What is Web/Network Security ?!?

Four Intertwined Components:

System Security (Integrity)

"nothing bad happens"

No security "holes" via software bugs

Authentication Mechanisms

"you are who you say you are"

Entities: passwords, digital signatures, smartcards
Data: signed messages, message integrity checksums

Access Control / Authorization Systems

"do you have a license for that monkey?"

Policies, protocols, object integrity
File permissions, access control lists, digital credentials

Privacy Technologies

"for your eyes only"

Encrypted channels/messages, dedicated links