Author name: Pavan Gumaste

Pavan Rao is a programmer / Developer by Profession and Cloud Computing Professional by choice with in-depth knowledge in AWS, Azure, Google Cloud Platform. He helps the organisation figure out what to build, ensure successful delivery, and incorporate user learning to improve the strategy and product further.

Godless’ Android malware

‘Security’ aspects touch all our lives in some way or the other. We would have been victims of security hack at one time or other. Phishing emails, fake social media profiles, credit card fraud – some of these events may touch us in one way or the other. It is a good idea to prevent against these attacks by being up-to-date on the current Infosec incidents and knowing the ways to avoid them. With that thought in mind, we will discuss the ‘Godless’ malware in today’s post. Android devices: With mobile phone and device usage reaching unprecedented levels, it is …

Godless’ Android malware Read More »

Cryptography

‘Cryptography’ is the ability to hide messages from intermediate persons and ensure effective and secure communication between different parties. ‘Cryptography’s’ origins can be traced back to 2000 B.C. Egypt (when hieroglyphics were used) and to the time of Julius Caesar where alphabets were shifted to encrypt a message. We also see various instances of cryptography in movies such as ‘The Da Vinci code’, ‘The Imitation game’, ‘Pi’, ‘Enigma’ among others. We will see the two different types of encryption – symmetric and asymmetric algorithms and primarily focus our discussion on the symmetric algorithm. Introduction: The key terms that are associated …

Cryptography Read More »

Web application Security – II

We have already seen a few basics of web application security in Java in an earlier post. We will continue this post by extending the same discussion. We will discuss the two remaining authentication mechanisms followed by authorization. CLIENT-CERT AUTHENTICATION: The CLIENT_CERT authentication method is yet another way of authenticating the user. Compared to the BASIC and FORM based authentication, this is the most secure form of authentication.  Here the server authenticates the user by checking their public key certificate. The public key certificate is generated by an issuing authority such as the ‘certificate authority’ (CA) The CLIENT-CERT authentication uses …

Web application Security – II Read More »

Two Factor Authentication

We have already read about ‘authentication’ and its role in security domains and software technologies.  Defining authentication yet again, ‘Authentication’ is specifying who you are to access protected resources. We will elaborate this concept to discuss 2FA or ‘Two factor authentication’ in this blog post. Why 2FA? Before we see what is meant by 2FA, let us see the reasons behind implementing 2FA. Data breaches are not new but the magnanimity of the breaches is growing each year. In 2014 alone, more than 1 billion personal records were accessed illegally. (zdnet.com)The ‘Anthem’ data breach, the IRS data breach are the …

Two Factor Authentication Read More »

Web Application Security

Securing web applications in Java involves the very same core security concepts that are known to every InfoSec professional. These concepts and understanding the different authentication mechanisms for the ‘Web component developer’ exam forms the basis of this post. This post assumes knowledge of servlets, deployment descriptors and the servlet life cycle. The four security mechanisms: There are four basic security mechanisms that come into play when securing web applications. They are authentication, authorization, confidentiality and data integrity. Authentication is verifying who you really are. Specifying a name and password is one form of enforcing authentication. Authorization is giving individuals …

Web Application Security Read More »

Data privacy in the age of the Apple vs FBI debate

With most of the technology world glued to the outcome of the tussle between Apple and FBI, “data privacy” again takes center stage in the age of social media. For almost a month now, the Apple vs FBI debate has kept us all guessing and taking sides on what is right and what is wrong. Our mobile world:               Smart phones, tablets and other mobile devices continue to grow in popularity and we store abundant amount of personal information in it. Chats, pictures, personal data, health data are all examples of some personal information stored on mobile devices. Seizing any …

Data privacy in the age of the Apple vs FBI debate Read More »

Dimensional modeling

After having seen a few blog posts on security topics, we will turn our attention to ‘Data warehousing concepts’ and more specifically the modeling techniques in this post. This post assumes knowledge of basic databases like tables and fields. We have already seen the meaning of a Data warehouse, the reasons for creating a data warehouse and the components of a Data warehouse in earlier posts. Kimball approach to designing Data warehouses: Ralph Kimball preferred the bottom-up approach to designing data warehouses. Since the data warehouse is considered to be the union of all its data marts in the Kimball …

Dimensional modeling Read More »

Whatsapp Security

The evolution of different technological tools to enhance communication is growing at a mind boggling pace. With the advent of the Internet in mid 90’s – we have seen messengers like Yahoo messenger, Windows Messenger and then we moved onto Google Talk, Skype, Viber and a number of social media tools like Facebook, Twitter, LinkedIn finally now we have ‘Whatsapp’.  All these and more have been born more on the necessity to communicate more effectively and in real time. The popularity of Whatsapp followed by its security limitations forms the basis of this post. Why is Whatsapp’s Popularity increasing? : …

Whatsapp Security Read More »

Tech Skills for 2016

With the New Year under way most of us feel the need to rejuvenate ourselves with new skills in the tech industry. New aspirations, new career choices and the need to step up our career, motivates most of us. The skills that will likely to shape our career this year, is explored in this post. Programming languages like Java,C, C++, Python The concept of programming was a new one in the 90s, but not so now. It is more natural and normal for young teenagers to be in tune with the different programming languages and their importance. ‘Hackathons’ are organized …

Tech Skills for 2016 Read More »

You Too Can Become A Web Designer- Learn How

People say a lot of things about web design. The most interesting thing is that very few people understand the dynamics of this art and the fact that it can be done by just about anyone. You do not have to be an engineer with expertise in software development in order to do web design. Anyone can do website design. All that you need is a clear understanding of the basics of web design. Within a surprisingly short time you will be on the way to creating your first website without having to pay a fortune in the process. Getting …

You Too Can Become A Web Designer- Learn How Read More »

Scroll to Top