Client-Side Web Cryptography, 1-day cybersecurity course

The Cyber Resilience Lab (CyResLab) of the European Software Institute - Center Eastern Europe

The purpose of this course is to introduce the “Untrusted Server” security model, its strengths and limitations, as well as proper security-oriented development procedures and to demonstrate practical security concerns in the process, e.g. threat modelling, host hardening, proxying, etc.

Activity website: https://cyreslab.org/index.php/event/Client-side-Web-Crypto-22-Nov-2019

Add Event to Calendar: vCal | iCal

Time & Place

22 Nov 2019 from 09:30 to 18:00
111, Tsarigradsko Shosse Blvd. Laboratory Building, 1st floor, София Bulgaria

Target Audience

Senior full-stack developers, DevOps professionals, System administrators with serious programming knowledge

Description

With the introduction of wide-ranging and impactful legislation and requirements for privacy and data security (like GDPR), a radical, yet powerful cryptography-based solution is gaining traction and relevance. The “Untrusted Server” model assumes the Web application backend will never have access to customers’ data in plaintext, thereby negating almost all impact of data breaches – as the server is unable decrypt users’ data, so is the attacker.

The purpose of this course is to introduce the “Untrusted Server” security model, its strengths and limitations, as well as proper security-oriented development procedures and to demonstrate practical security concerns in the process, e.g. threat modelling, host hardening, proxying, etc.

During the training, participants will start from a skeleton project and complete a fully-functional secure file sharing service in Node.js and will incrementally deploy different security mechanisms and protections.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information