary of root classes in various languages

Summary of going to JJUG CCC 2019 Spring

[Java] [Maven3] Summary of how to use Maven3

Summary of CR, LF, CRL of open method

Java Summary of frequently searched type conversions

Summary of Java Math.random and import (Calendar)