- Issues of Privacy
Users should feel safe in using the Internet. According to the survey done
by Deloitte & Touche Consulting Group in 1997, the most common concerns about
Internet security are the issues of privacy and security in e-mails, as well
as the security of networks.
- Confidentiality of Information
Confidential and sensitive information can be stolen or altered if corporations
do not take effective measures to protect their networks from intrusions.
- Safety of Business Transactions Over the Internet
Potential customers should feel safe when using the sites for purchases,
services or pay-per-use information and entertainment. Since the Internet
is a growing distribution medium, the issue of security becomes critical in
the context of business transactions.
Browser and Server Security Holes
- Cookies
A cookie is a small text file which is transferred from the Web server to
your Web browser. It is a handle or transaction identifier, and it permits
a site to recognize you on subsequent visits. Since cookies create the user's
profile and contain the user's e-mail address, risks may be involved if cookies
are not handled properly.
- Java Applets
Java is an object-oriented programming language for creating distributed
executable applications. Bugs in Java applets and hostile Java applets may
pose threats to security, causing problems from merely shutting down the
browser to consuming all of the resources in the computer system.
- ActiveX Controls
Formally known as OLE controls or OCX controls, ActiveX controls are components
that you can insert into a web page or other application so that you can reuse
packaged functionality that someone else programmed. If ActiveX scripts are
not written properly, security risks may be involved.
- CGI Scripts
CGI Scripts may lead to accidental disclosure of confidential information,
such as passwords or registry files. The scripts that process remote user
input may also be vulnerable to attacks, in which remote users can trick them
into executing commands.
Solutions to Internet Security
(A) System Security and Integrity
- Firewalls
A firewall is a hardware and/or software gateway that buffers and
shields data passing between two networks. Firewalls help to enhance
system security by protecting against network level attacks, and has
the ability to authorize, authenticate and alert.
(B) Authentication, Authorization and Access Control
- Digital Signature
Digital signature ensures authenticity. A mathematical summary of data is
encrypted using a signing private key to create a digital signature. The
signature can be verified by any other party who has the corresponding public
key. With all these properties, a digital signature can provide a
greater level of security than a physical signature.
- Username/Password Combination
A username/password combination can be utilized to prevent unauthorized
access. A good username and password should be chosen in a way so as to
make it difficult for hackers to crack.
- Network Domain, IP Address Based Control
Individual documents or whole directories can be protected in such a way that
only browsers connecting from certain IP addresses or network domains can
access them.
(C) Privacy and Confidentiality
- Encryption
Encryption ensures confidentiality. It is the transformation of data into
a form unreadable by anyone without a secret decryption key. That means no one,
including the person who initiates it, can read the file until it is decrypted.
- SSL (Secure Sockets Layer)
SSL is a program layer created by Netscape for managing the security of message
transmissions in a network. Confidential messages are contained in a program
layer between an application and the Internet's TCP/IP layers.
- SHTTP (Secure HTTP)
SHTTP is a secure protocol over HTTP for identification when entering into
a server. Both the server and the client identify each one using a RSA
public key system. Therefore, SHTTP helps to enhance privacy of the user.
|
