Tilen Tomakić (2017) Angular and SPA - secure data exchange between users. EngD thesis.
Abstract
Web application users have no other option than to trust backend services of cloud data storage that they will protect their data. In practice, it is actually impossible to protect them from web attacks. This thesis presents the possibility of encrypting data within a web application. The proposed solution shifts responsibility of protecting data from the backend to the client side. This ensures both, the security and the integrity of the data, even if the attacker has access to the backend service. Attackers cannot decrypt or modify data because the key is not available to the backend system. Beside the protection, this solution also offers secure data exchange among users specified as a process of storage and exchange of keys. In the end, the implementation of KalPass web application presents data protection and exchange by using SPA technology and Angular framework.
Actions (login required)