Information Security Basics

One of the first steps toward being a great web developer is understanding the fundamental principles of information security. Understanding security basics helps you understand the role and importance of security throughout the development lifecycle. This will help you avoid unnecessarily unsecured software, allowing attackers to exploit weaknesses for financial gain or other malicious purposes. Protect yourself and your users from these sorts of problems by gaining practical knowledge of security basics.

The Basic Concepts

These articles are currently being developed. They are intended for anyone to read, regardless of what security knowledge they may have. The articles should be read in sequence, because the articles farther down the list are dependent on concepts presented in earlier articles.

1. Confidentiality, Integrity, and Availability
Describes the primary security objectives, which are absolutely fundamental to understanding security
2. Vulnerabilities
Defines the major categories of vulnerabilities and discusses the presence of vulnerabilities in all software
3. Threats
Briefly introduces major threat concepts
4. Security Controls
Defines major categories of security controls and discusses their potential disadvantages
5. Risk
Introduces the basic concepts behind cyber risk
6. Encryption and Decryption
Explains the fundamentals of the most common types of encryption and decryption
7. Digital Signatures
Provides a brief introduction to digital signatures
8. TCP/IP Security
An overview of the TCP/IP model, with a focus on the security considerations for SSL

Applying Basic Concepts

Before reading articles in this section, you should have already read the basic concepts articles or have the equivalent security knowledge.

Introduction to SSL
This article is being rewritten.
SSL and TLS
This article provides a brief introduction to SSL and TLS, and their key exchange algorithms, RSA and ECC.
Introduction to Public-Key Cryptography
This article is being modularized.

For More Information

More advanced articles on web security are available throughout MDN:

Browser security

Web security

Securing your site

Firefox Security Basics for Developers

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top