Client-Side Web Crypto

Introduction

In today’s data-driven world, stringent privacy regulations like GDPR necessitate robust security measures. This course delves into the “Untrusted Server” model, a powerful cryptography-based solution gaining traction for its ability to significantly mitigate data breaches. By ensuring the server never accesses customer data in plaintext, this model minimizes the impact of even successful attacks.

Course Objectives

  • Gain a thorough understanding of the “Untrusted Server” security model, its strengths, and limitations.
  • Master proper security-oriented development procedures for web applications.
  • Identify and address practical security concerns through threat modeling, host hardening, proxying, and more.

Course Structure

  • Theoretical Foundation:
    • Introduction to the “Untrusted Server” model
    • Case study introduction
  • Hands-on Workshops:
    • Workshop #1: Implementing client-side cryptography
    • Workshop #2: Deployment behind a reverse-proxy
    • Workshop #3: Implementing security mechanisms
  • Optional Exercise:
    • Adding additional features to the secure file sharing service
  • Future Concerns Discussion:
    • Addressing evolving security threats and best practices

Ideal for

  • Senior full-stack developers
  • DevOps professionals
  • System administrators with strong programming skills

Prerequisites

Required background –

  • Strong understanding of web development and JavaScript
  • Basic Node.js knowledge
  • Basic Linux knowledge

Participants should bring a laptop/notebook with –

  • 64-bit OS and virtualization enabled (VT-x)
  • VirtualBox installed

Certification

Upon successful completion, attendees will receive a certificate from ESI CEE.

Enroll today and empower yourself to build secure and resilient systems!

Request custom date here.

Skip to content