Monday, August 17, 2009

Security Technologies

Security Technologies

To keep secrets we have social security numbers, credit card accounts, Personal Identification Number (PIN) for accessing practically everything with computers to keep records and collect data, the informed person is examining what information has to be shared and what is kept private.

Why Internet is unsecured- The Internet is simply an implementation of protocols, rules of operation or standards that define the way connected computers communicate with each other. Connected systems can even be connected to different types of network but as long as they all run the Internet protocols they will be able to interoperate people who use Internet need easy-to-use interfaces and secure operations have long been missing from Internet protocol suite implementations.

The Internet is definitely an open network. Once data is transmitted beyond organizations network it may be handled by any one of different intermediate computers called routers which make sure the data is delivered to its intended environment.

Network managers and administrators take great care before connecting any corporate systems on Internet, implementing elaborate and extensive filtering system and firewalls.

Application layer
Handles interaction between applications running on communicating systems
Transport layer
Handles connection between processes running on communicating system

Internet layer(best effort layer)
Handles connection between system communication across an inter network

Link layer(network layer)
Handles connection between system communicating across a local area network or other link.
Risks- Some serious risks when we transmit data across the Internet are:
Interception by third party
(some one other than the intended recipient reads mail you send)
Forgery( someone sends mail and signs your name)
Modification(someone intercepts your mail, changes it, and sends it on to its final destination)

Interception of your network traffic is only a problem when we send sensitive information like credit card numbers or e-cash.

Forgery can be a much more serious risk.
The nature of email protocols makes it a relatively simple matter for someone to send a message that appears to be coming from someone else.Another insidious (dangerous) threat is that someone will intercept transmissions, modify them and send them onto their destinations.

Internet security holes- If we are linked through an organizational Internet connection, our system may actually be visible to anyone else connected to the Internet; more likely, though, our organizational Internet connection will sit on the other side of firewall system. Firewall gateways function by hiding organizational systems from the rest of the Internet, while still providing access for approved applications to send and receive data. The larger issue is what happens to your Internet transmissions when they leave or before they arrive at the computer. Anyone with access to the router through which we receive our Internet traffic or the network to which it is connected has the ability to eavesdrop on our sessions. Security depends on the integrity of participating network and system managers as well as on their ability to keep out intruders.
The security risk exists at every inter connection so if you purchase your Internet service from a local reseller chances are that our transmissions get passed from local company to regional company who passes them onto Internet backbones.

A bigger risk- Security methods that use digital signatures and encryption can in general consider secured. Customers must take care in protecting the passwords to their secure commerce services as they would in protecting their own wallets:

· The password should not be easy to guess

· The password should not be written down near the computer from which it will be used.

· The user should not give out the password to anyone, ever

· The user should not leave an active session running on an unattended, unprotected system

· Passwords should be changed periodically










No comments:

Post a Comment