***Welcome to ashrafedu.blogspot.com * * * This website is maintained by ASHRAF***

Posts

    Latest Updates

    Sunday, March 19, 2023

    HTTP Vs HTTPS

    HTTP offers set of rules and standards which govern how any information can be transmitted on the World Wide Web.

    HTTP provides standard rules for web browsers & servers to communicate.

    HTTP is an application layer network protocol which is built on top of TCP.

    HTTP uses Hypertext structured text which establishes the logical link between nodes containing text. It is also known as “stateless protocol” as each command is executed separately, without using reference of previous run command.

    HTTPS stands for Hyper Text Transfer Protocol Secure. It is highly advanced and secure version of HTTP.

    HTTPS allows the secure transactions by encrypting the entire communication with SSL. It is a combination of SSL/TLS protocol and HTTP. It provides encrypted and secure identification of a network server.

    Difference between HTTP and HTTPS are:


    HTTP

    HTTPS

    Protocol

    It is hypertext transfer protocol.

    It is hypertext transfer protocol with secure.

    Security

    It is less secure as the data can be vulnerable to hackers.

    It is designed to prevent hackers from accessing critical information. It is secure against such attacks.

    Port

    It uses port 80 by default

    It was use port 443 by default.

    Starts with

    HTTP URLs begin with http://

    HTTPs URLs begin with https://

    Used for

    It’s a good fit for websites designed for information consumption like blogs.

    If the website needs to collect the private information such as credit card number, then it is a more secure protocol.

    Scrambling

    HTTP does not scramble the data to be transmitted. That’s why there is a higher chance that transmitted information is available to hackers.

    HTTPS scrambles the data before transmission. At the receiver end, it descrambles to recover the original data. Therefore, the transmitted information is secure which can’t be hacked.

    Protocol

    It operates at TCP/IP level.

    HTTPS does not have any separate protocol. It operates using HTTP but uses encrypted TLS/SSL connection.

    Domain Name Validation

    HTTP website do not need SSL(Secure Socket Layer).

    HTTPS requires SSL certificate.

    Data encryption

    HTTP website doesn’t use encryption.

    HTTPS websites use data encryption.

    Search Ranking

    HTTP does not improve search rankings.

    HTTPS helps to improve search ranking.

    Speed

    Fast

    Slower than HTTP

    Vulnerability

    Vulnerable to hackers

    It Is highly secure as the data is encrypted before it is seen across a network.

     

    Friday, March 3, 2023

    International Convention on Cyber Space

    International Convention on Cyber Space

    A convergence of information and communication technologies(ICT’s) together with various governance policies, Have created cyber space.

    The need to create a universal and transparent global framework to ensure the effective security and utilization of cyberspace has become important.

    The four stakeholders – governments, businesses, academia and civil society of UNGA(General Assembly of United Nations) play a critical role in identifying the strengths and vulnerabilities of Cyber space.

    Governments have primary responsibility for cyberspace policies, including cyber security, and the application of cyber technologies for national governance objectives.

    The International Convention on Cyber Space (ICCS) is a global framework that aims to promote the safe and secure use of cyberspace. It was first proposed in 2011 by the Dutch government and subsequently adopted at the 2015 Global Conference on Cyber Space held in The Hague, Netherlands.

    The ICCS recognizes that cyberspace has become an integral part of our daily lives, and that it poses significant security risks that require international cooperation and coordination. The convention provides a framework for states to work together to address a range of issues, including cybercrime, cyber terrorism, cyber espionage, and the protection of critical infrastructure.

    One of the key principles of the ICCS is the idea that all states have the right to use cyberspace for peaceful purposes. The convention also recognizes the importance of protecting human rights and fundamental freedoms in cyberspace, and of promoting the development of a secure and resilient digital ecosystem.

    The ICCS is a voluntary agreement, and as of 2021, has been signed by over 30 countries, including the United States, Russia, China, and most European nations. However, the effectiveness of the convention has been questioned by some experts, who argue that it lacks teeth and fails to address some of the most pressing issues in cyberspace, such as the use of cyber weapons by states.

    Overall, the ICCS is an important step towards establishing a global framework for cyberspace governance, and highlights the need for international cooperation and collaboration in addressing the challenges posed by the digital age.

    OEWG stands for the Open-Ended Working Group on developments in the field of information and telecommunications in the context of international security. It was established by the United Nations General Assembly in 2018 with the goal of exploring and addressing the security challenges and opportunities presented by emerging technologies, particularly in the field of cyberspace.

    The OEWG is open to all UN member states and other interested stakeholders, including civil society organizations, industry groups, and academic institutions. Its meetings provide a forum for participants to share their views and experiences on the challenges and opportunities presented by developments in the field of information and telecommunications, and to develop recommendations for the UN General Assembly on how best to address these issues.

    The OEWG operates under the guidance of the UN Office for Disarmament Affairs (UNODA), and its work is complementary to other international efforts to promote cybersecurity and cyber resilience, such as the Group of Governmental Experts (GGE) on Developments in the Field of Information and Telecommunications in the Context of International Security.

    The OEWG's mandate was extended in 2020 for another three years, and it continues to play an important role in promoting international cooperation and dialogue on issues related to information security and cyberspace governance.

     

     

    Network session analysis

    Network session analysis Network session analysis is a method of monitoring network activity and availability to identify issues, such as ...