ABSTRACT

The tremendous rate of use of the Internet over the last 15 years has created opportunities for information creation and sharing, but it has also created security risks for Web servers, data stores, the local area networks that host

 

Web sites, network equipment, and even innocent users of Web browsers. Web security threats are classified as passive and active. Passive threats consist of eavesdropping on network traffic between the browser and server and accessing information on a Web site that is considered to be restricted. Active threats comprise attacks of impersonation, alternation

of messages in transition between client and server, and the changing of information on a Web site.