Edit

517 Securing web applications

Web applications must be designed and developed with security in mind to protect data, enforce trust, and prevent unauthorised access.

Outline

This section explores the core security mechanisms used to protect web applications. Students investigate how encryption, certificates, and secure protocols protect data in transit and at rest. They examine the roles of authentication, authorisation, and hashing in managing access and integrity, and learn how these technologies work together to create trusted digital systems.

These concepts connect closely with the security principles explored in earlier modules and prepare students for practical implementation in both front-end and back-end contexts.

Targets

In this topic, students learn to:

  • Explain how SSL certificates and encryption protect web communication

  • Distinguish between plain text and cipher text

  • Understand the use of encryption keys and algorithms

  • Apply authentication and authorisation principles to control access

  • Describe how hashing and digital signatures ensure data integrity

Glossary

Term
Definition

Encryption

The process of converting plain text into unreadable cipher text to protect data

SSL/TLS

Security protocols that encrypt web traffic and verify server identity

Authentication

Verifying the identity of a user or system

Authorisation

Determining what actions a user or system is allowed to perform

Hash function

A one-way function that transforms data into a fixed-length value

Digital signature

A cryptographic tool that confirms data integrity and authenticity

Encryption key

A value used by an algorithm to encrypt or decrypt data

Plain text

Readable data before it is encrypted

Cipher text

Data that has been encrypted and is unreadable without the correct key

Overview

Security is a fundamental requirement of every web application. Users must be able to trust that their data is protected and that their interactions are private, verified, and safe. In this section, students explore the practical tools used to secure web applications—from cryptographic algorithms and secure connections to identity verification and access control.

Understanding these technologies is essential for developing full-stack applications that not only function well, but also protect users, data, and services from evolving threats.

Previous516 Big data and web architectureNext517.1 Encryption and certificates

Last updated

Was this helpful?