4
Technology of Information Security Why everyone should use encryption systems. Ever since the first trade took place there has been fraud. There is whole lot of people on the lookout for making easy money using unfair means, for that is the area of maximum return and of course maximum risk. As increasing numbers of individuals and organizations use the powers of Information and Communication Technology (ICT) the scope for cyber crime increases in direct proportion. The use of the internet is made to transfer large amounts of information and communications that may be of a sensitive nature or have financial ramifications if they reach unauthorised hands. In today’s world, and tomorrows, there is an increasing dependence on e-mail, cellular communications, the internet and computers for accessing, computing and recording of information and data. These are all open to unauthorized access and misuse and even vandalism. As commerce and communications continue to move to computer networks, security is becoming a vital issue. Attacks on network systems and individual computers exploit flaws and vulnerabilities left by the software developers and suppliers. Large scale attacks, such as the I Love You virus highlight such vulnerabilities. Anyone, be it organizations or individuals, is at risk and need to take action to minimise this risk. Invasion of privacy is another threat and this can include the unauthorized access to someone else’s private and confidential communications, Industrial espionage and data harvesting that may be put to use against the interests of the original owner. Computer vandalism is another threat that has become a problem. Vandals may break into a system, not with an interest to make money or some other unauthorized use of the information gathered but for sheer

Privacy Computer

Embed Size (px)

DESCRIPTION

Discusses computer privacy protection issues

Citation preview

Page 1: Privacy Computer

Technology of Information SecurityWhy everyone should use encryption systems.

Ever since the first trade took place there has been fraud. There is whole lot of people on

the lookout for making easy money using unfair means, for that is the area of maximum return

and of course maximum risk. As increasing numbers of individuals and organizations use the

powers of Information and Communication Technology (ICT) the scope for cyber crime

increases in direct proportion. The use of the internet is made to transfer large amounts of

information and communications that may be of a sensitive nature or have financial ramifications

if they reach unauthorised hands.

In today’s world, and tomorrows, there is an increasing dependence on e-mail, cellular

communications, the internet and computers for accessing, computing and recording of

information and data. These are all open to unauthorized access and misuse and even vandalism.

As commerce and communications continue to move to computer networks, security is

becoming a vital issue. Attacks on network systems and individual computers exploit flaws and

vulnerabilities left by the software developers and suppliers. Large scale attacks, such as the I

Love You virus highlight such vulnerabilities. Anyone, be it organizations or individuals, is at

risk and need to take action to minimise this risk.

Invasion of privacy is another threat and this can include the unauthorized access to

someone else’s private and confidential communications, Industrial espionage and data

harvesting that may be put to use against the interests of the original owner. Computer vandalism

is another threat that has become a problem. Vandals may break into a system, not with an

interest to make money or some other unauthorized use of the information gathered but for sheer

Page 2: Privacy Computer

perverse pleasure of causing harm and problems for others. The weaker the safeguards, the easier

it is for such people to break in and lower the risk of their ever getting caught.

Every individual or organization needs to allow access to their systems to some people in

order to make use of the technology in commerce, data transfer and storage. They need to ask

themselves as to how much and what level of security they need to protect themselves and other

people who have access to their system, and most important of all – who can be trusted to set up

that security. If everyone uses a common security system that is trusted and proven this will

make it easier to trust each other and make it less expensive to implement.

Different laws and enactments have been made by States to prevent and punish electronic

security breaches and fraud. However, no law can be a substitute for engineering. The security

provision should be such that it prevents break-in and theft/ vandalism of data. Encryption

systems offer protection against breaches of security while using the internet for communications

and data transfer. Making such communications proof against eavesdropping and resulting

losses. Encryption systems are built around the science of cryptography, a part of the number

theory, and have one purpose, that of ensuring privacy in the use of ICT. Good encryption

systems withstand attacks on the systems, resources and data up to a point where it is becomes

easier to for the attacker to obtain the information from other sources rather than through an

attack on the system guarded by the encryption system. Instead of every individual or

organization developing its own system of security and encryption, that might not be compatible

with others’ systems and thus cause mayhem, there is a need for the development and use of a

common system that provides good protection. Design of good security systems is an art and not

many are adept at it. Such a system will help in making security an affordable and efficient - PGP

is one such system.

Page 3: Privacy Computer

The most widely used system is the TCP/IP which is not very effective; PGP an open

source encryption code is far superior. No system can provide an ironclad guarantee on its

effectiveness, for ways can be found to breach the tightest security, thus a compromise has to be

found between the possible and acceptable.

Pretty Good Privacy (PGP) is a encryption system that uses both public-key cryptography

and symmetric key cryptography, and includes a system that binds the public keys to user

identities (Wikipedia). PGP requires that a receipient must establish a linked key pair, public and

private, and the sender uses the receipients public key to encrypt the message being sent. The

secret key is protected by a password while the public key is not.The receipient deciphers the

message using the private key. Use of two ciphers helps enhance the security of message or

infromation transfer. Data that is encrypted with a public key can only be decrypted by the

matching secret key. This is also used to sign transfers. In order to sign, a hash is taken and

encoded with the secret key, since files encrypted by the secret key can be decoded using the

public key the recipient can then verify that the information is actually from the sender and has

not been tampered with by checking the encoded form of the signature.

PGP is believed to be capable of very high security equalling military level systems with

no known way for anyone to break into areas protected by PGP. PGP protects data in long-term

data storage such as disk files as compared to other systems that only protect data during tranfer.

The earliest versions of PGP have no detected flaw as yet and newer versions have added

encryption algorithms making them even more secure. PGP has the additional benefit of now

being adopted by a large base of user and being compatible with a host of other systems and

software.

Page 4: Privacy Computer

It is known that most electronic fraud takes place by or with the assistance an insider, no

systems can guard against such attacks. Even honest users can cause problems because in their

hurry to get the job done and their desire to keep things simple they overlook security aspects

and this leaves flaws that can then be exploited by an outsider. Any system must be designed

keeping the convenience and the need of the users. Only then will it be able to guard and protect

their systems, resources and data.


Ict competency LU8 Computer Security Privacy and Ethics

Ict competency LU8 Computer Security Privacy and Ethics

Documents
Computer Security and Safety, Ethics, and Privacy

Computer Security and Safety, Ethics, and Privacy

Documents
LAB MANUAL COMPUTER DATA SECURITY & PRIVACY (COMP-324)

LAB MANUAL COMPUTER DATA SECURITY & PRIVACY (COMP-324)

Documents
Simone Bonavita - Contrattualistica e privacy nel cloud computer

Simone Bonavita - Contrattualistica e privacy nel cloud computer

Technology
CS 458 / 658 Computer Security and Privacy Operating

CS 458 / 658 Computer Security and Privacy Operating

Documents
CSE 484 : Computer Security and Privacy Software Security

CSE 484 : Computer Security and Privacy Software Security

Documents
CS 683 Computer Security and Privacy

CS 683 Computer Security and Privacy

Documents
15-744: Computer Networking L-23 Privacy. 2 Overview Routing privacy Web Privacy Wireless Privacy

15-744: Computer Networking L-23 Privacy. 2 Overview Routing privacy Web Privacy Wireless Privacy

Documents
Quantifying Location Privacy - IEEE Computer Society's Technical

Quantifying Location Privacy - IEEE Computer Society's Technical

Documents
Security, Privacy, and Ethics Online Computer Crimes

Security, Privacy, and Ethics Online Computer Crimes

Documents
End-User Privacy in Human–Computer Interaction

End-User Privacy in Human–Computer Interaction

Documents
COMPUTER SAFETY SECURITY & PRIVACY DIGITAL LITERACY B. SIMS

COMPUTER SAFETY SECURITY & PRIVACY DIGITAL LITERACY B. SIMS

Documents
CS 458 / 658 Computer Security and Privacy

CS 458 / 658 Computer Security and Privacy

Documents
Computer forensics law and privacy

Computer forensics law and privacy

Technology
Computer Security and Privacy - Cryptography, Security, and

Computer Security and Privacy - Cryptography, Security, and

Documents
Super billing computer ethics, privacy and security

Super billing computer ethics, privacy and security

Business
Computer Security and Safety, Ethics & Privacy

Computer Security and Safety, Ethics & Privacy

Education
15-744: Computer Networking L-25 Privacy. 2 Overview Routing privacy Web Privacy Wireless Privacy

15-744: Computer Networking L-25 Privacy. 2 Overview Routing privacy Web Privacy Wireless Privacy

Documents
Chapter 10 Computer Security, Ethics, and Privacy

Chapter 10 Computer Security, Ethics, and Privacy

Documents
CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Documents
Privacy and Computer-Based Information Systems. - Program on

Privacy and Computer-Based Information Systems. - Program on

Documents
CSCI-235 Micro-Computer in Science Privacy & Security

CSCI-235 Micro-Computer in Science Privacy & Security

Documents
1 Computer & Web Security Security Problems in Computer Use Privacy-Protecting Techniques Privacy-Protecting Technologies: cryptography, digital

1 Computer & Web Security Security Problems in Computer Use Privacy-Protecting Techniques Privacy-Protecting Technologies: cryptography, digital

Documents
Security and Privacy in Computer Systems. - RAND Corporation

Security and Privacy in Computer Systems. - RAND Corporation

Documents
The Algorithmic Foundations of Data Privacy - Computer

The Algorithmic Foundations of Data Privacy - Computer

Documents
App Privacy - jamesokeefe.org · James O’Keefe Captain, Massachusetts Pirate Party … won’t make you walk the plank Testing computer software since 1990 Teaching computer privacy

App Privacy - jamesokeefe.org · James O’Keefe Captain, Massachusetts Pirate Party … won’t make you walk the plank Testing computer software since 1990 Teaching computer privacy

Documents
Chapter 11 Computer Security, Ethics and Privacy

Chapter 11 Computer Security, Ethics and Privacy

Documents
Privacy Preserving Data Mining - Computer Science Department, Technion

Privacy Preserving Data Mining - Computer Science Department, Technion

Documents
CSE 484 : Computer Security and Privacy

CSE 484 : Computer Security and Privacy

Documents
(Privacy) Ordinance - The Hong Kong Computer Society

(Privacy) Ordinance - The Hong Kong Computer Society

Documents