Full width home advertisement

Welcome Home

Post Page Advertisement [Top]

The Internet, Security and Technicality

As a quite low-cost public data network, the Internet remains the network of choice for e-business. Companies are concerned about protecting their assets and information, and ensuring safety and the integrity of e-business transactions.

An attack on the internet could either be passive or aggressive. Passive is when the hacker enters the system without physically interfering with any program or data and Aggressive is when the data or program is altered in some ways after the attacker gains access.

This involves the unauthorized transfer or movement of funds, alterations or deletion of records, or the most common which is the introduction of a virus or spyware to monitor system activities. The Internet with all its obvious benefits has major sore point, which is “security”.

Security includes authenticating business transaction, controlling access to resources and copying such as web pages for registered or selected users, encrypting communications and effectiveness of transactions.

The model law developed by the United Nation Commission International Trade Law, establishes rules and norms that authenticate and identify contracts transacted through electronic means, set standards governing electronic contract performance and provides for the acceptability of electronic signatures for legal and commercial purposes.

Security concerns into three categories:

1. Sniffing

2. Spoofing

3. Hacking

Sniffing is the interception and reading of electronic message as they travel over the communication networks.

To protect against sniffing messages must be encrypted before being sent over the Internet. The two classes of encryption methods in use today are the secret key encryption and the public key encryption. The most common secret key method is the Data Encryption Standard (DES) developed by IBM, the National Security Agency, and the National Bureau of Standards. Using this method, the sender and receiver of the message use the same key to code and decode a message. The level of security is a function of the size of the key. DES is widely used and available in many software applications.

Spoofing is the assumption of a false identity and the execution of fraudulent transactions.

To protect against spoofing, firms need a way to authenticate the identity of an individual. This verification requires a form of digital ID. The most common form of digital signature uses the RSA encryption method. Because the private key is known only to one person and a message encrypted with that key can only be decode with the matching public key, the private key provides a way of verifying that the message came from a certain individual.

Hacking in the unauthorized access to a host computer. This access may be a direct intrusion or via a computer virus or Trojan horse.

To protect against hacking, a firm must install a firewall.
A firewall is a device placed between the company’s network and the internet that monitors and controls all data traffic entering and leaving the company’s network. 

Firewalls can take many forms, from routers, which packets, to hardened host computers, to software applications. Hardened firewall host are stripped down computers especially designed for security; they provide the highest level of security.

No comments:

Post a Comment

Bottom Ad [Post Page]