News of the Kabardino-Balkarian Scientific Center of the Russian Academy of Sciences, 2024 Volume 26, Issue 1,Pages 39–47(Mi izkab756)
Computer science and information processes
Development of an approach to ensuring information security
in web-based information systems when transferring data using the
Web Cryptography API interface
Abstract:
The aim of the research is to formulate general principles for ensuring information
security in web-oriented information systems. The paper describes the main concepts of the Web
Cryptography API interface, as well as presents practical aspects of using cryptographic methods to
ensure data security in web-oriented information systems. The proposed approach, based on the
introduction of a secure system for generating and storing users private keys through the use of the
asynchronous ECDSA encryption algorithm via the Web Cryptography API interface, combined with
encrypting private keys with passphrases and additional user authentication, allows a high level of
protection of private keys from unauthorized access.