Authentication and Authorization in Modern Web Apps for Data Security Using Nodejs and Role of Dark Web.

Authentication and Authorization are the base of security for all the Technologies present in this world today. Starting from your smartphone where a user authenticates himself before he could access the data inside to Entering into the White House, you must authenticate yourself, and based on that you are authorized. In this digital world where every Business, MNC, Government Body, Companies, Users, etc. needs a website to inform the world about their presence on the internet, provide services online and become a "Brand", the risk of leaking user's sensitive information increases. It could be dangerous to the users of the hacked website because their sensitive information like a credit card, bank account details, etc. could be sold in the black market of the "dark web". The role of the dark web is described in the paper and how the data is sold there and what becomes of it. The paper helps to understand how a secure website is developed that promises the user to keep the sensitive information safe, increases the bond of trust between a client and server which results in a long-term relationship. The aim behind developing an authentication system is to keep users' sensitive information safe so that hackers cannot steal and sell the information on the dark web's back market. To perform this, the developer needs to understand how to implement authentication. NodeJS, with the help of its framework expressJS and some other packages, is used to develop the authentication and authorization system of the website by the research. Previous papers on this field covered the authentication topic in general. This paper overcame that by going deeper into the field and being server-side language specific. The common types of authentication methods used in different types of websites are discussed in detail and the best methods are purposed for the developer to be implemented for a more secure website. This research put light on Artificial Intelligence and blockchain as the future of security of big data. [ABSTRACT FROM AUTHOR]