• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  13. 13
  14. 14
  15. 15
  16. 16
  17. 17
  18. 18
  19. 19
  20. 20
  21. 21
  22. 22
  23. 23
  24. 24
  25. 25
  26. 26
  27. 27
  28. 28
  29. 29
  30. 30
  • Level: GCSE
  • Subject: ICT
  • Word count: 6679

Information Security.

Extracts from this document...


Palestine Polytechnic University Department of Administrative Science and Informatics Information Technology Information Security By: Fadi Swate Mohammad A. Amro Mohammad M. Haddad Rana Al-Natsheh Somaya Al-Qwasmeh Presented to: Ms Ahlam Qura' 2004 Introduction What is computer security? Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as "intruders") from accessing any part of your computer system. Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done. What's before applying security ? What resources are we trying to protect? A hacker who compromises or impersonates a host will usually have access to all of its resources; like files, storage devices, phone lines .. etc. and from a practical perspective , some hackers are most interested in busing the identity of the host , not only to reach its dedicated resources but also to have an opportunity to make a link or some connection to other target ,possibly more interesting targets. Other might actually be interested in the data on your machine , weather it is sensitive company material or government secrets. Many enhanced techniques enable the entering your computer although you have a security system. The strength of ones computer security defenses should be suitable to the threat outsiders. So computer security is not a goal it's a means toward a goal that is "Information Security". The last question to be answered before deploying a security is: How much security can be offered? We can spilt the cost in two parts direct financial expenditures such as building a firewall. so as a solution , machines with sensitive files may require extra level of passwords or file encryption , and we will talk about this later in this study. The fact is one or every one wants to protect all such resources , here the obvious answer is to stop attackers at the front door or not let them into the computer system in the first place. ...read more.


Back door and remote administration programs On Windows computers, three tools commonly used by intruders to gain remote access to user computer are BackOrifice, Netbus, and SubSeven. These back door or remote administration programs, once installed, allow other people to access and control user computer. Denial of service Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes user computer to crash or to become so busy processing data that he is unable to use it. In most cases, the latest patches will prevent the attack. Being an intermediary for another attack Intruders will frequently use user computers for attacking other systems user computer is just a convenient tool in a larger attack. Unprotected Windows shares Unprotected Windows networking shares can be used by intruders in an automated way to place tools on Windows-based computers attached to the Internet. Mobile code (Java/JavaScript/ActiveX) There have been some problems with mobile code (e.g. Java, JavaScript, and ActiveX). These are programming languages that let web developers write code that is executed by your web browser. Although the code is generally useful, it can be used by intruders to gather information (such as which web sites you visit) or to run destructive code on your computer. It is possible to disable Java, JavaScript, and ActiveX in your web browser. its recommend that you do so if user are browsing web sites that he are not familiar with or do not trust. Chat clients Internet chat applications, such as instant messaging applications, provide a mechanism for information to be transmitted bi-directionally between computers on the Internet. Because many chat clients allow for the exchange of executable code, they present risks similar to those of email clients. As with email clients, care should be taken to limit the chat client's ability to execute downloaded files. As always, user should be wary of exchanging files with unknown parties. ...read more.


>> Confidentiality (a party to the transaction is assured of the identity of the other part) >> Nonrepudiation ( neither party can deny that the transaction took place) In an SET transaction , the merchant dose not have access to the credit card number because it is encrypted .The merchant forwards the encrypted credit card number to an authorization center , where it is decrypted and the purchase is authorized. This differs from the SSL approach, in the which the merchant has access to the credit card number. Security in e-commerce:- Established encryption methods such as Secure Sockets Layer (SSL), a protocol developed by Netscape Communications Corporation, encode credit card numbers and other information to foil would-be thieves. Shoppers can determine if the site they are using is secure by noting the "secure" icon at the bottom of their browser window. Also, the address bar of Internet browsers will carry the "https" prefix instead of the standard "http" prefix when the site is secured. Nevertheless, some consumers are reluctant to divulge credit card information over the Internet, and this reluctance has hindered the growth of e-commerce. An alternative to credit card information is digital cash, or e-cash. In this arrangement, shoppers pay for a number of virtual credits through a single source, then use those credits as dollars when shopping. After checkout, the online retailer ships the goods to the buyer and adds shipping costs to the purchase price. Few e-commerce sites, however, offer e-cash. Privacy :- In addition to credit card security, many shoppers worry about privacy. To put them at ease, many Internet stores post "privacy statements" that explain their policy of sharing or not sharing customer information with other businesses. This privacy policy may include refusing to give the customer's name and e-mail address to companies that send unsolicited and unwanted commercial e-mail messages, often known as junk mail or spam. The U.S. Congress is considering legislation to force online companies to safeguard the privacy of online shoppers. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Communications section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Communications essays

  1. Peer reviewed

    Describe what meant by terms structured and unstructured information. Explain using the examples, the ...

    4 star(s)

    We use sounds for different reasons and most of them don't have a structured data. Like for an example we have a mobile phone and we use it to text people, ring people and lots more. But when we receive a text there will always be a sound like 'ring,

  2. Peer reviewed

    Digital Security Within the Workplace

    3 star(s)

    letters and numbers in passwords * Easy to remember password Don't: * Don't use first or last name in the password * Don't use silly thing e.g. your partner's name * Don't write your password down on paper * Don't use the same password for all your password needs etc.

  1. Which properties of HTTP waste bandwidth? What is the additional problem using HTTP/1.0 together ...

    HTML is broadly used to describe the content of web pages in the World Wide Web. HTML was designed for standard desktop computers with relatively high performance, a colour high-resolution display, mouse, sound system, and large hard disks. Web pages using the current HTML often ignore these differences in end-systems.

  2. Life in the information age

    The secondary sector is far more complex than first, because quite often, there are several levels in the secondary sector. Businesses want to create employment opportunities and therefore create several stages in the production of a product. They branch out.

  1. My research concerned how the Internet could be used to help people who were ...

    Because Rheingold insists that a virtual community has to be interactive, this term will only cover the NAADV forum, as that is the only part of the Web site that is interactive. In fact, the concept of a 'virtual community' implies that some of the traditional properties of that community are not part of the 'real' world.


    is that you can get too much of it and end up ignoring it because you can't be bothered to read it. Also, the computer system could get a virus attached to an email and bring down the whole system.

  1. Comparing documents

    to write out an invoice they can just fill it in instead of having to type it all out and printing it out again. Coffee Control has just got a text box, which inside it is the receivers address; it is at the top left under the logo.

  2. ICT in a business

    Budgeting, Forecasting, Stock Control management, purchasing, orders. How does ICT help? Far less time needed to do all the necessary tasks. Integrates all the different systems so that they can 'talk' to each other so the people in the finance office can get a picture of all the money that is going out and coming in.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work