Cyberscecurity – Introduction

How did we get here?

The Information Age changed the way we work. We are not longer tied to a desk, nor tied to a building, we are interconnected as many of us commute and participate virtually in work. This new approach is happening online and the networks are the center of the technology that’s driving the Information Age.

Starting with mainframes in the 60’s, switching to sneakernet in the 80’s, a lot of vulnerabilities were introduced to the networks and to the computer systems.. Cybersecurity doesn’t mean only physical security. We have moved in a thing called cyberspace where everything is changed (the way we think, the way we do business, the way we interface with reality).

Threat spectrum

Historically, the mischief online started locally, as a challenge, as a trill, by people looking to gain prestige. Quickly, the organized crime began to find access to the internet and put some serious efforts to compromise people’s finance and steal money. Then, terrorism and nation-states began to get involved in online activities.

Currently, the cybersecurity can be imagined as a construction work with hidden surprises.

ASP.NET Core Authorization

Authentication – when you ask someone who they are and you get its identity.

Authorization – decide what identity is able to do.

You can authenticate but you don’t have to authorize.

You can authorize without having any authentication.

Two main HTTP codes in web security:

401 – Unauthorized – You are not authenticated

403 – Forbidden – You are authenticated but you don’t have access

ASP.NET Authorization workshop