РефератыИностранный языкInInternet Security Essay Research Paper Internet SecurityMany

Internet Security Essay Research Paper Internet SecurityMany

Internet Security Essay, Research Paper


Internet Security


Many people today are familiar with the Internet and its use. A large


number of its users however, are not aware of the security problems they face


when using the Internet. Most users feel they are anonymous when on-line, yet


in actuality they are not. There are some very easy ways to protect the user


from future problems.


The Internet has brought many advantages to its users but has also


created some major problems. Most people believe that they are anonymous when


they are using the Internet. Because of this thinking, they are not careful


with what they do and where they go when on the “net.” Security is a major


issue with the Internet because the general public now has access to it. When


only the government and higher education had access, there was no worry about


credit card numbers and other types of important data being taken. There are


many advantages the Internet brings to its users, but there are also many


problems with the Internet security, especially when dealing with personal


security, business security, and the government involvement to protect the users.


The Internet is a new, barely regulated frontier, and there are many


reasons to be concerned with security. The same features that make the Internet


so appealing such as interactivity, versatile communication, and customizability


also make it an ideal way for someone to keep a careful watch on the user


without them being aware of it (Lemmons 1). It may not seem like it but it is


completely possible to build a personal profile on someone just by tracking them


in cyperspace. Every action a person does while logged onto the Internet is


recorded somewhere (Boyan, Codel, and Parekh 3).


An individual’s personal security is the major issue surrounding the


Internet. If a person cannot be secure and have privacy on the Internet, the


whole system will fail. According to the Center for Democracy and Technology


(CDT), any website can find out whose server and the location of the server a


person used to get on the Internet, whether his computer is Windows or DOS based,


and also the Internet browser that was used. This is the only information that


can be taken legally. However, it can safely be assumed that in some cases much


more data is actually taken (1). These are just a few of the many ways for


people to find out the identity of an individual and what they are doing when


on the Internet.


One of the most common ways for webmasters to find out information about


the user is to use passive recording of transactional information. What this


does is record the movements the user had on a website. It can tell where the


user came from, how long he stayed, what files he looked at, and where he went


when he left. This information is totally legal to obtain, and often the


webmaster will use it to see what parts of his site attracts the most attention.


By doing this, he can improve his site for the people that return often (Boyan,


Codel, and Parekh 2).


There is a much more devious way that someone can gain access to


information on a user’s hard-drive. In the past, the user did not need to be


concerned about the browser he used; that changed when Netscape Navigator 2.0


was introduced. Netscape 2.0 takes advantage of a programming language called


Java. Java uses the browser to activate programs to better enhance the website


the user was viewing. It is possible for someone to write a program using Java


that transfers data from the user’s computer back to the website without the


user ever being aware of anything being taken. Netscape has issued new releases


that fix some but not all of the two dozen holes in the program (Methvin 3).


Many people do not realize that they often give information to websites


by doing something called direct disclosure. Direct disclosure is just that,


the user gives the website information such as their e-mail address, real


address, phone number, and any other information that is requested. Often, by


giving up information, a user will receive special benefits for “registering”


such as a better version of some software or being allowed into “member only


areas” (Boyan, Codel, and Parekh 2).


E-mail is like a postcard. E-mail is not like mailing a letter in an


envelope. Every carrier that touches that e-mail can read it if they choose.


Not only can the carriers see the message on the e-mail, but it can also be


electronically intercepted and read by hackers. This can all be done without the


sender or the receiver ever knowing anything had happened (Pepper 1). E-mail is


the most intriguing thing to hackers because it can be full of important data


from secret corporate information to credit card numbers (Rothfeder, “Special


Reports” 2).


The only way to secure e-mail is by encryption. This makes an envelope


that the hacker cannot penetrate. The downside to using encryption on a huge


network like the Internet is that both users must have compatible software


(Rothfeder, “Special Reports” 2). A way to protect a persons e-mail is to use


an autoremailer. This gives the sender a “false” identity which only the


autoremailer knows, and makes it very difficult to trace the origin of the e-


mail (Boyan, Codel, and Parekh 4).


Another but more controversial way of gathering data is by the use of


client-side persistent information or “cookie” (Boyan, Codel, and Parekh 2).


Cookies are merely some encoded data that the website sends to the browser when


the user leaves the site. This data will be retrieved when the user returns at


a later time. Although cookies are stored on the user’s hard-drive, they are


actually pretty harmless and can save the user time when visiting a web site


(Heim 2).

r />

Personal security is an important issue that needs to be dealt with but


business security is also a major concern. “An Ernst and Young survey of 1271


companies found that more than half had experienced computer-related break-ins


during the past two years; 17 respondents had losses over $1 million” (”November


1995 Feature”). In a survey conducted by Computer Security and the FBI, 53


percent of 428 respondents said they were victims of computer viruses; 42


percent also said that unauthorized use of their systems had occurred within the


last 12 months (Rothfeder, “November 1996 Feature” 1).


While electronic attacks are increasing more rapidly than any other kind, a


large number of data break-ins are from the inside. Ray Jarvis, President of


Jarvis International Intelligence, says “In information crimes, it’s not usually


the janitor who’s the culprit. It’s more likely to be an angry manager who’s


already looking ahead to another job”(Rothfeder, “November 1996 Feature” 3).


While electronic espionage is increasing, so is the ability to protect


computer systems. “The American Society for Industrial Security estimates that


high-tech crimes, including unreported incidents, may be costing U.S.


corporations as much as $63 billion a year” (Rothfeder, “November 1996 Featuer”


1).


There are many ways for businesses to protect themselves. They can use a


variety of techniques such as firewalls and encryption.


Firewalls are one of the most commonly used security devices. They are


usually placed at the entrance to a network. The firewalls keep unauthorized


users out while admitting authorized users only to the areas of the network to


which they should have access. There are two major problems with firewalls, the


first, is that they need to be installed at every point the system comes in


contact with other networks such as the Internet (Rothfeder, “November 1996


Feature” 5). The second problem is that firewalls use passwords to keep


intruders out. Because of this, the firewall is only as good as the


identification scheme used to log onto a network (Rothfeder, “November 1996


Feature” 2).


Passwords, a major key to firewalls, are also the most basic of security


measures. The user should avoid easily guessable passwords such as a child’s


name, birthdate, or initials. Instead, he should use cryptic phrases and


combine the use of small and capitalized letters such as “THE crow flys AT


midnight”. Another easy way to avoid problems is to change the password or


phrase at least once a month (Rothfeder, “November 1996 Feature” 5).


Just in case an intruder does get through the first layer of security, a


good backup is to have all the data on the system encrypted. Many browsers come


with their own encryption schemes, but companies can buy their own stand-alone


packages as well. Most encryption packages are based on a public-private key


with their own private encryption key to unlock the code for a message and


decipher it. Encryption is the single best way to protect data from being read,


if stolen, and is rather cost effective (Rothfeder, “November 1996 Feature”5).


Businesses need protection but they cannot do it alone. The Federal


government will have to do its part if the Internet is going to give us all the


returns possible. Businesses will not use the Internet if they do not have


support from the government.


In the United States there is no set of laws that protect a person’s


privacy when on the Internet. The closest rules that come to setting a standard


of privacy is an assortment of laws beginning with the Constitution and


continuing down to local laws. These laws unfortunately, are not geared for


the Internet. These laws are there only to protect a person’s informational


privacy (Boyan, Codel, and Parekh 3).


Now, because of the booming interest and activity on the Internet in both


the personal and the business level, the government has started investigating


the Internet and working on ways to protect the users.


The Federal Bureau of Investigation (FBI), the Central Intelligence Agency


(CIA), and the National Security Agency have all devoted small units to fighting


computer security crimes. After Senate hearings, the Justice Department


proposed that a full-time task force be set up to study the vulnerability of


the nations informational infrastructure. This would create a rapid-response


team for investigating computer crimes. They also proposed to require all


companies to report high-tech break-ins to the FBI (Rothfeder, “November 1996


Feature” 4).


Security for the Internet is improving, it is just that the usage of the


Internet is growing much faster. Security is a key issue for every user of the


Internet and should be addressed before a person ever logs on to the “net”. At


best, all users should have passwords to protect themselves, any businesses need


to put up firewalls at all points of entry. These are low cost security


measures which should not be over looked in a possible multi-billion dollar


industry.


Works Cited


Boyan, Justin and Eddie Codel and Sameer Parekh. Center for Democracy and


Technology Web Page. Http://www.13x.com/cgi-bin/cdt/snoop.pl accessed


January 26, 1997: 1-4.


Heim, Judy. “Here’s How.” PC World Online January 1997: 1-3.


Methvin, David W. “Safety on the Net.” Windows Magazine Online (1996): 1-9.


Lemmons, Phil. “Up Front.” PC World Online February 1997: 1-2.


November, 1995 Feature PC World Online November 1995 1-3.


Pepper, Jon. “Better Safe Than Sorry.” PC World Online October 1996: 1-2


Rothfeder, Jeffrey. “February 1997 Special Report.” PC World Online February


1997: 1-6


Rothfeder, Jeffrey. “November 1996 Features.” PC World Online November 1996: 1-


-6

Сохранить в соц. сетях:
Обсуждение:
comments powered by Disqus

Название реферата: Internet Security Essay Research Paper Internet SecurityMany

Слов:2059
Символов:13656
Размер:26.67 Кб.